Examice

Exam 2v0-2123 All QuestionsBrowse all questions from this exam

Question 91

An administrator is required to configure several Microsoft Windows virtual machines (VMs) to support Secure Boot for a critical secure application.

The following information is provided:

• The corporate security policy states that all forms of data encryption must utilize a key provider.

• The firmware of each VM is currently set to use Unified Extensible Firmware Interface (UEFI).

• Due to the nature of the application running within the VMs, the guest operating system for each VM is currently a minimum of Windows Server 2008 and Windows 7.

Which security feature should the administrator implement to meet these requirements?

vSphere Virtual Machine Encryption

vSphere Visualization-Based Security

Virtual Intel Software Guard Extensions (vSGX)

Virtual Trusted Platform Module (vTPM)

Correct Answer: D

The appropriate security feature is Virtual Trusted Platform Module (vTPM). vTPM can support Secure Boot, which is necessary for ensuring the integrity and security of the virtual machines' boot process. Additionally, vTPM can leverage a key provider to manage encryption keys, meeting the requirement stated in the corporate security policy. The use of UEFI firmware is compatible with vTPM, and vTPM is supported on older versions of Windows like Windows Server 2008 and Windows 7.

Discussion

marcodutravix

https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-6F811A7A-D58B-47B4-84B4-73391D55C268.html

jennyka76Option: D

D https://www.prajwaldesai.com/enable-secure-boot-for-a-virtual-machine/#:~:text=Enable%20Secure%20Boot%20on%20an%20existing%20VM&text=Power%20off%20the%20VM%20and,box%20%E2%80%9CEnable%20Secure%20Boot%E2%80%9C.

DrewCanOption: D

1. vTPM can use Key provider configured for vCenter Server. 2. EFI firmware 3. Windows Server 2008 and later also Windows 7 and later https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-6F811A7A-D58B-47B4-84B4-73391D55C268.html

jamestrikeOption: D

D. Virtual Trusted Platform Module (vTPM) This security feature should be implemented to meet the requirements of configuring Windows virtual machines (VMs) to support Secure Boot for a critical secure application. The vTPM provides hardware-based security functions, including Secure Boot, that can be used to enhance the security of VMs, ensuring that the guest operating systems meet the corporate security policy and utilize key providers for data encryption.

fdcpintoOption: D

https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-6F811A7A-D58B-47B4-84B4-73391D55C268.html

wpjoulekkadingOption: D

D - vTPM supports the required Guest OS

jimr999Option: A

Answer is A, vSphere VM Encryption. B says "Visualization", C (SGX) is for protected memory areas, not encryption. D (vTPM) is only compatible with W10/2016 and newer. Further - A uses KM servers, which supports the policy "all forms of encryption must utilize a key provider"

Abs2k5

Youve got that incorrect, vTPM support win7 and server 2008 look here https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6F811A7A-D58B-47B4-84B4-73391D55C268.html