Which of the following methods can be used to secure access to iSCSI storage when
using ESX server? (Choose Two.)
A.
Enable CHAP authentication
B.
Disable promiscuous mode for the virtual switch containing the VMkernel port used
for iSCSI
C.
Enable encryption on iSCSI initiator by selecting the iSCSI encrypt option
D.
Place virtual machines and the VMkernel port used for iSCSI on separate virtual
switches
Explanation:
iSCSI SAN Configuration Guide ESX 4.0 ESXi 4.0 vCenter Server 4.0, page 37.
Because the IP networks that the iSCSI technology uses to connect to remote targets do
not protect the data they transport, you must ensure security of the connection. iSCSI
requires that all devices on the network implement Challenge Handshake Authentication
Protocol (CHAP), which verifies the legitimacy of initiators that access targets on the
network, (A).
By placing virtual machines and the VMkernel port used for iSCSI on separate virtual
switches you could prevent VMs accessing the iSCSI initiator, (D).