Practice Exam:
https://awslagi.com/vmware-cloud-foundation-specialist-5v0-31-22-part-1
https://awslagi.com/vmware-cloud-foundation-specialist-5v0-31-22-part-2
https://awslagi.com/vmware-cloud-foundation-specialist-5v0-31-22-part-3

Q1. An administrator is tasked with changing the password of the SDDC Manager super user account in a newly installed VCF environment. Which method must the administrator use to complete this task?

A. 1. SSH in to the SDDC Manager VM using the vcf user account.
2. Switch to the root user.
3. Enter the passwd vcf command.
4. Enter and retype the new password.
B. 1. Log in to SDDC manager UI as a user with the ADMIN role.
2. Go to Administration > Security > Password Management.
3. Select the SDDC Manager account from the component drop-down menu.
4. Click Rotate Now button.
C. 1. Log in to the SDDC manager UI as a user with the ADMIN role.
2. Go to Developer Center > API Explorer.
3. Expand APIs for managing users.
4. Update password for roof user.
D. 1. SSH in to the SDDC Manager VM using the vcf user account.
2. Switch to the root user.
3. Enter the passwd admin command.
4. Enter and retype the new password.

Q2. Which action(s) can a developer perform on Kubernetes storage classes that are mapped from the VM Storage Policies?

A. Access Only
B. Access and Modify
C. Access, Modify, and Delete
D. Access, Create, and Delete

Q3. A VMware Cloud Foundation administrator created a Tanzu Namespace in one of the workload domains. Which two functions related to permissions can be performed on the newly created Namespace? (Choose two.)

A. Add permissions to local vSphere with Tanzu users only.
B. Permissions can be set to either view or edit.
C. Add a custom role to create more granular permissions.
D. Add permissions only from the vSphere.local domain.
E. Add permissions to users from vCenter Single Sign-On identity sources.

Q4. Which two tools can be used to create custom ESXi ISO images when preparing for the VMware Cloud Foundation bring-up process? (Choose two.)

A. vRealize Suite Lifecycle Manager
B. VMware Imaging Appliance
C. vSphere Lifecycle Manager
D. PowerCLI
E. SSH

Q5. VCF design workshops have been conducted, and the architect collected the following customer requirements for the newly planned VCF infrastructure:

• The new VCF infrastructure is targeting two zones: DEV/UAT and DMZ.
• The infrastructure team requested that the number of management components be minimized as much as possible.
• Eight hosts should be ordered for the DEV/UAT environment.
• Four hosts should be ordered for the DMZ environment.
• The DEV/UAT workloads must comply with an erasure coding vSAN storage policy and have the ability to tolerate the failure of two hosts.

Which workload domain sizing will be required to achieve these requirements?

A. 12-hosts workload domain for both zones, having an 8-hosts DEV/UAT cluster, and a 4-hosts DMZ cluster
B. 8-hosts DEV/UAT workload domain, having an 8-hosts DEV/UAT cluster, and a 4-hosts DMZ workload domain, having a 4-hosts DMZ cluster
C. 8-hosts DEV/UAT workload domain, having a 4-hosts DEV cluster, and a 4-hosts UAT cluster, in addition to a 4-hosts DMZ workload domain, having a 4-hosts DMZ cluster
D. 12-hosts workload domain for both zones, having a 4-hosts DEV cluster, a 4-hosts UAT cluster, and a 4-hosts DMZ cluster

Q6. Which two configurations are validated during the VMware Cloud Foundation bring-up process? (Choose two.)

A. Network Configuration validation
B. Network Connectivity validation
C. Stretched Cluster validation
D. Cloud Builder Log Configuration validation
E. NSX Edge validation

Q7. What is a valid procedure to replace an expired vSAN license in a VMware Cloud Foundation environment?

A. 1. Add a new vSAN license to the SDDC Manager and vCenter Server.
2. Reassign the vSAN license to the cluster in the vCenter Server.
3. Remove the expired vSAN license from the SDDC Manager and vCenter Server.
B. 1. Add a new vSAN license to the vCenter Server.
2. Connect to SDDC Manager via SSH, and then restart Lifecycle Management using systemctl restart lcm.
3. Verify in the vCenter Server whether a new vSAN license has been assigned to the cluster.
C. 1. Add a new vSAN license to the SDDC Manager.
2. Connect to SDDC Manager via SSH, and then restart Domain Manager using systemctl restart domainmanager.
3. Verify in the SDDC Manager whether a new vSAN license has been assigned to the cluster.
D. 1. Add a new vSAN license to the SDDC Manager.
2. Reassign the vSAN license to the cluster in the SDDC Manager.
3. Remove the expired vSAN license from the SDDC Manager.

Q8. A systems administrator needs to apply a custom ESXi image to a host using VMware Imaging Appliance (VIA). Which statement is correct when preparing a host for imaging?

A. VIA service does not support UEFI boot mode.
B. PXE Boot must be configured as the second boot option.
C. Onboard NICs should be enabled on the server.
D. VMware Cloud Builder appliance must be deployed in a tagged VLAN/Network.

Q9. Which component is upgraded when using the SDDC Manager management domain upgrade workflow in VMware Cloud Foundation?

A. Workload Domain vCenter Server
B. VMware Cloud Builder
C. VMware NSX-T Manager nodes
D. VMware vRealize Network Insight

Q10. Which type of IP subnets are required when enabling Workload Management in VMware Cloud Foundation?

A. Non-routable subnets for pod networking and Service IP addresses, routable subnets for ingress and egress
B. Routable subnets for pod networking, Service IP addresses, ingress and egress
C. Routable subnets for pod networking and Service IP addresses, non-routable subnets for ingress and egress
D. Non-routable subnets for pod networking, Service IP addresses, ingress and egress

Q11. Which two options are only available when using vSphere Lifecycle Manager Images? (Choose two.)

A. Upgrade VM Hardware Compatibility versions.
B. Check the hosts and clusters against the vSAN Hardware Compatibility List.
C. Upgrade and patch ESXi hosts.
D. Update the firmware of all ESXi hosts in a cluster.
E. Install and update third-party software on all ESXi hosts in a cluster.

Q12. An administrator is tasked with deploying a new VI Workload Domain into an existing VMware Cloud Foundation environment. Which three initial shared storage types are supported? (Choose three.)

A. vVols
B. NFS v3
C. NFS v4.1
D. vSAN
E. SMB 3.0
F. VMFS on iSCSI

Q13. An administrator is tasked with enabling workload management for a VMware Cloud Foundation Management Workload Domain.
This set of requirements was collected during the design workshops:
Developers should be able to utilize vSphere Pods feature.
Embedded harbor registry feature should be supported.
Developers need to utilize persistent volumes across multiple provisioned vSphere Pods.
Which three actions will meet the requirements for this deployment? (Choose three.)

A. Configure NSX Advanced Load Balancer.
B. Enable vSphere HA and DRS in partially-automated mode.
C. Configure NSX-T Networking.
D. Enable vSphere HA and DRS in fully-automated mode.
E. Configure HA Proxy.
F. Enable vSAN File Services.

Q14. The architect of a multi-site VMware Cloud Foundation solution is tasked with ensuring that the prerequisites for vSAN data at rest encryption have been achieved. The existing design calls for use of the vSphere Native Key Provider. NSX-T is configured with Federation, and both sites benefit from a stretched T0 and T1 network topology. A new security policy requires the use of vSphere Virtual Machine encryption, in addition to the at-rest encryption already configured. During a failover test from Site-A to Site-B using Site Recovery Manager, the virtual machines were unable to power-on.
How does the design need to be changed to support the new requirement?

A. Ensure that a TPM 2.0 certified module is installed on all ESXi hosts at Site-B.
B. Use a third-party KMS solution at each site.
C. Use a third-party KMS solution that allows for key replication.
D. Ensure that the Site Recovery Manager service account has Cryptographer.ReadKeyServersInfo privileges.

Q15. A service provider has a number of VMware Cloud Foundation workload domains and would like to sell Tanzu Namespaces as a managed service. Which two functions will help the service provider with Tanzu resource management? (Choose two.)

A. Separate NSX-T instances
B. Resource Limits
C. Container Network Interfaces
D. Resource Pools
E. Object Limits

Q16. What are the correct steps to grant the DevOps team permissions to a vSphere Namespace in a VMware Cloud Foundation (VCF) developer-ready workload domain while following the principle of least privilege access?

A. At the Permissions setting, add the DevOps group and assign the “Editor” permission
B. At the Global Permissions setting, add the DevOps group and assign the vSphere Kubernetes Manager role
C. At the Global Permissions setting, add the DevOps group and assign the SupervisorService Cluster Operator role
D. At the Permissions setting, add the DevOps group and assign the “Can edit” permission

Q17. An administrator is leveraging existing ESXi hosts to deploy a VMware Cloud Foundation (VCF) environment. What are two of the minimum requirements for this deployment? (Choose two.)

A. Each host needs to have at least two available NICs.
B. A minimum of three VCF ready-nodes are required.
C. Host’s CPU needs to be on the Hardware Compatibility List.
D. Hosts should have a configured Virtual Distributed Switch.
E. Each host needs to have at least one available NIC.

Q18. Which two roles are played by a Spherelet in a Tanzu-enabled VCF workload domain? (Choose two.)

A. It starts and monitors vSphere pods running on the workload domain cluster.
B. It communicates with the vSphere with Tanzu embedded Harbor registry.
C. It runs as a VIB on all Supervisor Cluster ESXi hosts configured with the vSphere Networking Stack.
D. It enables an ESXi hypervisor to act as a Kubernetes master node.
E. It enables an ESXi hypervisor to act as a Kubernetes worker node.

Q19. An administrator needs to upgrade the current VMware Cloud Foundation (VCF) environment from version 4.1 to 4.3, knowing that the environment does not have direct access to the internet. Which steps should be performed to download the online bundles?

A. 1. Setup a proxy server.
2. Define the credentials to access the proxy server.
3. Allow bidirectional traffic on the firewall.
B. 1. Setup a proxy server.
2. Configure the proxy in SDDC Manager.
3. Restart the LCM service.
C. 1. Setup a proxy server.
2. Define the credentials to access the proxy server.
3. Configure the proxy server in vSphere Lifecycle Manager (vLCM).
4. Restart vSphere Lifecycle Manager (vLCM).
D. 1. Setup a proxy server.
2. Define the credentials to access the proxy server.
3. Allow bidirectional traffic on the firewall.
4. Configure the proxy server in SDDC Manager.

Q20. A VMware Cloud Foundation administrator is required to enable Workload Management (vSphere with Tanzu) on an existing workload domain cluster, which is currently licensed with a vSphere Enterprise Plus license. Which action, if any, is required to complete this task?

A. Add a license for vSphere with Tanzu with sufficient CPU capacity to both the SDDC Manager and vCenter Server, and then assign the license to the cluster in vCenter Server.
B. Add a license for vSphere with Tanzu with sufficient CPU capacity to the SDDC Manager inventory, and then assign the license to the cluster in SDDC Manager.
C. No action is required since the vSphere Enterprise Plus license supports vSphere with Tanzu.
D. No action is required since SDDC Manager licenses include an entitlement for vSphere with Tanzu.