Examice

Exam 2v0-2123 All QuestionsBrowse all questions from this exam

Question 72

An administrator is tasked with allowing a single user the ability to take snapshots on a virtual machine. When looking in vCenter, the administrator can see that there are already users and groups assigned permissions on the virtual machine as follows:

• The group VM_Users has the Virtual Machine Power User role.

• The group VM_Viewers has the Read Only role.

The administrator confirms that the user requesting the additional access is currently one of five members of the VM_Viewers group.

Which two steps should the administrator take to grant this user the additional access required without impacting the user access of others? (Choose two.)

Add the user to the VM_Users group and leave the permissions on the virtual machine object unchanged.

Add a new permission on the virtual machine object selecting the user and the new custom role.

Edit the Read Only role to add the Virtual Machine Snapshot Management privileges.

Create a new custom role with the Virtual Machine Snapshot Management privileges.

Add a new permission on the virtual machine object selecting the VM_Viewers group and the new custom role.

Correct Answer: B, D

To allow a single user the ability to take snapshots without impacting others, the administrator should create a new custom role with Virtual Machine Snapshot Management privileges and then add a new permission on the virtual machine object selecting the user and the new custom role. This approach ensures that only the specific user receives the additional permissions needed without modifying the access levels of existing user groups.

Discussion

cheoOptions: BD

B-> Assign a role to a particular user to give that user permissions to perform specific tasks on a virtual machine. https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.hostclient.doc/GUID-ECBC6397-3BBE-4F9A-A70E-E80E65EB37DB.html D-> Virtual machine snapshot management privileges control the ability to take, delete, rename, and restore snapshots.https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-222FE721-0968-4E9E-9F98-7CB03E7185E8.html

mkhlszfOptions: BD

I wouldn't call it a best practice, but B and D

[Removed]Options: BD

Makes more sense to: Assign the Snapshot Management privilege to the user. This privilege allows users to create, delete, and rename snapshots of virtual machines. Remove the user from the VM_Viewers group. This will prevent the user from inheriting the Read Only role from the group.

jennyka76Options: BD

BD https://docs.vmware.com/en/vRealize-Operations/8.10/com.vmware.vcom.core.doc/GUID-CAAFF0EF-E001-4087-B5CF-6E557356C457.html