Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Vmware Discussions
exam questions

Exam 2V0-21.23 All Questions

View all questions & answers for the 2V0-21.23 exam
Go to Exam

Exam 2V0-21.23 topic 1 question 104 discussion

Actual exam question from VMware's 2V0-21.23
Question #: 104
Topic #: 1
[All 2V0-21.23 Questions]

An administrator is tasked with configuring certificates for a VMware software-defined data center (SDDC) based on the following requirements:

• The solution should minimize the ongoing management overhead of replacing certificates.
• No intermediate certificate authorities are allowed in the certificate chain.
• All external traffic should be secured using certificates signed by an Enterprise Certificate Authority (CA).

Which two actions should the administrator take to ensure the solution meets corporate policy? (Choose two.)

  • A. Replace the solution user certificates with custom certificates generated from the Enterprise CA.
  • B. Replace the machine SSL certificates with custom certificates generated from the Enterprise CA.
  • C. Replace the machine SSL certificates with self-signed certificates generated from the VMware Certificate Authority (VMCA).
  • D. Replace the VMware Certificate Authority (VMCA) certificate with a custom certificate gen-erated from the Enterprise CA.
  • E. Replace the solution user certificates with self-signed certificates generated from the VMware Certificate Authority (VMCA).
Show Suggested Answer Hide Answer
Suggested Answer: AB 🗳️
by carlosj1088 at Nov. 5, 2024, 7:55 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
carlosj1088
2 weeks, 4 days ago
Selected Answer: BE
The correct answers are B and E because: B. Replace the machine SSL certificates with custom certificates generated from the Enterprise CA. This ensures that all external traffic is secured using certificates signed by the Enterprise Certificate Authority, fulfilling the third requirement. E. Replace the solution user certificates with self-signed certificates generated from the VMware Certificate Authority (VMCA). This minimizes the ongoing management overhead of replacing certificates because the VMCA automatically manages internal certificates, satisfying the first requirement. Additionally, since no intermediate certificate authorities are allowed in the certificate chain (second requirement), it is not appropriate to use the VMCA as an intermediate CA or replace its root certificate. Therefore, options B and E meet all the stated requirements.
upvoted 1 times
PCG1
2 weeks, 2 days ago
You forgot the requirement about any external traffic: solution certificates should definitely not be self signed / VMCA-signed ones, so the correct answer is AB.
upvoted 1 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel