3V0-21.23日本語問題集 & 3V0-21.23最速合格弊社のソフトを利用して、あなたはVMwareの3V0-21.23試験に合格するのが難しくないことを見つけられます。Japancertの提供する資料と解答を通して、あなたはVMwareの3V0-21.23試験に合格するコツを勉強することができます。あなたに安心でソフトを買わせるために、あなたは無料でVMwareの3V0-21.23ソフトのデモをダウンロードすることができます。 VMware vSphere 8.x Advanced Design 認定 3V0-21.23 試験問題 (Q46-Q51):質問 # 46
Following a review of security requirements, an architect has confirmed the following requirements:
REQ001- A clustered firewall solution must be placed at the perimeter of the hosting platform, and all ingress and egress network traffic will route via this device.
REQ002- A distributed firewall solution must secure traffic for all virtualized workloads.
REQ003- All virtualized workload, hypervisor, firewall and any management component system events must be monitored by security administrators.
REQ004- The hosting platforms security information and event management (SIEM) system must be scalable to 20,000 events per second.
REQ005- The hosting platforms storage must be configured with data-at-rest encryption.
REQ006- The hosting platform limits access to authorized users.
Which three requirements would be classified as technical (formerly non-functional) requirements? (Choose three.)
A. The hosting platforms storage must be configured with data-at-rest encryption.
B. A distributed firewall solution must secure traffic for all virtualized workloads.
C. The hosting platforms security information and event management (SIEM) system must be scalable to
20,000 events per second.
D. The hosting platform limits access to authorized users.
E. All virtualized workload, hypervisor, firewall and any management component system events must be monitored by security administrators.
F. A clustered firewall solution must be placed at the perimeter of the hosting platform, and all ingress and egress network traffic will route via this device.
正解:A、C、F
解説:
A clustered firewall solution must be placed at the perimeter of the hosting platform, and all ingress and egress network traffic will route via this device:
This is a technical requirement because it specifies how network traffic is to be managed through a specific infrastructure element (the firewall). It outlines how the security device is implemented in the network architecture.
The hosting platform's security information and event management (SIEM) system must be scalable to 20,000 events per second:
This is a technical requirement because it deals with the scalability and performance of the SIEM system. It specifies how the system must handle a large volume of data, which is a technical characteristic of the infrastructure.
The hosting platform's storage must be configured with data-at-rest encryption:
This is also a technical requirement because it defines how the data should be stored securely, which is an implementation detail. It specifies that encryption needs to be applied to stored data, a feature related to storage infrastructure.
質問 # 47
A Cloud Service Provider wants to introduce backup as a service for a customer's vSphere-based virtual machines.
The following information is noted:
- They have a single four-port (2 × 10 GbE and 2 × 1 GbE) NIC per ESXi host
- All top-of-rack (ToR) switches are 10 GbE and fully populated
- The backup traffic must not impact existing services.
Which two recommendations should the architect make to help the customer incorporate the service?
(Choose two.)
A. Create a new virtual switch using the 1 GbE uplinks
B. Match the Class of Service (CoS) and Differentiated Services Code Point (DSCP) values to the physical network
C. Enable and tag traffic on the backup distributed port group
D. Replace the existing NIC with a two-port 25 GbE NIC per ESXi host
E. Add a new two-port 10 GbE NIC per ESXi host
正解:B、C
質問 # 48
An architect is designing the implementation of the VMware Validated Solutions in an existing VMware Cloud Foundation environment.
The design must meet the following requirements:
Must provide logical networks that can span physical network boundaries and locations Must use automatic Border Gateway Protocol (BGP) configuration for Top-of-Rack (ToR) switches What should the architect recommend based on these requirements?
A. A dedicated distributed virtual switch and dedicated port groups
B. VLAN-backed NSX segments
C. Overlay-backed NSX segments
D. A dedicated NSX segment configured manually
正解:C
解説:
The architect should recommend overlay-backed NSX segments to meet the design requirements. These segments can span across physical network boundaries and locations, which is essential for the design.
Additionally, NSX supports automatic BGP configuration for Top-of-Rack (ToR) switches, providing the required dynamic routing between the physical and virtual networks. This solution offers the scalability and flexibility needed for the multi-location environment described in the requirements.
質問 # 49
An architect is reviewing the information gathered from an initial requirements gathering workshop.
The following requirements have been identified:
REQ001 - The architecture must support tracking of administrative logons and actions.
REQ002 - The architecture must support class three (three nines or 99.9%) system availability.
REQ003 - The architecture must report on system usage in terms of CPU, memory, storage and network.
REQ004 - The architecture must provide for system recovery point objective (RPO) of two hours.
REQ005 - The architecture must provide access to a precision time protocol (PTP) for time synchronization.
Which two of the listed requirements would be classified as business (formerly functional) requirements?
(Choose two.)
A. The architecture must report on system usage in terms of CPU, memory, storage and network.
B. The architecture must provide access to a precision time protocol (PTP) for time synchronization.
C. The architecture must support class three (Three nines or 99.9%) system availability.
D. The architecture must provide for system recovery point objective (RPO) of two hours.
E. The architecture must support tracking of administrative logons and actions.
正解:C、D
解説:
The architecture must support class three (three nines or 99.9%) system availability.
This requirement focuses on the availability of the system, which is a business goal related to ensuring that the system is operational for a specified percentage of time (99.9% uptime). It is a high-level operational requirement that is tied to business continuity and meeting customer service expectations.
The architecture must provide for system recovery point objective (RPO) of two hours.
The RPO is a business requirement related to disaster recovery. It specifies how much data loss is acceptable in the event of a failure. This requirement ensures that business processes are protected by minimizing the potential impact of data loss, making it a key business consideration.
質問 # 50
A customer requests a review of its current vSphere platform design.
The following information is noted:
There are three different workload profiles for the virtual machines:
- Tier-1 virtual machines operate resource-intensive applications and require dedicated allocations for CPU and RAM.
- Tier-2 virtual machines operate internet-facing applications and require access to externally facing networks.
- Tier-3 virtual machines operate platform management tools such as vCenter Server and have different lifecycle management requirements.
- Tier-1, Tier-2 and Tier-3 virtual machines are all hosted on a single large vSphere cluster.
- The Chief Information Security Officer (CISO) has raised concerns that hosting externally facing applications alongside management tools does not meet internal compliance standards.
- The Operations team has raised concerns about Tier-1 virtual machines negatively impacting the performance of vCenter Server.
- The Operations lead has stated that management changes have consistently been rejected by application teams.
As a result of the review, which recommendation should the architect make regarding the design of this platform?
A. Separate Tier-1, Tier-2 and Tier-3 virtual machines using resource pools and shares
B. Separate Tier-1, Tier-2 and Tier-3 virtual machines using dedicated distributed virtual switches (DVS)
C. Separate Tier-1, Tier-2 and Tier-3 virtual machines onto dedicated clusters
D. Separate Tier-2 virtual machines onto a dedicated cluster
