VMware vSphere 7.x Advanced Design (VCAP-DCV Design 2021) — Question 16

The Chief Operating Officer (COO) at an organization raises concerns that their virtual infrastructure environment is vulnerable. Recently, a security-related issue with a virtual machine caused all management services to become unavailable. No budget is available in the short term for additional platform investment. An architect is asked to review the current environment and make recommendations to mitigate concerns.
A virtualization administrator has provided the following details:
✑ There is a single four node cluster of ESXi servers
✑ There are two, Layer 2, physical network switches connecting resources
✑ The data center network is presented as a single /16 subnet
Given the information provided, which functional requirement should the architect include in the design to mitigate the COOs concerns?

Answer options

• A. The virtual infrastructure environment must connect application virtual machines and management services to new physical network switches
• B. The virtual infrastructure environment must connect application virtual machines and management services to separate distributed virtual switches (DVS)
• C. The virtual infrastructure environment must connect application virtual machines and management services to separate VLANs
• D. The virtual infrastructure environment must connect management services to a vSphere standard switch (VSS)

Correct answer: C

Explanation

The correct answer is C because separating application virtual machines and management services into distinct VLANs enhances security and reduces the risk of a single point of failure. Options A and B do not address the need for logical separation of traffic, while option D does not provide adequate isolation for management services, making it less effective in mitigating vulnerabilities.