Exam 2V0-21.23 Topic 1 Question 79 Discussion
Actual exam question for VMware's 2V0-21.23 exam
Question #: 79
Topic #: 1
Question #: 79
Topic #: 1
An administrator is tasked with configuring certificates for a VMware software-defined data center (SDDC) based on the following requirements:
* All certificates should use certificates trusted by the Enterprise Certificate Authority (CA).
* The solution should minimize the ongoing management overhead of replacing certificates.
Which three actions should the administrator take to ensure that the solution meets corporate policy? (Choose three.)
* All certificates should use certificates trusted by the Enterprise Certificate Authority (CA).
* The solution should minimize the ongoing management overhead of replacing certificates.
Which three actions should the administrator take to ensure that the solution meets corporate policy? (Choose three.)
Suggested Answer: B,D,E Vote an answer
Explanation
Option B, D and E are correct because they allow the administrator to replace the machine SSL certificates, the VMware Certificate Authority (VMCA) certificate and the solution user certificates with custom certificates generated from the Enterprise CA, which will ensure that all certificates are trusted by the Enterprise CA and minimize the ongoing management overhead of replacing certificates. Option A is incorrect because replacing the VMCA certificate with a self-signed certificate generated from the VMCA will not ensure that the certificate is trusted by the Enterprise CA. Option C is incorrect because replacing the machine SSL certificates with trusted certificates generated from the VMCA will not ensure that the certificates are trusted by the Enterprise CA. Option F is incorrect because replacing the solution user certificates with trusted certificates generated from the VMCA will not ensure that the certificates are trusted by the Enterprise CA.
References:
https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-A2A4371A-B888-4
Option B, D and E are correct because they allow the administrator to replace the machine SSL certificates, the VMware Certificate Authority (VMCA) certificate and the solution user certificates with custom certificates generated from the Enterprise CA, which will ensure that all certificates are trusted by the Enterprise CA and minimize the ongoing management overhead of replacing certificates. Option A is incorrect because replacing the VMCA certificate with a self-signed certificate generated from the VMCA will not ensure that the certificate is trusted by the Enterprise CA. Option C is incorrect because replacing the machine SSL certificates with trusted certificates generated from the VMCA will not ensure that the certificates are trusted by the Enterprise CA. Option F is incorrect because replacing the solution user certificates with trusted certificates generated from the VMCA will not ensure that the certificates are trusted by the Enterprise CA.
References:
https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-A2A4371A-B888-4
by Philipppa at Aug 13, 2025, 12:38 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).