ExamGecko
Search Search Login
Home Home / VMware / 5V0-35.21
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which option should an administrator select to achieve the lowest cost in Workload Optimization?
What should be defined to ensure that group members can access vRealize Operations objects when importing a group from Active Directory into vRealize Operations?
An administrator has an existing vRealize Operations instance that monitors an existing vSphere infrastructure. The company has just deployed NSX-T across all hosts managed within this vSphere infrastructure. The administrator has been asked to configure vRealize Operations to monitor the new NSX-T installation. Which action should the administrator take to accomplish this goal?
What is used to monitor third-party solutions from vRealize Operations?
A customer is in the process of creating a Custom Dashboard and has added the following widgets: The customer's requirements are given below: Refer to the exhibit: Which Points in these widgets should be connected to satisfy this requirement?
What are the two required components of an alert definition? (Choose two.)
A customer is planning to setup a new vRealize Operations environment using the following infrastructure: There is one physical location. This location has a few vCenter Servers. These vCenter Servers will be monitored through vRealize Operations. The customer wants to tolerate only one vRealize Operations node failure without losing any data in this vRealize Operations cluster. Which vRealize Operations cluster feature must be used for this requirement?
A company is consuming services from multiple public clouds, and the administrator has been asked to configure vRealize Operations Manager to monitor all supported environments. Which two Cloud Accounts may be used? (Choose two.)
What is the default cost calculation interval?
An administrator discovered a problem in the virtual infrastructure and obtained instructions that would resolve the triggered alert. Which alert component was used by the administrator?

Question 42 - 5V0-35.21 discussion

Report
Export

An administrator deployed vRealize Operations and has been tasked with ensuring that the VMware SDDC remains compliant to the VMware vSphere Security Configuration Guide. The compliance benchmark is showing that the VMware SDDC is not completely compliant to the standards.

Which three symptoms could have triggered a compliance alert? (Choose three.)

A.
The lockdown mode on a vSphere ESXi host is set to Disabled.
Answers
A.
The lockdown mode on a vSphere ESXi host is set to Disabled.
B.
Transparent Page Sharing is Disabled on a virtual machine.
Answers
B.
Transparent Page Sharing is Disabled on a virtual machine.
C.
The SNMP service on a vSphere ESXi host is set to Disabled.
Answers
C.
The SNMP service on a vSphere ESXi host is set to Disabled.
D.
The Enable 3D Support setting for the Virtual Machine is set to FALSE.
Answers
D.
The Enable 3D Support setting for the Virtual Machine is set to FALSE.
E.
The Disable console copy operation for a Virtual Machine is set to FALSE.
Answers
E.
The Disable console copy operation for a Virtual Machine is set to FALSE.
F.
The Forged Transmit policy is set to allow on a Distributed Port Group.
Answers
F.
The Forged Transmit policy is set to allow on a Distributed Port Group.
Suggested answer: A, E, F

Explanation:

A compliance alert is an alert that indicates that an object in the environment is not compliant with a predefined or custom compliance standard. A compliance standard is a collection of compliance alerts that are based on a specific security or regulatory guideline, such as the VMware vSphere Security Configuration Guide.A compliance alert is triggered when one or more symptoms that represent the compliance rules are violated by the object12.

The VMware vSphere Security Configuration Guide is a document that provides prescriptive guidance and best practices for securing vSphere components, such as ESXi hosts, virtual machines, vCenter Server, and vSphere networking.The guide defines several security configuration baselines for different vSphere versions and environments, and provides recommendations and procedures for applying the security settings34.

The following symptoms could have triggered a compliance alert based on the VMware vSphere Security Configuration Guide:

The lockdown mode on a vSphere ESXi host is set to Disabled. Lockdown mode is a feature that restricts the access to an ESXi host to prevent unauthorized or accidental changes to the host configuration.The guide recommends enabling lockdown mode on all ESXi hosts to enhance the security and reduce the attack surface of the hosts5.

The Disable console copy operation for a Virtual Machine is set to FALSE. This setting controls whether the copy and paste operations are allowed between the virtual machine console and the remote console. The guide recommends disabling the console copy operation for all virtual machines to prevent the leakage of sensitive data or the introduction of malicious code .

The Forged Transmit policy is set to allow on a Distributed Port Group. This policy determines how the virtual switch handles outbound frames that have a source MAC address that is different from the one that is configured on the virtual adapter. The guide recommends setting the Forged Transmit policy to reject on all Distributed Port Groups to prevent MAC address spoofing attacks .

The other options are not symptoms that could have triggered a compliance alert based on the VMware vSphere Security Configuration Guide. Transparent Page Sharing is a memory management technique that allows the hypervisor to identify and eliminate redundant memory pages across multiple virtual machines. The guide does not provide any recommendation on the Transparent Page Sharing setting for virtual machines, as it depends on the security and performance requirements of the environment . The SNMP service is a protocol that enables the monitoring and management of network devices. The guide does not provide any recommendation on the SNMP service setting for ESXi hosts, as it depends on the monitoring and management needs of the environment . The Enable 3D Support setting is a feature that allows the virtual machine to use the hardware-accelerated graphics capabilities of the ESXi host. The guide does not provide any recommendation on the Enable 3D Support setting for virtual machines, as it depends on the application and user experience requirements of the environment .

References:

1:Compliance Alerts - VMware Docs2:Compliance Benchmarks - VMware Docs3:VMware vSphere Security Configuration Guide4:VMware vSphere Security Configuration Guide - VMware Docs5:Lockdown Mode - VMware Docs: [Enable or Disable Lockdown Mode on an ESXi Host - VMware Docs] : [Disable Copy and Paste Operations Between the Guest Operating System and Remote Console - VMware Docs] : [Disable Copy and Paste Operations Between the Guest Operating System and Remote Console - VMware Docs] : [Security Policies for Virtual Switches - VMware Docs] : [Configure Security Policies for a Distributed Port Group - VMware Docs] : [Transparent Page Sharing - VMware Docs] : [Transparent Page Sharing - VMware Docs] : [SNMP Agent - VMware Docs] : [Configure SNMP for ESXi - VMware Docs] : [Hardware-Accelerated 3D Graphics - VMware Docs] : [Enable 3D Support for a Virtual Machine - VMware Docs] : [vRealize Operations Manager User Guide] : [vRealize Operations Manager Installation and Configuration Guide] : [vRealize Operations Manager Concepts Guide] : [vRealize Operations Manager Administration Guide] : [vRealize Operations Manager Customization and Extensibility Guide] : [vRealize Operations Manager Troubleshooting Guide] : [vRealize Operations Manager API Programming Guide] : [vRealize Operations Manager Certification Exam Guide]

Show Answer
asked 16/09/2024
Emily Luijten
46 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms