nerdexam
Broadcom-VMware

2V0-622 · Question #23

Which password meets ESXi 6.x host password requirements?

The correct answer is A. 8kMVnn2x!. ESXi 6.x uses pam_passwdqc for password validation, which requires at least 7 characters and characters from at least 3 character classes, and specifically excludes a leading uppercase letter and a trailing digit from counting toward class diversity.

Section 1 – Configure and Administer vSphere 6.5 Security

Question

Which password meets ESXi 6.x host password requirements?

Options

  • A8kMVnn2x!
  • BzNgtnJBA2
  • CNvgt34kn44
  • D!b74wr

How the community answered

(26 responses)
  • A
    92% (24)
  • B
    4% (1)
  • D
    4% (1)

Why each option

ESXi 6.x uses pam_passwdqc for password validation, which requires at least 7 characters and characters from at least 3 character classes, and specifically excludes a leading uppercase letter and a trailing digit from counting toward class diversity.

A8kMVnn2x!Correct

8kMVnn2x! is 9 characters and contains four effective character classes - digit (8, 2), uppercase (M, V), lowercase (k, n, n, x), and special (!); because the first character is a digit rather than an uppercase letter, no class exclusion applies, and the password meets all ESXi 6.x pam_passwdqc requirements.

BzNgtnJBA2

zNgtnJBA2 ends with a digit (2), which pam_passwdqc excludes from the digit class count, leaving only uppercase and lowercase as effective classes - two classes - which fails the three-class minimum enforced by the default min=disabled,disabled,disabled,7,7 policy.

CNvgt34kn44

Nvgt34kn44 starts with an uppercase letter (N), which pam_passwdqc excludes from the uppercase class count, and ends with a digit (4) that is also excluded, leaving only lowercase letters and interior digits as two effective classes, which fails the three-class minimum.

D!b74wr

!b74wr is only 6 characters, which is below the ESXi 6.x minimum of 7 characters required by the pam_passwdqc default configuration, so it fails on length alone regardless of character class composition.

Concept tested: ESXi 6.x pam_passwdqc password complexity and class exclusion rules

Source: https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.security.doc/GUID-DC96FFDB-F5F2-43EC-8C73-05ACDAE6BE43.html

Topics

#ESXi password policy#password complexity#host authentication#password requirements

Community Discussion

No community discussion yet for this question.

Full 2V0-622 Practice