VMware vSphere 8.x Advanced Design (VCAP-DCV Design) — Question 70

An architect is tasked with creating a design for a vSphere-based solution.
Reviewing requirements with the security team, the architect makes the following design decision:
ESXi hosts in the environment will enable shell sandbox for SSH connections and the local ESXi shell
What is an implication of the design decision to enable shell sandboxing?

Answer options

• A. Only certain commands can be executed in the sandboxed shell
• B. Only administrative accounts can access the sandbox shell
• C. All commands executed in the sandbox shell will be logged
• D. The vSphere 8 hosts will operate in strict lockdown mode

Correct answer: A

Explanation

The correct answer is A because enabling shell sandboxing restricts the execution of commands to a predefined set that is deemed safe, thereby enhancing security. The other options are incorrect as shell sandboxing does not limit access to administrative accounts, does not guarantee logging of all commands, and does not enforce strict lockdown mode on the vSphere hosts.