ExamGecko
Search Search Login
Home Home / VMware / 5V0-31.22
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An architect needs to create a VMware Cloud Foundation (VCF) VI Workload Domain design with these requirements: * Design blueprint needs to be repeatable for additional regions * Multiple availability zones * Seven nodes per availability zone to host the workloads * vSAN storage will be used What is the maximum accepted latency supported by vSAN between the two availability zones'?
Which type of storage entity is used as the backing disks for persistent volumes in vSphere with Tanzu?
An architect is designing overlay networking and routing for two VMware Cloud Foundation VI workload domains The following requirements must be met in the design: * NSX-T Bare Metal Edge nodes are required to satisfy a requirement for extremely low latency. * The costs must be kept to a minimum. Which design meets these customer requirements?
A vSphere administrator is tasked with enabling Workload Management on a VMware Cloud Foundation Workload Domain. Which three components are configured as part of the Supervisor Cluster control plane after this task is completed? (Choose three.)
What is the correct upgrade order for VMware Cloud Foundation (VCF) components for a VI workload domain with a stretched vSAN cluster?
An architect is designing networking for a developer-ready infrastructure on VMware Cloud Foundation. During the discussion with the network team, a question comes up about the use of a routable CIDR range. Which item uses this type of range?
An administrator is tasked with creating a new VMware Cloud Foundation VI Workload Domain. Which statement is correct when commissioning new ESXi hosts to the SDDC Manager inventory?
An administrator is tasked with deploying a new VI Workload Domain with VMFS on FC storage. Which type of network pool must the hosts be associated with while adding them to VCF inventory?
Which vSphere Lifecycle Manager (LCM) function is supported in VMware Cloud Foundation (VCF)?
An administrator is tasked with deploying an additional cluster within VI Workload Domain which has been created with vSAN as a principal storage Which types of principal storage may the administrator configure during this process?

Question 62 - 5V0-31.22 discussion

Report
Export

The architect of a multi-site VMware Cloud Foundation solution is tasked with ensuring that the prerequisites for vSAN data at rest encryption have been achieved. The existing design calls for use of the vSphere Native Key Provider. NSX-T is configured with Federation, and both sites benefit from a stretched TO and T1 network topology.

A new security policy requires the use of vSphere Virtual Machine encryption, in addition to the at-rest encryption already configured. During a failover test from Site-A to Site-B using Site Recovery Manager, the virtual machines were unable to power-on.

How does the design need to be changed to support the new requirement?

A.
Use a third-party KMS solution that allows for key replication.
Answers
A.
Use a third-party KMS solution that allows for key replication.
B.
Use a third-party KMS solution at each site.
Answers
B.
Use a third-party KMS solution at each site.
C.
Ensure that a TPM 2.0 certified module is installed on all ESXi hosts at Site-B.
Answers
C.
Ensure that a TPM 2.0 certified module is installed on all ESXi hosts at Site-B.
D.
Ensure that the Site Recovery Manager service account has Cryptographer ReadKeyServerslnfo privileges.
Answers
D.
Ensure that the Site Recovery Manager service account has Cryptographer ReadKeyServerslnfo privileges.
Suggested answer: A

Explanation:

This is because according to VMware documentation1, vSphere Native Key Provider (NKP) is a simple key management solution that does not support key replication across sites or clusters.It also does not support vSphere Virtual Machine encryption which requires a third-party KMS solution2. Therefore, to enable both vSAN data at rest encryption and vSphere Virtual Machine encryption in a multi-site VCF solution, you need to use a third-party KMS solution that allows for key replication across sites.

https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-54B9FBA2-FDB1-400B-A6AE-81BF3AC9DF97.html

Show Answer
asked 16/09/2024
Ages Handriyanto
33 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms