VMware App Volumes Specialist (2021) — Question 52

An administrator notes that the Data-At-Rest Encryption keys have expired.

Which action is needed to resolve this situation?

Answer options

• A. Add a new Standard Key Provider at the vSAN cluster level
• B. Generate new encryptions keys at the vSAN cluster level
• C. Add an additional KMS at the vCenter server level
• D. Generate new encryptions keys at the vCenter server level

Correct answer: B

Explanation

The correct action is to generate new encryption keys at the vSAN cluster level (B), as this directly addresses the expiration issue of the Data-At-Rest Encryption keys. Options A, C, and D do not resolve the expiration of the keys and do not directly create new keys necessary for continued encryption functionality.