A security audit has revealed that a virtual machine on vSwitch1 is receiving all traffic sent to the virtual switch, violating corporate policy. The vSphere administrator examines the properties for vSwitch1, as shown in the exhibit:
-- Exhibit —
-- Exhibit —
Which configuration explains why the virtual machine is receiving all traffic sent to vSwitch1?
A. The Production port group has the Promiscuous Mode policy set to Accept.
B. vSwitch1 has the Promiscuous Mode policy set to Reject.
C. The Network Failure Detection policy on the Production port group is set to Link Status plus Beaconing.
D. The Network Failure Detection policy on vSwitch1 is set to Link Status only.
Correct Answer: A
Explanation/Reference:
Explanation:
A: The virtual switch security policy will remain at the default setting of Reject for the Promiscuous Mode option as shown in the exhibit, while the Production port group for the IDS will be set to Accept. This setting will override the virtual switch. Thus with the Promiscuous Mode policy set to Accept on the Production port group all traffic is sent through to vSwitch1.
Incorrect Answers:
B: When the Promiscuous Mode option is set to Reject it will prevent virtual network adapters from observing any of the traffic submitted through a vSwitch or distributed switch.
C: The Link Status plus Beaconing setting sends out and listens for beacon probes on all NICs in the team and uses this information, in addition to link status, to determine link failure. This option detects many of the failures mentioned above that are not detected by link status alone. But this setting will not override the virtual switch policy setting.
D: This configuration is set to detect failures such as cable pulls and physical switch power failures, but not configuration errors such as a physical switch port being blocked by spanning tree or even misconfigured to the wrong VLAN or even cable pulls on the other side of a physical switch.
However, this setting will not override the virtual switch policy setting.
References:
Lowe, S. & Marshall, N., Mastering VMWare vSphere 5.5, Wiley and Sons, Indianapolis, 2014, pp. 225, 271
