Exam 3V0-21.21 All QuestionsBrowse all questions from this exam
Go to Exam
Question 43

The Chief Operating Officer (COO) at an organization raises concerns that their virtual infrastructure environment is vulnerable. Recently, a security-related issue with a virtual machine caused all management services to become unavailable. No budget is available in the short term for additional platform investment. An architect is asked to review the current environment and make recommendations to mitigate concerns.

A virtualization administrator has provided the following details:

✑ There is a single four node cluster of ESXi servers

✑ There are two, Layer 2, physical network switches connecting resources

✑ The data center network is presented as a single /16 subnet

Given the information provided, which functional requirement should the architect include in the design to mitigate the COOs concerns?

    Correct Answer: C

    To mitigate the concerns raised by the COO regarding the vulnerability of the virtual infrastructure environment, the architect should include the functional requirement that connects application virtual machines and management services to separate VLANs. This measure provides network segregation, creating separate broadcast domains at Layer 2, which enhances security by isolating different types of traffic. Given the constraints of no additional budget for new hardware and the existing infrastructure details, using VLANs is an effective approach to address the security issue without incurring additional costs.

Discussion
estornudoOption: C

I'd say it is C. The virtual infrastructure environment must connect application virtual machines and management services to separate VLANs

nemisis95Option: C

C. The virtual infrastructure environment must connect application virtual machines and management services to separate VLANs Process of elimimation and seperating services by VLAN will increase security. A. The virtual infrastructure environment must connect application virtual machines and management services to new physical network switches NO - "No budget is available in the short term for additional platform investment." B. The virtual infrastructure environment must connect application virtual machines and management services to separate distributed virtual switches (DVS) NO - "Recently, a security-related issue with a virtual machine caused all management services to become unavailable." It never specified what type of Virtual machine had the security related issue D. The virtual infrastructure environment must connect management services to a vSphere standard switch (VSS) NO - this does not increase security.

telco12Option: B

Another stupid question. Here the answer B with two VDS allow to separate two network broadcasts domain because you are using two virtual switches. The answer C, oh 02 layers two separete with 02 vlans is a obvious shit but the real problem here is why you will connect the virtual infrastructure (with must be worded as applications ans services vms workload domain) and management environment?? There is a requiment for connecting this two environments? The vms will access infractructure services like the vCenter to cause another datacenter down LoL - Just fireup all this shit certification team making stupid question.

migonemati1414Option: C

VLANs should resolve the concerns

nemisis95Option: C

C. The virtual infrastructure environment must connect application virtual machines and management services to separate VLANs

unofficial_officialOption: C

C, network separation

PSE_ITOption: C

VLANs is a zero touch money mitigation

PSE_IT

we know only that there are 2 pSwitches L2 but not how many pNICs each ESXi have so D cannot be the correct answer.

FR_WolfmanOption: C

A >> There is no budget for additional switches B & D >> Choosing between DVS and VSS will not make any difference to segregate the management and application virtual machines C >> It is the only solution here to segregate management and applications VMs at network level. And VLANs are part of Layer 2, they can be used.

timothychOption: D

Okay but layer 2, shouldn't that be vSS?

RoninVI

VLAN is layer 2. Lets break down the question. • "Recently, a security-related issue with a virtual machine caused all management services to become unavailable." • "No budget is available in the short term for additional platform investment. • "An architect is asked to review the current environment and make recommendations to mitigate concerns." It' C. "VLANs let you segment a network into multiple logical broadcast domains at Layer 2 of the network protocol stack." https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.networking.doc/GUID-C42AFA4A-1BDA-4ECC-B2D1-6E538771B2C3.html