VMware Cloud Foundation 5.x Administrator (2025) — Question 25

An administrator is enabling VMware's Virtual Machine Encryption for an existing VMware Cloud Foundation (VCF) Workload Domain in order to meet their organization's compliance regulations.
Which three steps should the administrator take to complete this task? (Choose three.)

Answer options

• A. Configure a Key Management Server (KMS) and add it to the vCenter.
• B. Enable SSH on the ESXi hosts to manage encryption keys.
• C. Create an encryption policy in vCenter.
• D. Apply the encryption policy to the ESXi hosts.
• E. Apply the encryption policy to the existing VMs.
• F. Enable the encryption feature on the ESXi hosts.

Correct answer: A, C, E

Explanation

The correct steps include configuring a Key Management Server (KMS) and adding it to vCenter, creating an encryption policy in vCenter, and applying this policy to the existing VMs. Options B, D, and F are incorrect because enabling SSH, applying the policy to ESXi hosts, or activating the feature on ESXi hosts are not required steps for enabling Virtual Machine Encryption.