Transcription
VCP-DCV for vSphere 7.x(Exam 2V0-21.20)Official Cert GuideJohn A. Davis, Steve Baca, Owen ThomasA01 Baca FM p00i-pliii.indd 120/01/21 8:58 PM
VCP-DCV for vSphere 7.x (Exam 2V0-21.20) Official Cert GuideCopyright 2021 by Pearson Education, Inc.EDITOR-IN-CHIEFMark TaubDIRECTOR, ITP PRODUCTMANAGEMENTPublished by Pearson Education, Inc.Brett BartowAll rights reserved. No part of this book shall be reproduced, stored in a retrievalsystem, or transmitted by any means, electronic, mechanical, photocopying,recording, or otherwise, without written permission from the publisher. Nopatent liability is assumed with respect to the use of the information containedherein. Although every precaution has been taken in the preparation of this book,the publisher and author assume no responsibility for errors or omissions. Noris any liability assumed for damages resulting from the use of the information contained herein.EXECUTIVE EDITORISBN-10: 0-13-589819-6ISBN-13: 978-0-13-589819-2ScoutAutomatedPrintCodeLibrary of Congress Control Number: 2020923071Nancy DavisTECHNICAL EDITORJoseph CooperDEVELOPMENT EDITOREllie BruMANAGING EDITORSandra SchroederPROJECT EDITORMandie FrankCOPY EDITORKitty WilsonPROOFREADERTrademarksAll terms mentioned in this book that are known to be trademarks or s ervicemarks have been appropriately capitalized. Pearson IT Certification cannot attestto the accuracy of this information. Use of a term in this book should not beregarded as affecting the validity of any trademark or service mark.Betty PessagnoWarning and DisclaimerEvery effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information provided is onan “as is” basis. The author and the publisher shall have neither liability norresponsibility to any person or entity with respect to any loss or damages arisingfrom the information contained in this book.DESIGNERINDEXERErika MillenEDITORIAL ASSISTANTCindy TeetersChuti PrasertsithCOMPOSITORcodeMantraSpecial SalesFor information about buying this title in bulk quantities, or for special salesopportunities (which may include electronic versions; custom cover designs;and content particular to your business, training goals, marketing focus, orbranding interests), please contact our corporate sales department atcorpsales@pearsoned.com or (800) 382-3419.For government sales inquiries, please contact governmentsales@pearsoned.com.For questions about sales outside the U.S., please contact intlcs@pearson.com.A01 Baca FM p00i-pliii.indd 220/01/21 8:58 PM
CreditsA01 Baca FM p00i-pliii.indd 3FigureAttribution/Credit LineChapter OpenerCharlie Edwards/Photodisc/Getty ImagesFigure 3-2, Figure 3-4vSphere Networking GuideFigure 5-1, Figure 5-2,Figure 5-3, Figure 5-4,Figure 8-1, Figure 10-1,Figure 10-2, Figure 10-3,Figure 10-4VMware Hands on LabFigure 13-1, Figure 13-2Screenshot from VMware Hands on Labs20/01/21 8:58 PM
We Want to Hear from You!As the reader of this book, you are our most important critic and commentator. Wevalue your opinion and want to know what we’re doing right, what we could do better, what areas you’d like to see us publish in, and any other words of wisdomyou’re willing to pass our way.We welcome your comments. You can email or write us directly to let us know whatyou did or didn’t like about this book—as well as what we can do to make our booksbetter.Please note that we cannot help you with technical problems related to the topic of this book.When you write, please be sure to include this book’s title and author as well as yourname, email address, and phone number. We will carefully review your commentsand share them with the author and editors who worked on the book.Email:A01 Baca FM p00i-pliii.indd 4www.informit.com20/01/21 8:58 PM
DedicationsDedicated to Madison, Emma, Jaxon, Ethan, Eli, and Robbie, the six wonderful childrento whom I am blessed to be known as “Grampy.” They fill my days with joy and fun,especially after a hard day of writing or working for their namesake, MEJEER, LLC.—John DavisFirst and foremost, I would like to dedicate this book to my loving wife, Sharyl. Withoutyour support, I would not be able to commit the time necessary to co-author a book.Thank you for believing in me and allowing me to have the time for my manyendeavors. I would also like to dedicate this book to my children: Zachary,Brianna, Eileen, Susan, Keenan, and Maura.—Steve BacaI would like to dedicate this book to my wife, Angela, and our daughter, Emma.May it be a reminder of pushing for bigger and brighter things in life. I love youboth with all of my heart.—Owen ThomasA01 Baca FM p00i-pliii.indd 520/01/21 8:58 PM
About the AuthorsJohn A. Davis, now an independent contractor and senior integration architectat MEJEER, LLC, became a VMware Certified Instructor (VCI) and VMware Certified Professional (VCP) in 2004. Since then, all of his work has focused onVMware-based technologies. He has experience in teaching official VMware curriculum in five countries and delivering VMware professional services throughoutthe United States. Recently, his work has involved designing and implementingsolutions for hybrid clouds, cloud automation, disaster recovery, and virtual desktop infrastructure (VDI). He has authored several white papers and co-authored VCP6-DCV Cert Guide and VCAP5-DCA Cert Guide (VMware Press). He holds several advanced certifications, including VCIX6-DCV, VCAP5-DTD,VCAP5-CID, and VCIX6-NV. He has been a vExpert since 2014. He is the authorof the vLoreBlog.com and can be found on Twitter @johnnyadavis.Steve Baca, VCAP, VCI, VCP, and NCDA, has been in the computer industry formore than 20 years. Originally a computer programmer and a system administrator working on Unix and Windows systems, he migrated over to technical trainingand wrote a course for Sun Microsystems. After teaching various courses for Sun,he eventually transitioned to VMware about 10 years ago, to do technical training.Currently he is a badged employee for VMware and lives in Omaha, Nebraska. Hethoroughly enjoys teaching and writing and believes that the constant evolution ofthe computer industry requires continuously learning to stay ahead. Steve can befound on Twitter @scbaca1.Owen Thomas holds a number of VMware certifications and has taught more than400 authorized VMware classes for vSphere, Horizon, vCloud, and vRealize products. He has operated as a VMware Solutions Provider and performed a number ofVMware partner services for customers across the United States.A01 Baca FM p00i-pliii.indd 620/01/21 8:58 PM
About the ReviewerJoseph Cooper is a Principal Instructor and a member of America’s Tech LeadTeam with VMware’s Education Department. Joe has spoken at several VMworldconferences, VMUG events, and vForum events, and is a featured instructor in theVMware Learning Zone. Prior to joining VMware, Joe was an instructor at the StateUniversity of New York, College at Cortland, where he taught technology coursesto Sport Management and Kinesiology students.You can find him on Twitter @joeicooper and on the newly launched YouTube channel Sg.A01 Baca FM p00i-pliii.indd 720/01/21 8:58 PM
AcknowledgmentsThanks to my wife and best friend, Delores, who tolerates my late-night writing,supports my recent business venture, and makes me happy every day. Thanks to myparents, Monica and Norman Davis, who provided me with a great education andtaught me the importance of hard work. Thanks to God for placing me in an environment with unmeasurable blessings and opportunities.I would like to thank my co-authors and partners, Steve Baca and Owen Thomas.Thanks to our technical editor, Joe Cooper, for his hard work and dedication. Special thanks to Nancy Davis (executive editor) and Ellie Bru (development editor) forcoordinating everything and keeping this project moving.—John DavisThere are so many people to acknowledge and thank for making this book possible.First, thanks to my wife and family for supporting me while writing this book. Iwould also like to thank my fellow co-authors, John Davis and Owen Thomas, whodeserve much of the credit for this book. Thank you to the production team and editors at Pearson, who do a tremendous amount of work from the initial planning ofthe book to the final printing.—Steve BacaThank you to my wife, Angela, and our daughter, Emma, for your patience with mewhile I worked on this book. Thank you, John Davis, for working with me yet again.It is always a pleasure, and I hope to work with you more in the future. Thank you,Pearson, for letting us write another version of this book and for all of the awesomesupport. And thank you, VMware, for continuing to trailblaze.—Owen ThomasA01 Baca FM p00i-pliii.indd 820/01/21 8:58 PM
Contents at a GlanceForewordxxvIntroduction xxviPART I:VSPHERE ARCHITECTURE, INTEGRATION, AND REQUIREMENTSCHAPTER 1vSphere Overview, Components, and RequirementsCHAPTER 2Storage Infrastructure33CHAPTER 3Network Infrastructure89CHAPTER 4Clusters and High AvailabilityCHAPTER 5vCenter Server Features and Virtual MachinesCHAPTER 6VMware Product IntegrationCHAPTER 7vSphere SecurityPART II:VSPHERE INSTALLATION/CONFIGURATIONCHAPTER 8vSphere InstallationCHAPTER 9Configuring and Managing Virtual NetworksPART III:VSPHERE MANAGEMENT AND OPTIMIZATIONCHAPTER 10Managing and Monitoring Clusters and ResourcesCHAPTER 11Managing StorageCHAPTER 12Managing vSphere SecurityCHAPTER 13Managing vSphere and vCenter ServerCHAPTER 14Managing Virtual MachinesCHAPTER 15Final PreparationAPPENDIX AAnswers to the “Do I Know This Already?” Quizzes andReview Questions LINE ELEMENTS:APPENDIX BMemory TablesAPPENDIX CMemory Tables Answer KeyAPPENDIX DStudy PlannerGlossaryA01 Baca FM p00i-pliii.indd 920/01/21 8:58 PM
Table of ContentsForewordxxvIntroductionxxviPart I: vSphere Architecture, Integration, and RequirementsChapter 1 vSphere Overview, Components, and Requirements“Do I Know This Already?” Quiz33Foundation Topics 6vSphere Components and Editions 6vSphere Components6Editions and Licenses8vCenter Server Topology10Single Sign-On (SSO) DomainEnhanced Linked ModevCenter HA121213Infrastructure Requirements14Compute and System Requirements 14Storage Requirements16Network Requirements17Infrastructure Services21Other Requirements23Additional Requirements23vSphere Replication Requirements 24vCenter High Availability RequirementsSDDC Requirements2425VMware Cloud vs. VMware Virtualization27Server Virtualization 27VMware SDDC 27vCloud Suite and Private Clouds28VCF and Hybrid Clouds 28VMC on AWS28VMware vCloud DirectorCloud Automation2828Exam Preparation Tasks 29Review All the Key Topics29Complete Tables and Lists from Memory 29Define Key Terms29Answer Review Questions 30A01 Baca FM p00i-pliii.indd 1020/01/21 8:58 PM
Table of Contents xiChapter 2 Storage Infrastructure 33“Do I Know This Already?” Quiz33Foundation Topics 36Storage Models and Datastore Types36How Virtual Machines Access Storage36Storage Virtualization: The Traditional ModelSoftware-Defined Storage ModelsDatastore Types364041Storage in vSphere with Kubernetes 45VMware NVMe46vSAN Concepts 49vSAN CharacteristicsvSAN Terminology5051What Is New in vSAN 7.053vSAN Deployment Options54vSAN Limitations 59vSAN Space Efficiency 59vSAN Encryption 61vSAN File Services 62vSAN Requirements63Other vSAN Considerations 67vSphere Storage Integration68VASA 69VAAI70Virtual Volumes (vVols) 72Storage Multipathing and FailoverMultipathing Overview7374Pluggable Storage Architecture (PSA) 74Storage Policies78Storage Policy Based Management (SPBM)Virtual Disk Types79vSAN-Specific Storage PoliciesStorage DRS (SDRS)797981Initial Placement and Ongoing BalancingSpace Utilization Load BalancingI/O Latency Load Balancing818181SDRS Automation Level 82SDRS Thresholds and BehaviorSDRS RecommendationsAnti-affinity Rules828383Datastore Cluster Requirements 83NIOC, SIOC, and SDRS 84A01 Baca FM p00i-pliii.indd 1120/01/21 8:58 PM
xii VCP-DCV for vSphere 7.x (Exam 2V0-21.20) Official Cert GuideExam Preparation Tasks 85Review All Key Topics85Complete Tables and Lists from Memory 85Define Key Terms85Review Questions86Chapter 3 Network Infrastructure 89“Do I Know This Already?” Quiz89Foundation Topics 92Networking Terms and Concepts 92Traditional Networking TerminologyVirtual NICs9293Virtual Switch Concepts 94VLANs94vSphere Standard Switch (vSS)95MTU 97vSS Network Policies98NIC Teaming Policies98Network Security Policies100Traffic Shaping Policy 101VLAN Policies101Distributed Virtual Switch (vDS)102Distributed Port Groups103Uplink Port Groups 103vSS and vDS ComparisonvDS Network Policies103104Inbound Traffic Shaping 105Port-Blocking Policies105Load-Based NIC Teaming105Resource Allocation Policy 105NetFlow and Monitoring Policy 108Traffic Filtering and Marking Policy109vDS Settings and Features 110Private VLANs 110Data Center–Level Management 111Port State Monitoring111Port State with vMotionPort Mirroring111111Port Binding and Allocation 112LACP Support113vDS Health Check 115A01 Baca FM p00i-pliii.indd 1220/01/21 8:58 PM
Table of Contents xiiiOther vSphere Networking FeaturesMulticast Filtering Mode116116Discovery Protocol 117TCP Segmentation Offload118DirectPath I/O 118Single Root I/O Virtualization (SR-IOV) 119VMkernel Networking and TCP/IP Stacks121Exam Preparation Tasks 123Review All Key Topics123Complete Tables and Lists from Memory 123Define Key Terms123Review Questions124Chapter 4 Clusters and High Availability“Do I Know This Already?” Quiz127127Foundation Topics 130Cluster Concepts and Overview 130Enhanced vMotion Compatibility (EVC)vSAN Services131134Distributed Resource Scheduler (DRS) 134Recent DRS Enhancements134DRS Rules 137DRS Migration Sensitivity 138Resource Pools 139vSphere High Availability (HA)143vSphere HA Requirements145vSphere HA Response to FailuresHeartbeats145146vSphere HA Admission Control146vSphere HA Advanced Options148Virtual Machine Settings 149VM Component Protection (VMCP) 150Virtual Machine and Application Monitoring 150vSphere HA Best Practices 151Proactive HA151Other Resource Management and Availability FeaturesPredictive DRS151152Distributed Power Management (DPM) 152Fault Tolerance (FT) 153vCenter Server High Availability 157VMware Service Lifecyle ManagerA01 Baca FM p00i-pliii.indd 1315721/01/21 1:45 AM
xiv VCP-DCV for vSphere 7.x (Exam 2V0-21.20) Official Cert GuideExam Preparation Tasks 158Review All Key Topics158Complete Tables and Lists from Memory 158Define Key Terms158Review Questions159Chapter 5 vCenter Server Features and Virtual Machines“Do I Know This Already?” Quiz163163Foundation Topics 166vCenter Server and vSphere 166vSphere Managed Inventory ObjectsHost Profiles166170Content Libraries171vSphere with Tanzu173Virtual Machine File Structure173Configuration File 174Virtual Disk Files175Snapshot Files175Virtual Machine Snapshots175Snapshot Use Cases177What a Snapshot PreservesParent Snapshots177178Snapshot Behavior178Limitations 179Virtual Machine Settings 180VM Hardware/Compatibility 180Virtual Disk Provisioning 183VMware Tools183Virtual Machine Options183Virtual Machine Advanced SettingsVirtual Machine MigrationVirtual Machine MigrationvMotion Details184185185189Storage vMotion Details192Virtual Machine Cloning 194Clones194Rapid Provisioning with Templates 195Instant Clones195Exam Preparation Tasks 197Review All Key Topics197Complete Tables and Lists from MemoryDefine Key Terms198Review Questions198A01 Baca FM p00i-pliii.indd 1419720/01/21 8:58 PM
Table of Contents xvChapter 6 VMware Product Integration“Do I Know This Already?” Quiz201201Foundation Topics 204vSphere Add-ons 204vSphere with Tanzu204vCenter Converter205VMware vSphere Replication206VMware SkyLine 206vRealize Suite 207vRealize Operations Manager (vROps)vRealize Log Insight (vRLI)208vRealize Automation (vRA)209207vRealize Orchestrator (vRO) 213vRealize Network Insight (vRNi) 214Desktop and Application Virtualization 215VMware HorizonApp Volumes215217Replication and Disaster RecoveryvSphere Replication219219Site Recovery Manager (SRM)221Private, Public, and Hybrid Clouds 222VMware Cloud Foundation (VCF)223VMware Hybrid Cloud Extension (HCX) 224VMware on AWS 226Azure VMware SolutionNetworking and Security226227AppDefense 227NSX228Exam Preparation Tasks 230Review All Key Topics230Complete Tables and Lists from Memory 230Define Key Terms230Review Questions231Chapter 7 vSphere Security233“Do I Know This Already?” Quiz233Foundation Topics 236vSphere Certificates 236vSphere Certificates Overview236Certificate Requirements 238ESXi Host CertificatesA01 Baca FM p00i-pliii.indd 1524120/01/21 8:58 PM
xvi VCP-DCV for vSphere 7.x (Exam 2V0-21.20) Official Cert GuidevSphere Permissions 242Authentication and Authorization242Inventory Hierarchy and Objects 243Privileges and Roles 244Permissions 246Global Permissions247Best Practices for Roles and Permissions 248Required Privileges for Common Tasks 248How Permissions Are Applied by vCenter Server 251ESXi and vCenter Server Security 253Built-in Security FeaturesSecurity Profiles254254ESXi Password Hardening 256Joining an ESXi Host to a Directory ServicevSphere Authentication Proxy257257ESXi Host Access 257Control MOB Access257ESXi Secure Boot and TPM 258vSphere Trust Authority (vTA)vCenter Server Security258259vSphere Network Security 262Virtual Machine Security265Virtual Machine Hardening Best Practices 265Configuring UEFI Boot 266Disabling Unexposed Features266Other Common Settings 267Virtual Machine Risk Profiles268Protecting Virtual Machines Against Denial-of-Service Attacks 269Controlling VM Device Connections 269Virtual Machine EncryptionEncrypted vSphere vMotion270272virtual Trusted Platform Module (vTPM) 273virtual Intel Software Guard Extension (vSGX)Available Add-on Security274275Compliance Using vRealize Operations ManagerVMware NSX275276AppDefense 277Exam Preparation Tasks 279Review All the Key Topics279Complete Tables and Lists from Memory 279Define Key Terms280Review Questions280A01 Baca FM p00i-pliii.indd 1620/01/21 8:58 PM
Table of Contents xviiPart II:vSphere Installation/ConfigurationChapter 8 vSphere Installation283“Do I Know This Already?” Quiz283Foundation Topics 286Installing ESXi Hosts286Installing ESXi InteractivelyScripted ESXi InstallationUsing Auto Deploy286288292Deploying vCenter Server ComponentsvCenter Server Database297297Platform Services Controller (PSC)vCenter Server Appliance297298Configuring and Managing VMware Certificate Authority (VMCA)303Configuring Single Sign-On (SSO) 305SSO and Identity Sources Overview 305Adding, Editing, and Removing SSO Identity Sources306Adding an Active Directory Identity Source 307Adding an LDAP Authentication Source309Enabling and Disabling Single Sign-On (SSO) Users310Configuring SSO Policies 311Configuring Identity Federation 313Initial vSphere Configuration315Implementing vSphere Client315Implementing VMware vSphere Lifecycle ManagerConfiguring the vCenter Server InventoryImplementing vCenter HAUsing Host ProfilesVMware Tools315315316317320Advanced ESXi Host Options321Exam Preparation Tasks 323Review All the Key Topics323Complete Tables and Lists from Memory 323Define Key Terms323Review Questions324Chapter 9 Configuring and Managing Virtual Networks“Do I Know This Already?” Quiz327327Foundation Topics 330vSphere Standard Switches (vSS)330Creating and Configuring vSphere Standard Switches330Creating and Configuring Standard Port Groups 332A01 Baca FM p00i-pliii.indd 1720/01/21 8:58 PM
xviii VCP-DCV for vSphere 7.x (Exam 2V0-21.20) Official Cert GuidevSphere Distributed Switches (vDS) 334Creating and Configuring vSphere Distributed Switches 334Creating and Configuring Distributed Port Groups337VMkernel Networking 338Configuring and Managing VMkernel Adapters 338Configuring TCP/IP Stacks 339Configuring and Managing Networking Features 340Configuring Network I/O Control (NIOC) 340Creating a Network Resource Pool 341Using Private VLANs342Using DirectPath I/O 343Single Root I/O Virtualization (SR-IOV) 343Configuring and Managing Port Mirroring 345Configuring and Managing Link Aggregation Groups (LAGs) 346Managing Host Networking with vDSAdding Hosts to a vDS350350Managing Host Physical Network Adapters on a vDS 351Migrating VMkernel Network Adapters to a vDS 352Removing Hosts from a vDS352Migrating Virtual Machines to a vDS353Monitoring the State of Ports in a Distributed Port Group353Using the vDS Health Check 354Networking Policies and Advanced Features355Exam Preparation Tasks 357Review All the Key Topics357Complete Tables and Lists from Memory 357Define Key Terms357Review Questions358Part III: vSphere Management and OptimizationChapter 10 Managing and Monitoring Clusters and Resources 361“Do I Know This Already?” Quiz361Foundation Topics 364Creating and Configuring a vSphere Cluster 364Creating a Cluster 364Configuring a Cluster with Quickstart365EVC Mode 367Creating and Configuring a vSphere DRS Cluster368Creating a vSphere DRS Cluster 368Creating a Resource Pool368Configuring Advanced DRS Options 369A01 Baca FM p00i-pliii.indd 1820/01/21 8:58 PM
Table of Contents xixCreating and Configuring a vSphere HA Cluster370Creating a vSphere HA Cluster 370Configuring Advanced vSphere HA Options370Configuring vSphere HA Admission Control371Configuring VMCP 371Configuring Virtual Machine and Application Monitoring 372Configuring Proactive HA 372Configuring vSphere Fault Tolerance373Monitoring and Managing vSphere ResourcesMetrics373374vSphere Client Performance Charts375Troubleshooting and Optimizing Performance 379Monitoring and Managing Cluster Resources 384Monitoring and Managing Resource Pool Resources385Monitoring and Managing Host Resources and HealthMonitoring and Managing Virtual Machine Resources386388ESXTOP 393VIMTOP396vCenter Server Appliance Management Interface (VAMI)396Events, Alarms, and Automated Actions 396Events396Viewing Events in the vSphere Client 397Viewing the System Event Log397Streaming Events to a Remote Syslog Server 398Alarms 399Viewing and Acknowledging Triggered Alarms399Creating Alarm Definitions 400Alarm Actions 401Advanced Use Cases for Alarms401Logging in vSphere 401ESXi Logs402vCenter Server Logs404Uploading System Logs to VMware404Log Levels 404Configuring Syslog on ESXi HostsvRealize Log Insight (vRLI)405407Exam Preparation Tasks 408Review All the Key Topics408Complete Tables and Lists from Memory 408A01 Baca FM p00i-pliii.indd 19Define Key Terms408Review Questions40920/01/21 8:58 PM
xx VCP-DCV for vSphere 7.x (Exam 2V0-21.20) Official Cert GuideChapter 11 Managing Storage411“Do I Know This Already?” Quiz411Foundation Topics 414Configuring and Managing vSAN 414Preparing for vSAN414Creating a vSAN Cluster with Quickstart 415Manually Enabling vSAN 416Editing vSAN Settings417Licensing vSAN 418Viewing a vSAN Datastore418Configuring vSAN and vSphere HA419Disabling vSAN 421Shutting Down and Restarting vSAN421Deploying vSAN with vCenter Server 422Expanding a vSAN Cluster422Working with Maintenance ModeManaging vSAN Fault Domains424426Extending a vSAN Datastore Across Two Sites 427Managing Devices in a vSAN Cluster 429Increasing Space Efficiency in a vSAN Cluster430Using Encryption in a vSAN Cluster 432Using vSAN Policies435Viewing vSAN Storage ProvidersManaging Datastores436436Using vSAN File Service438Managing VMFS Datastores 438Managing Raw Device Mappings (RDMs) 443Managing NFS DatastoresStorage DRS and SIOC444447Configuring and Managing Storage DRS447Configuring and Managing SIOC 449NVMe and PMem 451Managing VMware NVMeManaging PMem451454Multipathing, Storage Policies, and vVolsManaging Multipathing456456Managing Storage Policies459Configuring and Managing vVols463Exam Preparation Tasks 465Review All the Key Topics465Complete Tables and Lists from Memory 465A01 Baca FM p00i-pliii.indd 2020/01/21 8:58 PM
Table of Contents xxiDefine Key Terms465Review Questions466Chapter 12 Managing vSphere Security 469“Do I Know This Already?” Quiz469Foundation Topics 472Configuring and Managing Authentication and AuthorizationManaging SSO472472Users and Groups 474Privileges and Roles 475Permissions 475Global Permissions476Editing Permissions 476Configuring and Managing vSphere Certificates 477Managing vSphere Client Certificates477Using Custom Certificates 478Managing ESXi Certificates479General ESXi Security Recommendations 481Configuring ESXi Using Host Profiles 482Using Scripts to Manage Host Configuration Settings 483ESXi Passwords and Account Lockout485SSH and ESXi Shell Security 487PCI and PCIe Devices and ESXi 489Disabling the Managed Object Browser 490ESXi Networking Security Recommendations 490ESXi Web Proxy Settings490491vSphere Auto Deploy Security ConsiderationsControlling CIM Access491Configuring and Managing ESXi Security 492Configuring the ESXi Firewall492Customizing ESXi Services 493Using Lockdown Mode 494Managing the Acceptance Levels of Hosts and VIBsAssigning Privileges for ESXi Hosts496496Using Active Directory to Manage ESXi UsersConfiguring vSphere Authentication Proxy497498Configuring Smart Card Authentication for ESXi 499Configuring UEFI Secure Boot for ESXi Hosts499Securing ESXi Hosts with Trusted Platform Module 500Securing ESXi Log FilesA01 Baca FM p00i-pliii.indd 2150120/01/21 8:58 PM
xxii VCP-DCV for vSphere 7.x (Exam 2V0-21.20) Official Cert GuideAdditional Security Management501Key Management Server502Changing Permission Validation Settings 502Configuring and Managing vSphere Trust Authority (vTA)502Securing Virtual Machines with Intel Software Guard Extensions (SGX)505Encrypting a Virtual Machine 505Exam Preparation TasksReview All the Key Topics507507Complete Tables and Lists from Memory 507Define Key Terms507Review Questions508Chapter 13 Managing vSphere and vCenter Server“Do I Know This Already?” Quiz511511Foundation Topics 514vCenter Server Backup514Upgrading to vSphere 7.0 517vCenter Server Data Transfer519Upgrading vCenter Server Appliance519Migrating vCenter Server for Windows to vCenter Server Appliance 522Upgrading ESXi and Virtual Machines 524Using Update Planner524Using vSphere Lifecycle Manager526About VMware Update Manager529VMware Update Manager Download Service (UMDS) 529Baselines and Images530ESXi Quick Boot 535ESXi Firmware Updates536Hardware Compatibility Checks537Exporting and Importing Cluster ImagesBackup and Restore ScenariosUpgrading Virtual MachinesManaging ESXi Hosts538538539540Monitoring and Managing vCenter Server542Monitoring and Managing vCenter Server with the VAMI 543Monitoring and Managing vCenter Server with the vSphere ClientUpdating the vCenter Server547554Managing a vCenter HA Cluster557Repointing a vCenter Server to Another Domain558Exam Preparation Tasks 561Review All the Key TopicsA01 Baca FM p00i-pliii.indd 2256121/01/21 1:46 AM
Table of Contents xxiiiComplete Tables and Lists from Memory561Define Key Terms 562Review QuestionsChapter 14562Managing Virtual Machines 565“Do I Know This Already?” Quiz565Foundation Topics 568Creating and Configuring Virtual Machines 568Creating a New Virtual MachinePowering on a VM568569Opening a Console to a VM569Installing and Upgrading VMware Tools570Shutting Down a Guest 572Cloning a Virtual Machine 572Converting Between a VM and a Template573Deploying a Virtual Machine from a TemplateCustomizing the Guest OS574574Deploying OVF/OVA Templates 577Managing Virtual Machines578Configuring Virtual Machine HardwareEditing Virtual Machine Options578583Configuring Guest User Mappings 585Editing OVF Details 585Creating and Managing Virtual Machine SnapshotsMigrating Virtual MachinesAdvanced Virtual Machine ManagementManaging OVF Templates586587589589Virtualization-Based Security 590Managing VMs by Using PowerCLI590Configuring VMs to Support vGPUsContent Libraries592594Introduction to Content LibrariesCreating a Content LibraryPublishing a Content Library594595596Subscribing to a Content Library596Content Library Permissions 597Content Library Synchronization Options 598Adding Items to a Content Library598Deploying VMs by Using a Content Library 599Exam Preparation Tasks 600Review All the Key Topics600Complete Tables and Lists from MemoryA01 Baca FM p00i-pliii.indd 2360020/01/21 8:58 PM
xxiv VCP-DCV for vSphere 7.x (Exam 2V0-21.20) Official Cert GuideDefine Key Terms600Review Questions601Chapter 15 Final Preparation603Getting Ready 603Taking the Exam604Appendix A Answers to the “Do I Know This Already?” Quizzes and ReviewQuestions 607Index627Online Elements:Appendix BMemory TablesAppendix CMemory Table Answer KeyAppendix DStudy PlannerGlossaryA01 Baca FM p00i-pliii.indd 2420/01/21 8:58 PM
ForewordCertification exams aren’t easy. They’re not supposed to be. If they were, theywouldn’t mean much.Certifications validate a specific minimum level of expertise of an individual, and inthe case of VMware certifications, that means we, as a company, stand behind thoseindividuals earning the certification. We create exams that are aimed at real jobskills, that align to actual job roles that exist in the industry, and that properly testthe baseline expertise required to perform those roles.The authors of this book have multiple certifications among themselves, equalingdecades of hands-on experience. They are teachers, learners, administrators, andarchitects of key IT technologies. Their combined knowledge provides them theability to share their expertise through this book, which in turn allows you, as thereader and prospective certification holder, to be better prepared to pass that hardcertification exam.This study guide is a great asset and tool for you to use in your study and preparation. Take advantage of the practice exams, the suggestions and tips, and the contentin the book. By using this guide and thoroughly preparing yourself, getting handson practice through labs and sandbox or production environments, and
vSphere Replication Requirements 24 vCenter High Availability Requirements 24 SDDC Requirements 25 VMware Cloud vs. VMware Virtualization 27 Server Virtualization 27 VMware SDDC 27 vCloud Suite and Private Clouds 28 VCF and Hybrid Clouds 28 VMC on AWS 28 VMware vCloud Director 28 Cloud Automation 28 Exam Preparation Tasks 29 Review All the Key .
