VMware vSAN Administrator (2025) — Question 23

As part of the VMware Cloud Foundation (VCF) logical design, the architect documented the following requirement:
The solution must include high security hardening levels to meet military compliance standards.
Which two physical design decisions will meet this security requirement in the workload domain? (Choose two.)

Answer options

• A. VCF Operations will be configured to renew the SSL certificate for vCenter Server per security policies.
• B. The vSAN storage policy will be configured as Secondary Failures to Tolerate = 1.
• C. The certificate of the VI workload domain vCenter Server will be issued by RootCA.Military.Domain.com.
• D. The advanced setting UserVars.SuppressShellWarning will be configured to 0 across all ESXi hosts in a VI workload domain cluster.
• E. NTP will be configured to the internal NTP servers of 192.168.12.1 and 192.168.24.1.

Correct answer: C, E

Explanation

Option C is correct because using a certificate from a trusted military CA ensures compliance with high security standards. Option E is also correct as configuring NTP to internal servers helps maintain accurate time synchronization, which is crucial for security logging and compliance. The other options do not directly address the high security hardening levels required for military compliance.