2V0-621 Question #22: Real Exam Question with Answer & Explanation

The correct answer is A. Disable hardware devices B. Disable unexposed features. VMware's official VM security hardening guidance is organized into two primary categories: (A) Disabling unnecessary hardware devices - such as serial ports, parallel ports, floppy drives, and USB controllers - reduces the number of physical attack vectors a guest OS or attacker

Section 1 – Configure and Administer vSphere 6.x Security

Question

Which two groups of settings should be reviewed when attempting to increase the security of virtual machines (VMs)? (Choose two.)

Options

ADisable hardware devices
BDisable unexposed features
CDisable VMtools devices
DDisable VM Template features

Explanation

VMware's official VM security hardening guidance is organized into two primary categories: (A) Disabling unnecessary hardware devices - such as serial ports, parallel ports, floppy drives, and USB controllers - reduces the number of physical attack vectors a guest OS or attacker could exploit. (B) Disabling unexposed features - VMware VMs have hidden or low-level inter-process communication channels and informational features (e.g., HGFS, VIX messaging, guest info gathering) that are not exposed in the UI but can be leveraged in attack scenarios; these should be explicitly disabled in the VMX configuration. Choices C ('VMtools devices') and D ('VM Template features') are not recognized groupings in VMware's hardening framework and are distractors.

Topics

#VM hardening#hardware devices#unexposed features#VM security

Community Discussion

No community discussion yet for this question.

Full 2V0-621 Practice