VMware NSX-T Data Center (VCP-NV 2020) — Question 67

A company is deploying a NSX-T Data Center micro-segmentation in their vSphere environment to secure a simple application composed of web, app, and database tiers.
The naming convention will be:
✑ WKS-WEB-SRV-XXX
✑ WKY-APP-SRR-XXX
✑ WKI-DB-SRR-XXX
What is the optimal way to group them in order to enforce security policies from NSX-T Data Center?

Answer options

• A. Create an Ethernet based security policy.
• B. Group all by means of tags membership.
• C. Use Edge as a firewall between tiers.
• D. Do a service insertion to accomplish the task.

Correct answer: B

Explanation

The correct answer is B because using tag membership allows for dynamic grouping of virtual machines based on their roles, which is essential for enforcing security policies effectively. Options A, C, and D do not provide the same level of flexibility and granularity in managing security policies as tagging does.