An administrator is preparing to deploy a new application on an AHV cluster. Security requirements dictate that all virtual servers supporting this application must be prevented from communicating with unauthorized hosts.
Which option would achieve this goal?
I think the correct answer is actually B. Isolation policies allow you to protect all "prod" or "dev" or "security" tagged servers (category driven) isolating that entity from all other items, in this case unauthorised hosts. Application Security policies are more like traditional IP/port based rule sets. It would achieve the desired result, but its not as simple as isolating the environment, which is the question asked.
B is wrong, because Isolation Policy requires defining two known groups of VMs that would get isolated one from another (like PROD and DEV), question doesn't say anything about this. Question just says prevent communication with some hosts, and this is achieved with Application Security Policies (C)