2V0-622 Question #24: Real Exam Question with Answer & Explanation

Question

Options

• Aretry=3 min=disabled, disabled, 7, 21, 7 passphrase=2
• Bretry=3 min=disabled, disabled, 21, 7, 7 passphrase=2
• Cretry=3 min=disabled, disabled, 2, 21, 7
• Dretry=3 min=disabled, disabled, 21, 21, 2

Explanation

ESXi 6.x passphrase configuration relies on pam_passwdqc, where the third positional value in the min parameter (N2) sets the minimum passphrase character length and the separate passphrase option sets the minimum word count.

Common mistakes.

• A. min=disabled,disabled,7,21,7 places 7 in the N2 (passphrase length) position and 21 in the N3 (3-class regular password) position, meaning passphrases only need 7 characters rather than the required 21.
• C. min=disabled,disabled,2,21,7 places 2 in the N2 position, setting minimum passphrase length to only 2 characters instead of 21, and the option also omits the required passphrase= keyword that controls the minimum word count.
• D. min=disabled,disabled,21,21,2 places the value 2 in the N4 position (minimum length for 4-class passwords) rather than using the dedicated passphrase= keyword, so the word count requirement for passphrases is never correctly configured.

Concept tested. ESXi pam_passwdqc passphrase min length and word count configuration

Reference. https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.security.doc/GUID-E9D37923-7F04-4E4D-9B5C-8D9B93F78E4F.html

No community discussion yet for this question.