VMware 5V0-21.21 Exam - Topic 7 Question 76 Discussion

Actual exam question for VMware's 5V0-21.21 exam

Question #: 76
Topic #: 7

[All 5V0-21.21 Questions]

An administrator notes that the Data-At-Rest Encryption keys have expired.

Which action is needed to resolve this situation?

AAdd a new Standard Key Provider at the vSAN cluster level

BGenerate new encryptions keys at the vSAN cluster level

CAdd an additional KMS at the vCenter server level

DGenerate new encryptions keys at the vCenter server level

Show Suggested Answer

Suggested Answer: B, D, E

by Colton at Jan 14, 2025, 01:46 PM

Limited Time Offer

25%

Off

Get Premium 5V0-21.21 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Ruthann

3 months ago

I thought the keys were supposed to auto-renew? What happened?

upvoted 0 times

...

Lashawn

3 months ago

Adding a new KMS might be a better long-term solution.

upvoted 0 times

...

Margot

3 months ago

Wait, can you really just generate new keys like that? Seems risky.

upvoted 0 times

...

Kate

4 months ago

Totally agree, option B is the way to go!

upvoted 0 times

...

Jacquline

4 months ago

You need to generate new encryption keys at the vSAN cluster level.

upvoted 0 times

...

Sharen

4 months ago

I’m leaning towards generating new encryption keys at the vSAN cluster level, but I’m a bit confused about the differences between the cluster and server levels.

upvoted 0 times

...

Earleen

4 months ago

Adding a new Standard Key Provider sounds familiar, but I can't recall if that's the right step for expired keys.

upvoted 0 times

...

Flo

4 months ago

I remember practicing a similar question where we had to deal with expired keys. I feel like option B makes the most sense for this scenario.

upvoted 0 times

...

Mertie

5 months ago

I think we might need to generate new encryption keys, but I'm not sure if it's at the vSAN cluster level or the vCenter server level.

upvoted 0 times

...

Antione

5 months ago

I'm a bit confused on this one. Let me think it through carefully before selecting an answer.

upvoted 0 times

...

Elvera

5 months ago

D is the answer, right? We need to generate new encryption keys at the vCenter server level to address this issue.

upvoted 0 times

...

Elza

5 months ago

Option A seems like the right choice here. Adding a new Standard Key Provider at the vSAN cluster level should fix the expired keys.

upvoted 0 times

...

Alecia

5 months ago

Hmm, I'm not sure about this one. I'll need to review the vSAN encryption settings to determine the best approach.

upvoted 0 times

...

Olga

5 months ago

I think the answer is B. We need to generate new encryption keys at the vSAN cluster level to resolve the expired keys.

upvoted 0 times

...

Quentin

10 months ago

I don't know about you, but I'm feeling a bit 'key-less' after reading this question. Time to brush up on my vSAN encryption knowledge!

upvoted 0 times

Ozell

8 months ago

C) Add an additional KMS at the vCenter server level

upvoted 0 times

...

Junita

8 months ago

B) Generate new encryptions keys at the vSAN cluster level

upvoted 0 times

...

Shaniqua

9 months ago

A) Add a new Standard Key Provider at the vSAN cluster level

upvoted 0 times

...

Aimee

10 months ago

B is the way to go, for sure. Generating new keys is the quickest and most straightforward solution to this problem.

upvoted 0 times

...

Dallas

10 months ago

D seems like the logical choice to me. Why would we need to add a new key provider when we can just generate new keys at the vCenter server level?

upvoted 0 times

...

Julie

10 months ago

Hmm, I'm not sure about this one. I'll have to double-check the vSAN documentation to make sure I'm choosing the right option.

upvoted 0 times

Trinidad

9 months ago

C) Add an additional KMS at the vCenter server level

upvoted 0 times

...

Bethanie

9 months ago

B) Generate new encryptions keys at the vSAN cluster level

upvoted 0 times

...

Chi

9 months ago

A) Add a new Standard Key Provider at the vSAN cluster level

upvoted 0 times

...

Taryn

10 months ago

I think B is the correct answer. We need to generate new encryption keys at the vSAN cluster level to resolve the expired keys issue.

upvoted 0 times

Christoper

9 months ago

Let's make sure to do that to resolve the expired keys issue.

upvoted 0 times

...

Tashia

9 months ago

I agree, generating new encryption keys at the vSAN cluster level is the way to go.

upvoted 0 times

...

Mary

10 months ago

B) Generate new encryptions keys at the vSAN cluster level

upvoted 0 times

...

Tambra

11 months ago

I'm not sure, but maybe adding a new Standard Key Provider at the vSAN cluster level could also help resolve the issue.

upvoted 0 times

...

Chanel

11 months ago

I agree with Joesph, generating new encryption keys at the vSAN cluster level seems like the best solution.

upvoted 0 times

...

Joesph

11 months ago

I think we should generate new encryption keys at the vSAN cluster level.

upvoted 0 times

...