VMware NSX-T Data Center Advanced (VCAP-NV Design) — Question 56

A customer deploying NSX-T Data Center requires role based access controls be enforced in NSX Manager with these requirements:
✑ identity platform must be highly available
✑ authentication must be performed by customer's existing SAML identity provider
✑ MFA must be performed by administrator to gain access to NSX Manager
Which identity deployments would meet the customer's requirements? (Choose the best answer.)

Answer options

• A. NSX Manager OAuth 2.0 registered to a 3-node Active Directory Federation Services cluster.
• B. NSX Manager OAuth 2.0 registered to a 2-node VMware Identity Manager cluster.
• C. NSX Manager OAuth 2.0 registered to a 2-node Active Directory Federation Services cluster
• D. NSX Manager OAuth 2.0 registered to a 3-node VMware Identity Manager cluster.

Correct answer: D

Explanation

Option D is correct because a 3-node VMware Identity Manager cluster provides high availability and supports SAML authentication along with MFA capabilities. Option A and C both use Active Directory Federation Services, which may not fully meet the MFA requirement as effectively as VMware Identity Manager. Option B has insufficient nodes for high availability.