2V0-622 · Question #20
Which two advanced features should be disabled for virtual machines that are only hosted on a vSphere system? (Choose two.)
The correct answer is A. isolation.tools.unity.push.update.disable B. isolation.tools.ghi.launchmenu.change. Unity mode and GHI launch menu features are VMware desktop-product capabilities that serve no purpose in a vSphere-only environment and should be disabled to reduce the VM attack surface.
Question
Which two advanced features should be disabled for virtual machines that are only hosted on a vSphere system? (Choose two.)
Options
- Aisolation.tools.unity.push.update.disable
- Bisolation.tools.ghi.launchmenu.change
- Cisolation.tools.bbs.disable
- Disolation.tools.hgfsServerSet.enable
How the community answered
(49 responses)- A59% (29)
- C29% (14)
- D12% (6)
Why each option
Unity mode and GHI launch menu features are VMware desktop-product capabilities that serve no purpose in a vSphere-only environment and should be disabled to reduce the VM attack surface.
The isolation.tools.unity.push.update.disable parameter controls Unity mode, a seamless-window feature designed for VMware Workstation and Fusion; it has no functional value on vSphere and exposing it unnecessarily increases the guest-to-host communication surface.
The isolation.tools.ghi.launchmenu.change parameter controls Guest Host Integration launch menu functionality, another VMware desktop-oriented feature not applicable to vSphere; disabling it prevents guests from manipulating host-side menu behavior.
isolation.tools.bbs.disable relates to the BIOS Boot Screen and is not a desktop-specific feature requiring disablement in vSphere-only environments under standard hardening guidance.
isolation.tools.hgfsServerSet.enable controls the HGFS (Host Guest File System) server and, while it may warrant disabling for other security reasons, it is not categorized in the VMware hardening guide as a desktop-only feature irrelevant to vSphere-only deployments.
Concept tested: VMware VM advanced parameter hardening for vSphere-only deployments
Source: https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/vmware-vsphere-security-hardening-guide.pdf
Topics
Community Discussion
No community discussion yet for this question.