VMware Workspace ONE Modern Apps Specialist — Question 23

An organization wants to prevent users from connecting to VMware Horizon desktop or application pools from a Horizon Pod deployed on their internal network unless the user selects the Horizon pool from the Unified Catalog of their Workspace ONE Access shared SaaS tenant.
Which additional setting must the organization administrator configure?

Answer options

• A. Enable the Virtual App Service on al Unified Access Gateway systems that allow users to connect to Horizon pools from the Horizon Pod
• B. Configure the Workspace ONE Access tenant as a SAML 2.0 authenticator on all Horizon Connection Servers in the Horizon Pod
• C. Enable the VMware Tunnel on all Unified Access Gateway systems that allow users to connect to Horizon pools from the Horizon Pod
• D. Set “Delegation of authentication to VMware Horizon (SAML 2.0 Authenticator)” to “Allowed” on all Horizon Connection Servers in the Horizon Pod

Correct answer: C

Explanation

The correct answer is C because enabling the VMware Tunnel allows secure connections to the Horizon pools while adhering to the access policies set by the organization. Options A and D do not specifically address the requirement for a secure connection through the VMware Tunnel, and option B relates to SAML authentication rather than the connection method needed in this context.