ExamTopics Logo
Mail Us[email protected]
Menu
Vmware Discussions
exam questions

Exam 3V0-21.23 All Questions

View all questions & answers for the 3V0-21.23 exam
Go to Exam

Exam 3V0-21.23 topic 1 question 26 discussion

Actual exam question from VMware's 3V0-21.23
Question #: 26
Topic #: 1
[All 3V0-21.23 Questions]

An architect is reviewing the security and compliance requirements for a new application that will be hosted on a vSphere 8 environment.
The following information has been noted about the new application:
The application stores and processes confidential data
The supporting virtual infrastructure is shared with other departments
No other application stores or processes confidential data
The application virtual machines must be able to run on any ESXi host in the cluster
The storage layer is a iSCSI attached SAN
Data at Rest Encryption is in place for each presented LUN validated to FIPS 140-2
No budget is available for additional infrastructure components or software
Application data must not be accessible outside of the application's virtual machines
The architect has been tasked with providing a secure virtual machine design to host the application.
Which three design elements must the architect include to meet the requirements? (Choose three.)

  • A. Virtual Machine Encryption
  • B. The vSphere Native Key Provider
  • C. A new encrypted iSCSI LUN
  • D. External Key Management Service (KMS) provider
  • E. A new local VMFS volume
  • F. VMware vSAN
Show Suggested Answer Hide Answer
Suggested Answer: ABD 🗳️
by wildcatwonder2025 at March 25, 2025, 11:44 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Mario2020
2 weeks, 3 days ago
Selected Answer: ABC
In vSphere 7.0 Update 2 and later, you can use the built-in vSphere Native Key Provider to enable encryption technologies, such as virtual TPMs. vSphere Native Key Provider is included in all vSphere editions and does not require an external key server (also called KMS). You can also use vSphere Native Key Provider for vSphere Virtual Machine Encryption, but you must purchase the VMware vSphere Enterprise Plus Edition . vSphere Virtual Machine Encryption works with any supported storage type (NFS, iSCSI, Fibre Channel, direct-attached storage, and so on), including VMware vSAN.
upvoted 2 times
...
Scaary
2 weeks, 3 days ago
Selected Answer: ABC
we don't need external KMS and no local VMFS either
upvoted 1 times
...
ComeEnanas
1 month, 1 week ago
Selected Answer: ABE
there's no budget for an external component
upvoted 1 times
...
wildcatwonder2025
1 month, 1 week ago
Selected Answer: ABD
Seems to be the correct answer.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago