There is a request for approved virtual machine applications through a new vSphere platform’s integrated automation portal. The platform was built following all provided company security guidelines and has been assessed against Sarbanes-Oxley Act of 2002 (SOX) regulations.
The platform has the following characteristics: vRealize Operations is being used to monitor all clusters.
There is a dedicated ESXi cluster, supporting all management services.
– All network traffic is via distributed virtual switches (DVS).
There is a dedicated ESXi cluster for all line-of-business applications.
– Network traffic is serviced by NSX-T.
There is a dedicated ESXi cluster for virtual desktop infrastructure (VDI).
– Network traffic is serviced by NSX-T.
The application owner is requesting approval to install a new service that must be protected as per the Payment Card Industry (PCI) Data Security Standard.
Which additional non-functional requirement should the architect include in the design to support the new service?
A. The vSphere hosting platform and all PCI application virtual machines must be assessed against Payment Card Industry (PCI) Data Security Standard compliance.
B. The vSphere hosting platform and all PCI application virtual machines must be assessed for SOX compliance.
C. The vSphere hosting platform and all PCI application virtual machine network traffic must be routed via NSX-T.
D. The vSphere hosting platform and all PCI application virtual machines must be monitored using the vRealize Operations Compliance Pack for Payment Card Industry.
