ExamTopics Logo
Mail Us[email protected]
Menu
Vmware Discussions
exam questions

Exam 5V0-21.19 All Questions

View all questions & answers for the 5V0-21.19 exam
Go to Exam

Exam 5V0-21.19 topic 1 question 11 discussion

Actual exam question from VMware's 5V0-21.19
Question #: 11
Topic #: 1
[All 5V0-21.19 Questions]

An organization is no longer compliant with security requirements because a vSphere administrator disabled encryption on a vSAN cluster.
Which vCenter Server role ensures only authorized vSphere administrators have access to encryption functionality?

  • A. Administrator
  • B. Read-only
  • C. No cryptography administrator
  • D. No access
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
Reference:
https://docs.vmware.com/en/VMware-vSphere/6.5/com.vmware.vsphere.security.doc/GUID-6C181D08-6650-4AD1-92D1-AAFDA3A3E38C.html
by jasonv at July 23, 2020, 8:53 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Lazylinux
3 years, 6 months ago
Agree with Diegof1 explanation and Answer is A..the Key to the question is "Have Access to Encryption" and hence cannot be C
upvoted 2 times
...
HRC
3 years, 8 months ago
Agree with DenZn and DSA. Answer should be A. Reason for not opting C is that 'no Cryptography Administrator' is not permitted to Encryption operations.
upvoted 1 times
...
vJoeyB
4 years, 1 month ago
C is right - the question asks which role ensures only authorized admins have access to encrypt. If you assign everyone the admin role, this does not ensure that only authorized admins have access to encrypt. If you leverage the no cryptography admin role, then you are ensuring that only authorized admins have access to encrypt.
upvoted 2 times
...
Stekman
4 years, 5 months ago
I think the answer is C. The existing of this role allow you to have administrators with no encryption rights. If this role did not exists every administrator has the capability.
upvoted 1 times
...
diegof1
4 years, 6 months ago
C is wrong: Users with the No cryptography administrator role for an object have the same privileges as users with the Administrator role, except for Cryptographic operations privileges. This role allows administrators to designate other administrators that cannot encrypt or decrypt virtual machines or access encrypted data, but that can perform all other administrative tasks. On the other hand, Only administrators with encryption privileges can perform encryption and decryption tasks. I think the correct answer is A.
upvoted 2 times
...
alsmk2
4 years, 10 months ago
This is a really badly worded question - could be either A or C depending on how you read it. I'd side with C as that would prevent access to encryption functionality, and it's fairly new, so would make sense that they would ask about it.
upvoted 1 times
DSA
4 years, 7 months ago
Yeah, it is a little bit confusing. BUT: If the wording is 1:1 exact, then it is A. => "Which role >ensures< ... >have access to encryption<"
upvoted 4 times
...
...
DenZn
4 years, 11 months ago
The correct anwer should be A https://storagehub.vmware.com/t/vsan-6-7-update-1-technical-overview/role-based-access-control-4/ vSphere 6.5 introduced the No Cryptography Administrator role along with the introduction of VM Encryption. This role is very similar to the normal administrator with many of the same privileges. Operations such as power on or off a virtual machine, boot, shutdown, vMotion, as well as normal vSAN management may be performed. However, this role is not allowed to perform any cryptographic operations.
upvoted 4 times
...
jasonv
4 years, 11 months ago
C is correct, its a new role.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel