nerdexam
Broadcom-VMware

2V0-622 · Question #33

An administrator is configuring the clock tolerance for the Single Sign-On token configuration policy and wants to define the time skew tolerance between a client and the domain controller clock. Whic

The correct answer is A. Milliseconds. VMware vCenter SSO clock tolerance is configured in milliseconds, defining the acceptable time skew between a client and the domain controller for token validation.

Section 1 – Configure and Administer vSphere 6.5 Security

Question

An administrator is configuring the clock tolerance for the Single Sign-On token configuration policy and wants to define the time skew tolerance between a client and the domain controller clock. Which time measurement is used for the value?

Options

  • AMilliseconds
  • BSeconds
  • CMinutes
  • DHours

How the community answered

(45 responses)
  • A
    91% (41)
  • B
    4% (2)
  • C
    2% (1)
  • D
    2% (1)

Why each option

VMware vCenter SSO clock tolerance is configured in milliseconds, defining the acceptable time skew between a client and the domain controller for token validation.

AMillisecondsCorrect

In the vCenter Single Sign-On token configuration policy, the clock tolerance field that specifies the allowable time skew between a client and a domain controller uses milliseconds as its unit of measurement. The default value is 600000 milliseconds (10 minutes), and this fine-grained unit allows precise control over the synchronization window required for SAML token acceptance.

BSeconds

Seconds are not the unit used in the SSO token policy clock tolerance field - the UI and API both accept and store this value in milliseconds.

CMinutes

Minutes are not the direct input unit for this field - although the default tolerance equates to 10 minutes, the value must be entered as milliseconds in the configuration.

DHours

Hours are not used for this setting - such a coarse unit would be inappropriate for the precision required in token time-window validation.

Concept tested: vCenter SSO token policy clock tolerance unit of measurement

Source: https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.authentication.doc/GUID-B23B1360-8838-4FF2-B074-71643C4CB040.html

Topics

#SSO token policy#clock tolerance#time skew#Single Sign-On configuration

Community Discussion

No community discussion yet for this question.

Full 2V0-622 Practice