To study for VMware HCI Master Specialist Exam | vSAN认证考试题目学习
64. Due to an update in their security requirements, an organization is no longer compliant because the metadata traffic between hosts in their vSAN cluster is not being encrypted.
Which step must be taken by the administrator to meet the new security requirements?
- A. Enable vMotion encryption on the vSAN cluster.
- B. Enable virtual machine encryption on the vSAN cluster.
- C. Enable Data-At-Rest Encryption on the vSAN cluster.
- D. Enable Data-In-Transit Encryption on the vSAN cluster.
Explaination:
To meet the new security requirements that focus on encrypting metadata traffic between hosts in a vSAN cluster, the appropriate action would be:
- D. Enable Data-In-Transit Encryption on the vSAN cluster.
Data-In-Transit Encryption specifically addresses the security of data as it moves across the network. This is relevant for the scenario described, as it involves securing metadata traffic between hosts. This encryption ensures that any data moving within the vSAN cluster is encrypted, thereby preventing unauthorized access or interception during transmission.
Other options like vMotion encryption, virtual machine encryption, and Data-At-Rest Encryption address different aspects of security and would not be directly effective in securing the metadata traffic between hosts in the vSAN cluster.
64.由于安全要求的更新,一个组织不再符合要求,因为他们的vSAN集群中主机之间的元数据流量没有被加密。
为了满足新的安全要求,管理员必须采取哪一步?
- A. 在vSAN集群上启用vMotion加密。
- B. 在vSAN集群上启用虚拟机加密。
- C. 在vSAN集群上启用静态数据加密。
- D. 在vSAN集群上启用数据传输中加密。
解释:
为了满足专注于加密vSAN集群中主机之间元数据流量的新安全要求,适当的行动应该是:
D. 在vSAN集群上启用数据传输中加密。
数据传输中加密专门针对网络中数据移动的安全性。这对于所描述的场景是相关的,因为它涉及保护主机之间的元数据流量。这种加密确保vSAN集群内移动的任何数据都被加密,从而在传输过程中防止未授权访问或截获。
其他选项,如vMotion加密、虚拟机加密和静态数据加密,针对安全的不同方面,对于保护vSAN集群中主机之间的元数据流量并不直接有效。
