Last Updated On : 25-May-2026
As a VMware Cloud Foundation architect, you are provided with the following
requirements:
All administrative access to the cloud management components must be trusted.
All cloud management components’ communications must be encrypted.
Enhancement of lifecycle management should always be considered.
Which design decision fulfills the requirements?
A. Integrate the SDDC Manager with a supported 3rd-party certificate authority (CA).
B. Integrate the SDDC Manager with the vCenter Server in VMCA mode.
C. Write a PowerCLI script to run on all virtual appliances and force a redirection on port 443.
D. Write an Aria Orchestrator Workflow to change the ESXi hosts’ certificates in bulk.
Explanation:
This question focuses on security and lifecycle management fundamentals in VMware Cloud Foundation. The requirements demand trusted administrative access, encrypted communications, and a sustainable lifecycle strategy. The solution must establish a permanent, automated certificate authority for all SDDC Manager-managed components, moving beyond the default, less-secure VMCA and avoiding error-prone manual scripts.
Correct Option:
A. Integrate the SDDC Manager with a supported 3rd-party certificate authority (CA). This fulfills all requirements. It establishes a trusted chain of authority for all components, satisfying the "trusted access" requirement. It ensures all internal communications use trusted certificates, meeting the "encrypted communications" need. Crucially, it automates certificate renewal, a key aspect of "lifecycle management," by leveraging the enterprise CA, preventing service disruptions and reducing manual effort compared to other options.
Incorrect Option:
B. Integrate the SDDC Manager with the vCenter Server in VMCA mode.
This is incorrect because the VMCA (vCenter Server Certificate Authority) is an internal CA. While it provides encryption, it does not provide certificates from a universally "trusted" third-party authority, which is a common security requirement for enterprises. This does not enhance lifecycle management as effectively as a dedicated enterprise CA integration.
C. Write a PowerCLI script to run on all virtual appliances and force a redirection on port 443.
This is incorrect. Port redirection does not fulfill the core requirements. It does not establish trust via certificates nor properly encrypt communications at the certificate level. It is a manual, script-based workaround that contradicts the enhancement of automated lifecycle management.
D. Write an Aria Orchestrator Workflow to change the ESXi hosts’ certificates in bulk.
This is incorrect because it is a reactive, manual process for only one component (ESXi hosts). It does not provide a trusted CA for all cloud management components, does not automate the initial trust establishment, and creates a brittle lifecycle process compared to a native CA integration.
Reference:
VMware Cloud Foundation Documentation: Certificate Management
A design requirement has been specified for a new VMware Cloud Foundation (VCF)
instance. All managed workload resources must be lifecycle managed with the following
criteria:
• Development resources must be automatically reclaimed after two weeks
• Production resources will be reviewed yearly for reclamation
• Resources identified for reclamation must allow time for review and possible extension
What capability will satisfy the requirements?
A. Aria Suite Lifecycle Content Management
B. Aria Operations Rightsizing Recommendations
C. Aria Automation Lease Policy
D. Aria Automation Project Membership
Explanation:
This question focuses on automated resource lifecycle management within a VMware Cloud Foundation environment. The core requirement is to enforce time-based resource expiration for different environments (development vs. production) with a built-in grace period for review and extension. This is a function of cloud governance and automation, not monitoring, content management, or user access control.
Correct Option:
C. Aria Automation Lease Policy:
This capability directly satisfies all stated requirements. A lease policy allows administrators to set a maximum lifetime for deployed resources. It can be configured with different lease durations (e.g., 2 weeks for development, 1 year for production). Crucially, it provides a configurable expiration warning period, allowing owners to review and extend the lease before the resources are automatically reclaimed, fulfilling the final requirement.
Incorrect Option:
A. Aria Suite Lifecycle Content Management:
This capability manages the lifecycle of content like blueprints, templates, and property groups within Aria Automation itself. It does not manage the runtime lifecycle or lease duration of deployed workload resources.
B. Aria Operations Rightsizing Recommendations:
This is a monitoring and analytics feature. It provides suggestions on optimizing resource allocation (CPU, Memory) for running VMs based on historical usage. It does not automate the reclamation of resources based on a time schedule.
D. Aria Automation Project Membership:
This governs user access and permissions to cloud resources within a project. It controls who can deploy and manage resources, but it does not control how long those deployed resources can exist before being automatically reclaimed.
Reference:
VMware Aria Automation Documentation: Configure Leases for Deployments
A customer defined a requirement for the newly deployed SDDC infrastructure which will host one of the applications responsible for video streaming. Application will run as part of a VI Workload Domain with dedicated NSX instance and virtual machines. Required network throughput was defined as 250 Gb/s. Additionally, the application should provide the lowest possible latency. Which design decision should be recommended by an architect for the NSX Edge deployment?
A. Deploy 2 NSX Edges using NSX console and add to Edge cluster created in SDDC Manager.
B. Deploy 4 extra large edges using vCenter Server console.
C. Deploy NSX bare-metal Edges and create Edge Cluster using NSX console.
D. Deploy 2 large NSX Edges using SDDC Manager.
Explanation:
This question focuses on designing an NSX Edge cluster for an extreme performance workload within a VMware Cloud Foundation (VCF) VI Workload Domain. The key requirements are a massive 250 Gb/s network throughput and the lowest possible latency. The architect must choose an Edge deployment model that can physically meet these demands, as virtual appliances have inherent performance limitations compared to bare-metal hardware.
Correct Option:
C. Deploy NSX bare-metal Edges and create Edge Cluster using NSX console.
This is the only option that can satisfy the 250 Gb/s throughput and lowest latency requirement. Bare-metal Edge nodes are physical servers dedicated to running the NSX Edge software. They bypass the hypervisor overhead, providing direct access to network hardware and CPUs, which is essential for achieving line-rate performance and minimizing latency for high-throughput data plane traffic like video streaming.
Incorrect Option:
A. Deploy 2 NSX Edges using NSX console and add to Edge cluster created in SDDC Manager.
This describes a standard virtual Edge deployment via the VCF automation process. However, the size and throughput of virtual Edges are limited by the underlying host resources and the virtualization layer, making them unsuitable for a consistent 250 Gb/s data plane.
B. Deploy 4 extra large edges using vCenter Server console.
Deploying virtual Edges directly via vCenter console is not a supported or automated method in a VCF context. More importantly, even the "extra large" virtual Edge form factor cannot meet the 250 Gb/s requirement, as its throughput is still constrained by the host's virtual switch and physical NICs shared with other workloads.
D. Deploy 2 large NSX Edges using SDDC Manager.
While this is the standard, automated VCF method, the "large" form factor of a virtual Edge has a defined maximum throughput that is significantly lower than 250 Gb/s. This design decision would create a performance bottleneck for the application.
Reference:
VMware Cloud Foundation Documentation: NSX Edge Node Sizing (The VCF and NSX documentation specify the performance characteristics and supported maximums for different Edge node form factors, indicating that for the highest throughput, bare-metal edges are required.)
An architect is documenting the design for a new VMware Cloud Foundation solution. During workshops with key stakeholders, the architect discovered that some of the workloads that will be hosted within the Workload Domains will need to be connected to an existing Fibre Channel storage array. How should the architect document this information within the design?
A. As an assumption
B. As a constraint
C. As a design decision
D. As a business requirement
Explanation:
This question tests the correct categorization of information within a technical design document. The scenario describes a pre-existing condition of the IT environment that the new solution must integrate with and accommodate. This type of immovable, external factor directly limits the design options and must be documented as a foundational boundary for the project.
Correct Option:
B. As a constraint:
This is the correct classification. The need to connect to an existing Fibre Channel storage array is a constraint. It is an external, inflexible condition imposed on the design. The new VCF Workload Domains must be architected to support this requirement, which influences hardware selection (requiring FC HBAs), network design (FC SAN fabric), and vSphere configuration. It restricts the design to solutions that can integrate with external FC storage.
Incorrect Option:
A. As an assumption:
An assumption is a factor believed to be true but not confirmed. This requirement was "discovered" in workshops with stakeholders, meaning it is a confirmed fact, not an unverified belief. Documenting it as an assumption would be incorrect and risky.
C. As a design decision:
A design decision is a specific choice made by the architect in response to requirements and constraints. The need for FC connectivity is the driver; the subsequent choice of HBA models, switch models, and zoning strategy would be the design decisions that fulfill this constraint.
D. As a business requirement:
A business requirement is a high-level need from the business perspective, such as "support legacy applications." The technical implementation detail of using a "Fibre Channel storage array" is a derived technical or functional requirement, more accurately classified as a design constraint.
Reference:
VMware Cloud Foundation Documentation: Planning and Preparation (The planning guides emphasize understanding external dependencies and infrastructure, which are documented as constraints that shape the final design.)
The following requirements were identified in an architecture workshop for a VMware Cloud
Foundation (VCF) design project using vSAN as the primary storage solution:
REQ001: The application must maintain a minimum of 1,000 transactions per second
(TPS) during business hours, excluding disaster recovery (DR) scenarios.
REQ002: Automatic DRS and HA must be utilized.
REQ003: Planned maintenance must be performed outside of business hours.
While monitoring the TPS of the application, which of the following is NOT a valid test case
to validate these requirements?
A. Trigger a vSphere High Availability (HA) failover activity.
B. Trigger a vSAN disk group cache drive failure.
C. Trigger fully automatic DRS vMotion activity.
D. Trigger a vCenter upgrade workflow.
Explanation:
The question asks which test case is NOT valid for validating REQ001 (maintain 1,000 TPS during business hours), REQ002 (use DRS and HA), and REQ003 (planned maintenance outside business hours).
Triggering a vCenter upgrade workflow (D) is NOT a valid test case. vCenter is not in the ESXi host data path — running VMs continue normal network and storage I/O even when vCenter is offline or being upgraded. TPS remains completely unaffected, so monitoring TPS during a vCenter upgrade validates nothing about application performance under stress or failure. Additionally, REQ003 explicitly requires planned maintenance like vCenter upgrades to occur outside business hours, so a business-hours TPS test would never encounter this event. The goal is to validate TPS during unplanned disruptions, not planned maintenance.
Why Other Options Are Valid
Option A (trigger vSphere HA failover) is valid because HA restart VMs after a host failure — an unplanned event — directly impacting TPS during failover and testing REQ001 and REQ002.
Option B (trigger vSAN disk group cache drive failure) is valid because a cache drive failure causes vSAN congestion and performance degradation, testing whether the application maintains 1,000 TPS during a storage fault.
Option C (trigger fully automatic DRS vMotion) is valid because DRS vMotion moves VMs live for load balancing. While brief, vMotion can impact latency, and monitoring TPS validates the application's tolerance to live migration, testing REQ002.
References
ExamTopics 2V0-13.24 — Question 73
VMware Docs: vCenter Server Upgrade Impact on Running VMs
VMware Docs: vSphere HA and DRS Performance Considerations
An architect is working on a design for a new VMware Cloud Foundation (VCF) solution for
a retail organization. The organization wants to initially deploy the solution into their
headquarters and a number of larger stores. They also plan to pilot the expansion of the
deployment into some of their smaller stores. The locations have the following
characteristics:
A. Headquarters will have a private cloud based on the VCF Consolidated Architecture.
B. Larger stores will have a private cloud based on the VCF Consolidated Architecture.
C. Smaller stores will have remote clusters deployed from the HQ VCF instance.
D. Smaller stores will have remote clusters deployed from the geographically closest Larger store VCF instance.
E. Headquarters will have a private cloud based on the VCF Standard Architecture.
F. Larger stores will have workload domains deployed from the HQ VCF instance.
Explanation:
The organization requires minimizing the number of management tool instances while maintaining workload performance across three location types: Headquarters (40Gb), Larger stores (10Gb), and Smaller stores (100Mb). The architect must design a VCF deployment architecture that balances centralized management with edge requirements.
Option C (Smaller stores will have remote clusters deployed from the HQ VCF instance)is a valid design decision because smaller stores have only 100Mb network infrastructure. VMware Cloud Foundation supports remote cluster deployments with minimum bandwidth requirements of 10 Mbps and maximum latency of 100 milliseconds . The 100Mb connection at smaller stores meets this requirement. Remote clusters enable centralized management from HQ while extending VCF capabilities to resource-constrained edge locations .
Option E (Headquarters will have a private cloud based on the VCF Standard Architecture) is valid because the headquarters has a brand-new datacenter with 40Gb network infrastructure, which fully supports the Standard Architecture model. The Standard Architecture is designed for full-scale private cloud deployments with dedicated management and workload domains, providing maximum scalability and performance for central operations .
Option F (Larger stores will have workload domains deployed from the HQ VCF instance)is valid because larger stores have 10Gb network infrastructure. VCF supports workload domains across multiple locations with latency under 100ms between workload domains within a single VCF instance . This design centralizes management at HQ while allowing larger stores to run their own workload domains with local performance.
Why Other Options Are Not Correct
Option A (Headquarters will have a private cloud based on the VCF Consolidated Architecture) is incorrect because Consolidated Architecture is designed for smaller, less impactful workload requirements where management and application workloads share a single management domain . The headquarters with 40Gb infrastructure is better suited for Standard Architecture to support growth and separate management from production workloads.
Option B (Larger stores will have a private cloud based on the VCF Consolidated Architecture) is incorrect for the same reason. While larger stores have 10Gb networks suitable for VCF deployment, creating separate VCF instances for each larger store would increase the number of management tool instances, directly contradicting the requirement to minimize management overhead. Centralized management from HQ with workload domains (Option F) is superior.
Option D (Smaller stores will have remote clusters deployed from the geographically closest Larger store VCF instance) is incorrect because this would create dependency chains and increase management complexity. If a larger store's VCF instance experiences issues, it would affect multiple smaller stores. Centralized management from HQ provides a single pane of glass for all edge locations, better aligning with the minimize-management-instances requirement .
References
Broadcom TechDocs — VCF Edge Detailed Design (Latency and bandwidth requirements for remote clusters)
Broadcom TechDocs — Remote edge site considerations for VCF 5.2 on VxRail
An organization is planning to expand their existing VMware Cloud Foundation (VCF) environment to meet an increased demand for new user-facing applications. The physical host hardware proposed for the expansion is a different model compared to the existing hosts, although it has been confirmed that both sets of hardware are compatible. The expansion needs to provide capacity for management tooling workloads dedicated to the applications, and it has been decided to deploy a new cluster within the management domain to host the workloads. What should the architect include within the logical design for this design decision?
A. The design justification stating that the separate cluster provides flexibility for manageability and connectivity of the workloads
B. The design assumption stating that the separate cluster will provide complete isolation for lifecycle management
C. The design implication stating that the management tooling and the VCF management workloads have different purposes
D. The design qualities affected by the decision listed as Availability and Performance
Explanation:
Why A is Correct
In VMware Cloud Foundation (VCF), the Management Domain typically hosts the SDDC Manager, vCenter Servers, and NSX Managers. When an architect decides to add a second cluster to the Management Domain specifically for "management tooling" (such as monitoring agents, backup proxies, or application-specific controllers), it is a design choice that requires a Justification.
Analysis of Incorrect Options
B. Design Assumption (Isolation):
This is incorrect because a new cluster in the same management domain does not provide complete isolation for Lifecycle Management (LCM). In VCF, the Management Domain is treated as a single entity for most LCM operations (like vCenter or NSX updates). True LCM isolation would require a separate Workload Domain.
C. Design Implication (Purpose):
A design implication describes the consequences of a decision (e.g., "this will require additional Top-of-Rack switch ports"). Stating that workloads have "different purposes" is a functional requirement or a rationale, not a logical design implication.
D. Design Qualities (Availability and Performance):
While these qualities are affected, simply listing them does not fulfill the requirement of a logical design component. The decision to add a cluster is more directly tied to Manageability and Scalability than a pure Availability play.
Reference
VMware Cloud Foundation Design Guide:
Refer to the "Management Domain Design" section, specifically regarding "Scale and Separation of Management Workloads."
VVD (VMware Validated Design): Documentation on Logical Design structures, focusing on how to document Justifications for multi-cluster management domain architectures.
Which statement defines the purpose of Business Requirements?
A. Business requirements define which audience needs to be involved.
B. Business requirements define how the goals and objectives can be achieved.
C. Business requirements define which goals and objectives can be achieved.
D. Business requirements define what goals and objectives need to be achieved.
Explanation:
The Role of Business Requirements
In the context of the VMware VCP-VCF Architect design methodology, identifying requirements is the foundation of the logical design. Business Requirements focus on the high-level outcomes an organization desires. They specify the "what"—the ultimate goals, such as "reduce operational costs by 20%," "provide 99.99% availability for user-facing apps," or "ensure compliance with GDPR." They do not dictate the technical implementation but rather set the benchmarks that the technical design must eventually satisfy.
Analysis of Incorrect Options
A. Defining the audience:
This describes Stakeholder Identification, not the requirements themselves. While stakeholders provide the requirements, the requirements describe the business needs.
B. How goals are achieved:
This defines Functional Requirements or the Technical Design itself. The "how" involves selecting specific technologies (like vSAN or NSX) and configurations to meet the "what."
C. Which goals can be achieved:
This refers to Feasibility Analysis or Project Scoping. Business requirements are driven by the needs of the business, regardless of whether they have been vetted for feasibility yet.
Reference
VMware Cloud Foundation Design Guide: Chapter on Design Methodology and Requiremen
t Gathering.
VCAP-VCD (VMware Certified Advanced Professional - Design) Framework: Definitions of Business vs. Technical requirements.
| Page 3 out of 12 Pages |
| 1234 |
| 2V0-13.24 Practice Test Home |