Free Preparation Discussions
MENU
VMware 2V0-13.24 Exam - Topic 2 Question 3 Discussion
Topic #: 2
A VMware Cloud Foundation (VCF) platform has been commissioned, and lines of business are requesting approved virtual machine applications via the platform's integrated automation portal. The platform was built following all provided company security guidelines and has been assessed against Sarbanes-Oxley Act of 2002 (SOX) regulations. The platform has the following characteristics:
One Management Domain with a single cluster, supporting all management services with all network traffic handled by a single Distributed Virtual Switch (DVS).
A dedicated VI Workload Domain with a single cluster for all line of business applications.
A dedicated VI Workload Domain with a single cluster for Virtual Desktop Infrastructure (VDI).
Aria Operations is being used to monitor all clusters.
VI Workload Domains are using a shared NSX instance.
An application owner has asked for approval to install a new service that must be protected as per the Payment Card Industry (PCI) Data Security Standard, which is going to be verified by a third-party organization. To support the new service, which additional non-functional requirement should be added to the design?
In VMware Cloud Foundation (VCF) 5.2, non-functional requirements define how the system operates (e.g., security, performance), not what it does. The new service must comply with PCI DSS, a standard for protecting cardholder data, and the design must reflect this. The platform is already SOX-compliant, and the question seeks an additional non-functional requirement to support PCI compliance. Let's evaluate:
Option A: The VCF platform and all PCI application virtual machines must be monitored using the Aria Operations Compliance Pack for Payment Card Industry
This is correct. PCI DSS requires continuous monitoring and auditing (e.g., Requirement 10). The Aria Operations Compliance Pack for PCI provides pre-configured dashboards, alerts, and reports tailored to PCI DSS, ensuring the VCF platform and PCI VMs meet these standards. This is a non-functional requirement (monitoring quality), leverages existing Aria Operations, and directly supports the new service's compliance needs, making it the best addition.
Option B: The VCF platform and all PCI application virtual machines must be assessed for SOX compliance
This is incorrect. The platform is already SOX-compliant, as stated. SOX (financial reporting) and PCI DSS (cardholder data) are distinct standards. Reassessing for SOX doesn't address the new service's PCI requirement and adds no value to the design for this purpose.
Option C: The VCF platform and all PCI application virtual machine network traffic must be routed via NSX
This is incorrect as a new requirement. The VI Workload Domains already use a shared NSX instance, implying NSX handles network traffic (e.g., overlay, security policies). PCI DSS requires network segmentation (Requirement 1), which NSX already supports. Adding this as a ''new'' requirement is redundant since it's an existing characteristic, not an additional need.
Option D: The VCF platform and all PCI application virtual machines must be assessed against Payment Card Industry Data Security Standard (PCI DSS) compliance
This is a strong contender but incorrect as a non-functional requirement. Assessing against PCI DSS is a process or action, not a quality of the system's operation. Non-functional requirements specify ongoing attributes (e.g., ''must be secure,'' ''must be monitored''), not one-time assessments. While PCI compliance is the goal, this option is more a project mandate than a design quality.
Conclusion:
The additional non-functional requirement to support the new PCI-compliant service is A: monitoring via the Aria Operations Compliance Pack for PCI. This ensures ongoing compliance with PCI DSS monitoring requirements, integrates with the existing VCF design, and qualifies as a non-functional attribute in VCF 5.2.
VMware Cloud Foundation 5.2 Architecture and Deployment Guide (Section: Aria Operations Compliance Packs)
VMware Aria Operations 8.10 Documentation (integrated in VCF 5.2): PCI Compliance Pack
PCI DSS 3.2.1 (Requirements 1, 10: Network Segmentation and Monitoring
Winfred
2 months agoMerilyn
2 months agoPaulina
3 months agoBrett
3 months agoMichell
3 months agoDean
3 months agoWillow
4 months agoFairy
4 months agoLenna
4 months agoEarleen
4 months agoZack
4 months agoParis
5 months agoArlie
5 months agoAnisha
11 months agoRashida
10 months agoClarence
10 months agoArlene
10 months agoJoye
11 months agoGracia
11 months agoReita
11 months agoRyan
10 months agoColton
11 months agoElli
11 months agoJaleesa
11 months agoWillard
11 months agoSolange
11 months agoAnnmarie
11 months agoNieves
11 months agoFernanda
12 months agoDorthy
12 months ago