Book Image

Data Center Virtualization Certification: VCP6.5-DCV Exam Guide

By : Andrea Mauro, Paolo Valsecchi
Book Image

Data Center Virtualization Certification: VCP6.5-DCV Exam Guide

By: Andrea Mauro, Paolo Valsecchi

Overview of this book

This exam guide enables you to install, configure, and manage the vSphere 6.5 infrastructure in all its components: vCenter Server, ESXi hosts, and virtual machines, while helping you to prepare for the industry standard certification. This data center book will assist you in automating administration tasks and enhancing your environment’s capabilities. You will begin with an introduction to all aspects related to security, networking, and storage in vSphere 6.5. Next, you will learn about resource management and understand how to back up and restore the vSphere 6.5 infrastructure. As you advance, you will also cover troubleshooting, deployment, availability, and virtual machine management. This is followed by two mock tests that will test your knowledge and challenge your understanding of all the topics included in the exam. By the end of this book, you will not only have learned about virtualization and its techniques, but you’ll also be prepared to pass the VCP6.5-DCV (2V0-622) exam.
Table of Contents (17 chapters)

Configuring and Administering vSphere 6.x Security

Security has become a critical aspect of every infrastructure, but for virtual environments, there are some advantages compared to the traditional infrastructures.

One of the main pillars of system virtualization is the Virtual Machine (VM) isolation principle, which protects a VM from other VM attacks, while also protecting the virtualization host from possible VM attacks. Of course, the isolation properties don't work for the network layer; other solutions are required to increase network security, such as VMware NSX.

While isolation protects the host level from the VM level, in some cases, it's also necessary to protect the VM level from the underlying infrastructure; for example, in a public cloud infrastructure, the consumer might have some concerns about how the provider manages the security and privacy of their data.

VMware vSphere 6.5 has introduced some important new security features, such as VM encryption, encrypted vMotion, and Secure Boot Support for VMs and ESXi.

Practicing what you learn in this chapter will be key to reinforcing your skills and your preparation for the exam. The last part of HOL-1811-01-SDC (vSphere v6.5 - What's New) and the lab HOL-1811-04-SDC (vSphere Security - Getting Started) include the encrypted VM and encrypted vMotion features.

The following topics will be covered in this chapter:

  • Understanding role-based access control in vSphere
  • Tuning and hardening guidelines for vCenter, ESXi, and VMs
  • Working with encryption and secure VMs