VMware NSX-T Advanced Deployment (VCAP-NV Deploy) — Question 11

The operations team is onboarding new interns in Active Directory. The interns need to work in the company's vRealize Operations environment while maintaining corporate security compliance. The intern Active Directory group should only have PowerUser role to a specific vCenter cluster and ReadOnly for all other objects.
Which option would meet the requirements?

Answer options

• A. Create new Active Directory accounts and import the intern user accounts. Create a new role for the interns and assign appropriate permissions on objects.
• B. Add the interns to a new vRealize Operations Active Directory Group. Import the Active Directory group and grant access to relevant objects and all actions for the specific vCenter cluster.
• C. Add the interns to the existing vRealize Operations administrators Active Directory group and grant access to relevant objects and all actions for the specific vCenter cluster.
• D. Create a new Active Directory group for interns. Synchronize intern Group, create a new role for the interns and assign appropriate permissions on objects.

Correct answer: D

Explanation

Option D is correct because it creates a new Active Directory group specifically for interns, ensuring they have the appropriate roles and permissions. This allows for controlled access while maintaining security compliance. Options A, B, and C either lack the necessary role specificity or do not properly restrict access for the interns, which does not meet the corporate security requirements.