Exam 3V0-21.21 All QuestionsBrowse all questions from this exam
Go to Exam
Question 16

The Chief Information Security Officer (CISO) for an organization is concerned about the security posture of the operating system images that are used for the provisioning of their Software-as-a-Service (SaaS) applications. The organization is in a growth period. The organization is opening a new data center to launch its next phase of new SaaS-based solutions.

The DevOps team currently creates encrypted virtual machine (VM) templates that are used for various operating systems and adds these to the vSphere inventory. The DevOps team already uses a published content library and has been granted a role with the ability to add and delete library items.

The following requirements have been noted:

✑ Impacts to the DevOps team's operational processes must be kept to a minimum.

✑ The DevOps team must be able to regularly check out a copy of the image for updates and check in a new version of the image.

✑ Images must be synchronized from the primary data center to the new data center.

Which three recommendations should the architect make to design a content library solution that will meet these requirements? (Choose three.)

    Correct Answer: A, C, F

    The correct recommendations should ensure minimal impact on the DevOps team's operational processes and meet the functional requirements. First, clone virtual machines as VM templates to the published content library since this allows the DevOps team to check out and check in new versions, a feature not available with OVF templates. Setting up a subscription and publishing VM templates to a subscribed content library ensures synchronization between the primary and new data centers. Updating the role for the DevOps team with new privileges is necessary to grant the required permissions for managing these operations efficiently.

Discussion
primanturinOptions: ACF

ACF Check in and check out operations are available for VM Templates, not OVF... So you have to roll out all the OVF answers. A and C explanation: https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-254B2CE8-20A8-43F0-90E8-3F6776C2C896.html https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-0F4D55EF-B45C-43D6-8C8F-580D8B4B5009.html https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-D547C49A-5BCE-4FC9-9BEA-CB2C88DC629C.html F explanation Content Library in vSphere 7 has a few new privileges that are important to bring up as well as a few existing ones that should be considered. Please refer to the chart below for more details. https://blogs.vmware.com/vsphere/2020/04/vsphere-7-content-library.html

nemisis95

You are right. I just tested this and you can't Check Out/In an OVF, only VM Templates.

mljonn

This has to be correct. You would not be able to easily encrypt the OVF so these answer must be discarded

tuvituvi

Nothing to add here. Very well explained

aledevenanzi

A,C,F Because DevOps teams need to check out and check in new versions of the images. With OVF templates can't do that.

diegof1Options: ACF

I agree with A,C, F. All answers with OVF are discarded because Check in/out is only supported for VM Templates

bpexamOptions: ACF

see comment primanturin. but now as a voiting comment

nemisis95Options: DEF

D. Create a subscribed library from the published library and synchronize Open Virtualization Format (OVF) templates automatically "Images must be synchronized from the primary data center to the new data center.". It says "MUST" be synchronized. E. Clone virtual machines as Open Virtualization Format (OVF) templates to the published content library “operating system images that are used for the provisioning of their Software-as-a-Service (SaaS) applications” OVA and OVF templates are used for distributing pre-configured software as virtual appliances/ They can contain multiple VMs, which is useful for cases where software consists of multiple components that must be deployed on different machines. F. Update the role for the DevOps team with new privileges "DevOps team must be able to regularly check out a copy of the image for updates and check in a new version of the image". Content Library in vSphere 7 has a few new privileges including "Check in" ones https://blogs.vmware.com/vsphere/2020/04/vsphere-7-content-library.html

nemisis95

A,C,F - you can't Check Out/In an OVF, only VM Templates.

nemisis95Options: DEF

Changed my answer to D, E, F

nemisis95

A,C,F - you can't Check Out/In an OVF, only VM Templates.

nemisis95Options: ACF

A,C,F. Ruling out all OVF answers

amgice

D,E,F impacts to the DevOps teams operational processes must be kept to a minimum

moustahy

Agree.

moustahy

Change to A C F

FR_WolfmanOptions: ACF

As we are talking about checking in/out the images, it is not possible to do this with OVF. That excludes directly answers B, D & E.

MohamedZohairOptions: ACF

The answer is ACF

AlchotOptions: DEF

The DevOps team already uses a published content library and has been granted a role with the ability to add and delete library items. ✑ Impacts to the DevOps team's operational processes must be kept to a minimum. F. Update the role for the DevOps team with new privileges ✑ Images must be synchronized from the primary data center to the new data center. D. Create a subscribed library from the published library and synchronize Open Virtualization Format (OVF) templates automatically ✑ The DevOps team must be able to regularly check out a copy of the image for updates and check in a new version of the image. ✑ The DevOps team must be able to regularly check out a copy of the image for updates and check in a new version of the image. E. Clone virtual machines as Open Virtualization Format (OVF) templates to the published content library

DdssssssOptions: BCD

In local and published libraries, you can update only templates of the OVF Template type. <--- right from the guide

AletzzissOptions: BEF

B, E, F; generate OVF's for applications, must be On Demand, and the privileges must be modified to the DevOps team