Home » VMware » VCP550D » What should the administrator do?
A vSphere administrator has created a vSphere Standard Switch with one virtual machine port group and one physical uplink. The administrator needs to ensure that the virtual machines on this port group can communicate only with each other.
What should the administrator do?
A. Remove the physical uplink from the vSphere Standard Switch
B. Create a Private VLAN and apply it to the virtual machine port group on the vSphere Standard Switch
C. Enable Port Security on the vSphere Standard Switch
D. Enable the Fenced setting on the virtual machine port group
Correct Answer: A
Explanation/Reference:
Explanation:
Uplink adapters represent the physical NICs that connect the ESXi host to the network. Removing the uplink adapter from the vSphere Standard Switch will prevent the virtual machine port group from accessing the external network, but will allow for the virtual machines on this port group to communicate with each other only.
Incorrect Answers:
B: The private VLAN concept is available in all the latest physical switches and also in vSphere Distributed Switch.
C: You can set a security policy on a distributed port to override the policy set for the distributed switch, not a vSphere Standard Switch.
D: The Fenced setting is used for vApp networks. It will not solve the problem in this case.
References:
http://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vcli.examples.doc%2Fcli_manage_networks.11.5.html
http://pubs.vmware.com/vsphere-51/index.jsp#com.vmware.vsphere.networking.doc/GUID-53E17510-1A56-45C3-86EE-0359B95A1204.html