Login / Register   My Cart (0)
  • Home
  • Articles
  • VMware 5V0-23.20 Dumps Questions [2023] Pass for 5V0-23.20 Exam [Q73-Q98]

VMware 5V0-23.20 Dumps Questions [2023] Pass for 5V0-23.20 Exam [Q73-Q98]

Share

VMware 5V0-23.20 Dumps Questions [2023] Pass for 5V0-23.20 Exam

Updated VMware Study Guide 5V0-23.20 Dumps Questions

NEW QUESTION # 73
How are quotas and permissions guaranteed by vSphere with Tanzu for Tanzu Kubernetes (TKG) clusters that are deployed within a namespace?

  • A. By routing quota and permission API calls to vCenter Server via the Supervisor Cluster
  • B. By having the Supervisor Cluster poll the TKG cluster periodically to ensure adherence to quotas and permissions
  • C. By deploying an external authentication solution
  • D. By ensuring each TKG cluster has a quotas and permissions system built into it natively which enforces all requests

Answer: A


NEW QUESTION # 74
An administrator working in a vSphere with Tanzu environment wants to ensure that all persistent volumes configured by developers within a namespace are placed on a defined subset of datastores The administrator has applied tags to the required datastores in the vSphere Client Which action should the administrator take next to meet the requirement?

  • A. Create a persistent volume claim containing the tagged datastores, and apply it to the vSphere Namespace.
  • B. Create a storage class containing the tagged datastores. and apply it to the Supervisor Cluster
  • C. Create a storage policy containing the tagged datastores. and apply it to the vSphere Namespace.
  • D. Create a storage Policy containing the tagged datastores. and apply it to the Supervisor Cluster.

Answer: C

Explanation:

The vSphere administrator defines and assigns VM storage policies to a namespace:
* VM storage policies are translated into Kubernetes storage classes.
* Developers can access all assigned VM storage policies in the form of storage classes.
* Developers cannot manage storage classes.
Storage class names are created in the following way:
* Spaces in VM Storage Policy names are replaced with hyphens (-).
* Special characters are replaced with a digit. A VM Storage Policy called My Gold Policy $ is called my-gold-policy-0 as a storage class.


NEW QUESTION # 75
What is automatically created within NSX-T when an administrator creates a new namespace in the vSphere client?

  • A. A new segment connected to a Tier-1 gateway and an existing overlay transport zone
  • B. A new segment connected to a Tier-1 gateway and a new overlay transport zone
  • C. A new segment connected to a Tier-0 gateway and a new overlay transport zone
  • D. A new segment connected to a Tier-0 gateway and an existing overlay transport zone

Answer: A


NEW QUESTION # 76
Which two configurations are needed to meet the minimum vSphere with Tanzu on vSphere Distributed Switch Network Requirements? (Choose two.)

  • A. Network Interface Cards with Single Root IO Virtualization support (SR-IOV)
  • B. Non-overlapping subnets on workload networks
  • C. Physical Network MTU set to 1600 Bytes
  • D. One workload network designated as the primary workload network
  • E. vCenter Server connected to the workload network

Answer: B


NEW QUESTION # 77
To which set of networks are the Supervisor Cluster nodes attached when deploying with an NSX-T network topology?

  • A. Workload and Management
  • B. Management and NSX Overlay
  • C. Frontend and Workload
  • D. Frontend and Management

Answer: A

Explanation:
Explanation
The Network Service has been extended to support the vSphere Distributed Switch (vDS). Start by configuring the switch with appropriate portgroups. Management will carry traffic between vCenter and the Kubernetes Control Plane (Supervisor Cluster control plane). As we will see in a moment, not having the built in Load Balancing capability of NSX means you will need to deploy your own load balancer externally from the cluster. We will give you a choice of integrated load balancers. The first one we support is HAProxy.
The Management network will also carry traffic between the supervisor cluster nodes and HAProxy. The Frontend network will carry traffic to the Load Balancer virtual interfaces. It must be routable from any device that will be a client for your cluster. Developers will use this to issue kubectl commands to the Supervisor cluster or their TKG clusters. You can have one or more Workload networks.
The primary Workload network will connect the cluster interfaces of the Supervisor cluster. Namespaces can be defined with their own Workload network allowing for isolation between development teams assigned different Namespaces. The Namespace assigned Workload Networks will connect the TKG cluster nodes in that Namespace.


NEW QUESTION # 78
The application development team is pushing a Kubernetes application into production. I consists of an application server and a database. The team wants to ensure that only the production application server can access the production database.
Can the development team meet this requirement using Kubernetes Network Policy?

  • A. Yes, by using kubect1 to create a Network Policy that only allows pods on the same network segment to talk to each other.
  • B. Yes. by logging in to NSX Manager and creating a firewall rules to only allow the production application server pod to talk to the database
  • C. Yes, by using kubect1 to create a policy that disables pod to pod communication in the Namespace
  • D. No, Kubernetes Network Policy does not support this action.

Answer: A

Explanation:
If you want to control traffic flow at the IP address or port level (OSI layer 3 or 4), then you might consider using Kubernetes NetworkPolicies for particular applications in your cluster. NetworkPolicies are an application-centric construct which allow you to specify how a pod is allowed to communicate with various network "entities" (we use the word "entity" here to avoid overloading the more common terms such as "endpoints" and "services", which have specific Kubernetes connotations) over the network. NetworkPolicies apply to a connection with a pod on one or both ends, and are not relevant to other connections.


NEW QUESTION # 79
Which two distributed port groups is HAProxy connected to when using the vSphere networking stack default configuration? (Choose two.)

  • A. Edge
  • B. Management
  • C. Workload
  • D. Backend
  • E. Frontend

Answer: A,E


NEW QUESTION # 80
An organization is preparing to deploy vSphere with Tanzu and will be using the vSphere Networking stack.
How should the administrator allocate management network IP addresses for the Kubernetes Control Plane within the Supervisor Cluster?

  • A. Four f3 addresses are required, one for each of the Control Plane VMs and one spare for performing rolling cluster upgrades
  • B. Five IP addresses are required, one for each of the Control Plane VMs. one for the floating IP address of the Control Plane VM, and one spare for performing rolling cluster upgrades
  • C. Three P addresses are required, one for each of the Control Plane VMs
  • D. Six IP addresses are required, one for each of the Control Plane VMs, one for the floating IP address of the Control Plane VM. one for performing rolling cluster upgrades and one for the image Registry VM.

Answer: B


NEW QUESTION # 81
Which container network interface (CNI) is supported with Tanzu Kubernetes clusters created by the Tanzu Kubernetes Grid Service? (Choose two )

  • A. WeaveNet
  • B. Antrea
  • C. Cillium
  • D. NSX-T

Answer: B,D

Explanation:
The container network interfaces (CNIs) supported with Tanzu Kubernetes clusters created by the Tanzu Kubernetes Grid Service are NSX-T and Antrea. NSX-T is a multi-cloud networking and security platform from VMware that provides built-in container networking and security capabilities. Antrea is an open-source CNI project created by the GitHub team that provides network policy enforcement for Kubernetes clusters. Both of these CNIs provide support for multi-tenancy and advanced network policy enforcement.


NEW QUESTION # 82
An organization is preparing to deploy vSphere with Tanzu and will be using the vSphere Networking stack.
How should the administrator allocate management network IP addresses for the Kubernetes Control Plane within the Supervisor Cluster?

  • A. Four IP addresses are required, one for each of the Control Plane VMs and one spare for performing rolling cluster upgrades
  • B. Three IP addresses are required, one for each of the Control Plane VMs
  • C. Five IP addresses are required, one for each of the Control Plane VMs. one for the floating IP address of the Control Plane VM, and one spare for performing rolling cluster upgrades
  • D. Six IP addresses are required, one for each of the Control Plane VMs, one for the floating IP address of the Control Plane VM. one for performing rolling cluster upgrades and one for the image Registry VM.

Answer: C

Explanation:
Static IPs for Kubernetes control plane VMs
Block of 5A block of 5 consecutive static IP addresses to be assigned to the Kubernetes control plane VMs in the Supervisor Cluster.


NEW QUESTION # 83
Which three roles does the Spherelet perform? (Choose three )

  • A. Communicates with Kubernetes API
  • B. Determines placement of vSphere pods
  • C. Provisions Tanzu Kubernetes clusters
  • D. Provides a key-value store for pod configuration
  • E. Starts vSphere pods
  • F. Manages node configuration

Answer: A,E,F

Explanation:

Spherelet is a kubelet that is ported natively to ESXi. It allows the ESXi host to become part of a Kubernetes cluster. Spherelet performs the following functions:
* Communicates with the control plane VMs
* Manages node configuration
* Starts vSphere Pods
* Monitors vSphere Pods


NEW QUESTION # 84
An administrator is tasked with horizontally scaling an existing Tanzu Kubernetes cluster from 6 to 4 nodes.
Which action does the administrator need to complete to ensure the cluster scales successfully when updating the YAML definition?

  • A. Decrease the number of worker nodes to 4.
  • B. Decrease the number of control plane nodes to 4.
  • C. Update the Virtual Machine Class Type.
  • D. Update the Kubernetes version to the latest supported version.

Answer: A


NEW QUESTION # 85
When creating a Supervisor Namespace, which item must be added to ensure that the end user can consume the namespace?

  • A. Permissions
  • B. Limits
  • C. Storage
  • D. Content Library

Answer: A


NEW QUESTION # 86
How can a vSphere administrator replace the Supervisor Cluster API endpoint certificate?

  • A. Use the certificate-manager CLI utility to replace the Supervisor Cluster API endpoint certificate.
  • B. Use the vSphere Client to replace the NSX Load Balancer certificate.
  • C. Use the vSphere Client to replace the Workload platform MTG certificate.
  • D. Use kubectl to replace the Supervisor Cluster API endpoint certificate.

Answer: C

Explanation:

As a vSphere administrator, you can replace the certificate for the virtual IP address (VIP) to securely connect to the Supervisor Cluster API endpoint with a certificate signed by a CA that your hosts already trust. The certificate authenticates the Kubernetes control plane to DevOps engineers, both during login and subsequent interactions with the Supervisor Cluster.
Prerequisites
Verify that you have access to a CA that can sign CSRs. For DevOps engineers, the CA must be installed on their system as a trusted root.
Procedure
In the vSphere Client, navigate to the Supervisor Cluster.
Click Configure then under Namespaces select Certificates.
In the Workload platform MTG pane, select Actions > Generate CSR.
Provide the details for the certificate.
Once the CSR is generated, click Copy.
Sign the certificate with a CA.
From the Workload platform MTG pane, select Actions > Replace Certificate.
Upload the signed certificate file and click Replace Certificate.
Validate the certificate on the IP address of the Kubernetes control plane.


NEW QUESTION # 87
Which statement accurately describes the Primary Workload Network?

  • A. It carries traffic between load balancer and Supervisory control plane.
  • B. It carries traffic between Supervisory control plane and vCenter.
  • C. It is created by developers as part of TKG cluster deployment.
  • D. It carries traffic between load balancer and vCenter.

Answer: B


NEW QUESTION # 88
Which two capabilities are associated with vSphere Pod? (Choose two.)

  • A. Compatibility with vSphere vMotion
  • B. Compatibility with Windows and Linux kernels
  • C. Compatibility with vSphere HA and DRS
  • D. Compatibility with NSX-V Datacenter
  • E. Compatibility with vSphere performance charts

Answer: C,D

Explanation:
vSphere Pods are only supported on Supervisor Clusters that use NSX-T Data Center as their networking stack.
Resource Management. vSphere DRS handles the placement of vSphere Pods on the Supervisor Cluster.


NEW QUESTION # 89
Which role should the vSphere administrator apply for the developer?

  • A. Assign the developer user with the 'VSphere Kubernetes Manager" role at the vSphere Namespace object.
  • B. Assign the developer user with the 'VSphere Kubernetes Manager" role at the cluster object.
  • C. Assign the developer user with the "can edit" role at the vSphere Namespace object.
  • D. Assign the developer user with the "can edit" role at the cluster object.

Answer: C

Explanation:
Explanation
Graphical user interface, application Description automatically generated

Permissions for programmers should be assign at the Namespace level, typically using groups and roles.
You assign roles for the Namespace to Active Directory groups. You can later assign access to users by adding them to these groups. You assign access to separate Active Directory groups for the edit and view roles in the Namespace.


NEW QUESTION # 90
A developer is trying to deploy a Kubernetes Application into a namespace within a Supervisor Cluster The deployment must utilize the latest assets that have been pushed into the Registry Service.
What should the developer add to the YAML file to ensure that the deployment is successful?

  • A. template: /<namespace name>/<image name>:latest
  • B. image: <image registry url>/<namespace name>/<image name>:latest
  • C. image: /<namespace>/<image name>:latest
  • D. template: <image registry url>/<namespace name>/<image name> : latest

Answer: B

Explanation:
* Create an example pod spec with the details about the private registry.
* apiVersion: v1
* kind: Pod
* metadata:
* name: <workload-name>
* namespace: <kubernetes-namespace>
* spec:
* containers:
* - name: private-reg-container
* image: <Registry-IP-Address>/<vsphere-namespace>/<image-name>:<version>
* imagePullSecrets:
* - name: <registry-secret-name>
* Replace <workload-name> with the name of the pod workload.
* Replace <kubernetes-namespace> with the Kubernetes namespace in the cluster where the pod will be created. This must be the same Kubernetes namespace where the Registry Service image pull secret is stored in the Tanzu Kubernetes cluster (such as the default namespace).
* Replace <Registry-IP-Address> with the IP address for the embedded Harbor Registry instance running on the Supervisor Cluster.
* Replace <vsphere-namespace> with the vSphere Namespace where the target Tanzu Kubernetes is provisioned.
* Replace <image-name> with an image name of your choice.
* Replace <version> with an appropriate version of the image, such as "latest".
* Replace <registry-secret-name> with the name of the Registry Service image pull secret that you created previously.


NEW QUESTION # 91
What is required to enable Workload Management?

  • A. Github repository
  • B. vSphere Distributed Switch
  • C. Windows Network Load Balancer
  • D. NSX-V

Answer: B

Explanation:
Explanation
https://docs.vmware.com/en/VMware-vSphere/7.0/vsphere-esxi-vcenter-server-702-vsphere-with-tanzu-guide.pd Configuring Workload Networks You configure one or more workload networks and their respective IP address ranges.
Each workload network is assigned a vSphere Distributed Switch port group and uses a defined IP range to allocate IP addresses to workloads (VMware Tanzu Kubernetes clusters).


NEW QUESTION # 92
Which command will display the container image(s) used in a vSphere pod deployment name nginx-deployment?

  • A. kubectl get pod nginx
  • B. kubectl describe deployment nginx-deployment
  • C. docker ps
  • D. kubectl get deployment nginx-deployment

Answer: B


NEW QUESTION # 93
Which kubectl command is used to list the Kubernetes services in the current active namespace?

  • A. kubectl services get ip
  • B. kubectl list services
  • C. kubectl get services
  • D. kubectl get loadbalancer

Answer: C


NEW QUESTION # 94
On which network are TKG clusters deployed in vSphere with Tanzu when using the vSphere networking stack?

  • A. Edge
  • B. Backend
  • C. Frontend
  • D. Workload

Answer: D


NEW QUESTION # 95
To which set of networks are the Supervisor Cluster nodes attached when deploying with an NSX-T network topology?

  • A. Workload and Management
  • B. Management and NSX Overlay
  • C. Frontend and Workload
  • D. Frontend and Management

Answer: A

Explanation:
The Network Service has been extended to support the vSphere Distributed Switch (vDS). Start by configuring the switch with appropriate portgroups. Management will carry traffic between vCenter and the Kubernetes Control Plane (Supervisor Cluster control plane). As we will see in a moment, not having the built in Load Balancing capability of NSX means you will need to deploy your own load balancer externally from the cluster. We will give you a choice of integrated load balancers. The first one we support is HAProxy.
The Management network will also carry traffic between the supervisor cluster nodes and HAProxy. The Frontend network will carry traffic to the Load Balancer virtual interfaces. It must be routable from any device that will be a client for your cluster. Developers will use this to issue kubectl commands to the Supervisor cluster or their TKG clusters. You can have one or more Workload networks.
The primary Workload network will connect the cluster interfaces of the Supervisor cluster. Namespaces can be defined with their own Workload network allowing for isolation between development teams assigned different Namespaces. The Namespace assigned Workload Networks will connect the TKG cluster nodes in that Namespace.


NEW QUESTION # 96
Which two considerations needs to be made when deciding on a virtual machine class type during the process of creating a Tanzu Kubernetes cluster? (Choose two )

  • A. Connectivity between the Tanzu Kubernetes cluster and the Subscribed Content Library
  • B. Whether the resources provided by the virtual machine class type should be reserved on the host
  • C. The amount of CPU. memory, and storage the virtual machine should have
  • D. The storage classes which need to be made available to the cluster
  • E. The configuration parameters which need to be edited in the cluster

Answer: A,C


NEW QUESTION # 97
What is the correct process to store images in a project on the Registry Service?

  • A. Use the vSphere Client to upload the image to the Registry Service
  • B. Use the vSphere Client to upload the image the content library
  • C. Use the docker push command
  • D. Use the kubect1 push command

Answer: C

Explanation:
https://docs.docker.com/docker-hub/repos/

* Registry Service: Developers can store and manage Docker and OCI images using Harbor. Harbor is an open-source container image registry that secures images with role-based access control.
Procedure
Login to Harbor Registry with the vSphere Docker Credential Helper.
docker-credential-vsphere login <container-registry-IP> --user [email protected] Note:While providing --user username is acceptable for login, you should use the UserPrincipalName (UPN) syntax ( --user [email protected]) to login and use docker push commands.
Tag the image that you want to push to the project in Harbor Registry with same name as the namespace, where you want to use it:
docker tag <image-name>[:TAG] <container-registry-IP>/<project-name>/<image-name>[:TAG] For example:
docker tag hello-world:latest 10.179.145.77/tkgs-cluster-ns/hello-world:latest docker images REPOSITORY TAG IMAGE ID CREATED SIZE
10.179.145.77/tkgs-cluster-ns/hello-world latest bf756fb1ae65 10 months ago 13.3kB hello-world latest bf756fb1ae65 10 months ago 13.3kB To push an image to a project in Harbor, run the following command:Syntax:
docker push <container-registry-IP>/<namespace-name>/<image_name>
For example:
docker push 10.179.145.77/tkgs-cluster-ns/hello-world:latest
Expected result.
The push refers to repository [10.179.145.77/tkgs-cluster-ns/hello-world]
9c27e219663c: Pushed
latest: digest: sha256:90659bf80b44ce6be8234e6ff90a1ac34acbeb826903b02cfa0da11c82cbc042 size: 525


NEW QUESTION # 98
......


VMware 5V0-23.20 exam is designed for professionals who want to demonstrate their expertise in VMware vSphere with Tanzu. VMware vSphere with Tanzu Specialist certification is intended for individuals who have a deep understanding of vSphere and Kubernetes, and can use the two technologies together to provide a scalable, efficient, and secure virtual infrastructure. 5V0-23.20 exam covers topics such as installing and configuring vSphere with Tanzu, creating and managing Kubernetes clusters, deploying and managing containerized applications, and troubleshooting common issues.

 

Achieve Success in Actual 5V0-23.20 Exam 5V0-23.20 Exam Dumps: https://www.testpassed.com/5V0-23.20-still-valid-exam.html

Valid 5V0-23.20 exam with VMware Real Exam Questions: https://drive.google.com/open?id=19soBhuV-65ftdXkQchGFR6BfOGKf5s0Y

Related Articles

more
VMware 5V0-23.20 Certification Practice Exam

TestPassed provides test passed dumps & test questions of all IT certifications examinations. Our advantage is that our pass rate of test passed dumps is leading.

Latest Test Passed

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 TestPassed NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy