VMware vSphere 7.x Professional (VCP-DCV 2021) — Question 110

An administrator is using vSphere Web Client to configure the firewall to allow specific third-party application SSH access to an ESXi Host.
What is the most secure way to configure the firewall rule?

Answer options

• A. Specify remote IP subnet range in IP List.
• B. Use Allow connection from any IP address.
• C. Enable lockdown mode.
• D. Disable the firewall.

Correct answer: A

Explanation

The correct answer is A because specifying a remote IP subnet range allows only trusted IP addresses to access the ESXi Host, enhancing security. Option B is insecure as it permits any IP address, option C is unrelated to firewall rules and mainly restricts access at a different level, and option D would leave the host vulnerable by disabling the firewall entirely.