A security audit has revealed that a virtual machine on vSwitch1 is receiving all traffic sent to the
virtual switch, violating corporate policy. The vSphere administrator examines the properties for
vSwitch1, as shown in the exhibit:
— Exhibit —
— Exhibit —
Which configuration explains why the virtual machine is receiving all traffic sent to vSwitch1?
A.
The Production port group has the Promiscuous Mode policy set to Accept.
B.
vSwitch1 has the Promiscuous Mode policy set to Reject.
C.
The Network Failure Detection policy on the Production port group is set to Link Status plus
Beaconing.
D.
The Network Failure Detection policy on vSwitch1 is set to Link Status only.
Explanation:
ruling out B C and D only possibility can be A. However exhibit of production port group should be shown. It seems its a IQ test not a Vmware knowledge test.
Agreed. A is a possible reason but B, C and D are not so it is a process of elimination.
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1002934
“When promiscuous mode is enabled at the portgroup level, objects defined within that portgroup have the option of receiving all incoming traffic on the vSwitch.”
So it’s A.
Thanks!
A is correct but the exhibit is very deceiving.
It’s to show you know you can break inheritance of the vSwitch policy.
Settings at the port group level override settings at the virtual switch level.
So, option A overrides option B.
Thats why, A is the answer
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004099
http://kb.vmware.com/selfservice/search.do?cmd=displayKC&docType=kc&docTypeID=DT_KB_1_1&externalId=1002934
“virtual machine(Production port group) on vSwitch1 is receiving all traffic sent to the virtual switch”
==> Possible A: No VLAN
==> Possible B: Promiscuous Mode is Accept on (Production port group)
ポートグループでの設定はvirtual スイッチに引き継がれるため、この解答になる。