An architect is responsible for designing a VMware Cloud Foundation (VCF)-based private cloud for a
customer. The architect noted the following requirements during a design workshop:
Co-locate application workloads with VCF management component workloads within the same
vSphere cluster.
Shared storage data is always available and 100% current in the event of a single site outage.
Have two sites available no more than 10 miles apart (10ms latency) connected with high-speed
network technology to host their virtual infrastructure.
Protect against outages of a single site designated as an availability zone.
Which two storage technologies could meet the stated requirements? (Choose two.)
D, E
Explanation:
According to VMware Cloud Foundation 9.0 documentation, when a stretched cluster is deployed
across sites with sub-5ms latency and high-speed interconnects, vSAN can be configured for zero
RPO (Recovery Point Objective), ensuring 100% data consistency and availability in the event of a site
failure. vSAN supports co-locating management and application workloads and provides the shared
storage functionality with automatic failover capabilities.
Additionally, vSphere Virtual Volumes (vVols) provide granular control of virtual machine storage,
and when backed by a storage system that supports replication and failover across sites (with
support for VASA 3.0 or later), vVols can meet the same requirements for data availability and
disaster recovery.
Reference:
VMware Cloud Foundation 9.0.1 Reference Architecture Guide – Multi-Site Design and Availability
Zones
VMware vSAN 8 ESA/OSA Architecture – Stretched Cluster Requirements
An architect is responsible for designing a new VMware Cloud Foundation (VCF)-based Private Cloud
solution. During the requirements gathering workshop with key customer stakeholders, the following
information was captured:
The solution must support a yearly workload growth of up to 10%.
When creating the design document, which design quality should be used to classify the stated
requirements?
A
Explanation:
The requirement specifying "yearly workload growth of up to 10%" relates directly to the system's
ability to handle increased demand over time, which falls under the design quality of Performance.
Performance in VMware Cloud Foundation design includes considerations for scalability and the
ability to sustain projected growth. This requirement addresses the system’s capacity to manage
future workload expansion without degradation in service levels.
Reference:
VMware Cloud Foundation Architecture and Design Guide 9.0 – Design Qualities Section:
Performance and Scalability
An architect is responsible for designing a new VMware Cloud Foundation (VCF)-based private cloud.
During the discovery workshops, the following information was captured from key customer
stakeholders:
The private cloud will operate with three different monitoring levels:
Self-Managed Service: VM construct only
OS Managed Service: OS metrics and VM construct
Fully Managed Service: Infrastructure apps + OS metrics + VM construct
Approved infrastructure applications include: Microsoft IIS, SQL Server, MySQL, PostgreSQL, Tomcat
Server, and Apache HTTPD
Each workload must subscribe to a monitoring level
Minimal management overhead is required for agent operations
Which two design decision should the architect make to meet the stated monitoring requirements?
(Choose two.)
B, C
Explanation:
The Managed Telegraf Agent provides full observability and is centrally managed through VMware
Aria Operations (formerly vRealize Operations). It is ideal for scenarios where both OS and
infrastructure application metrics are needed, such as in the Fully Managed and OS Managed
services. This meets the requirement for monitoring while minimizing manual overhead. The Self-
Managed service does not require agent deployment, as only VM-level metrics are needed.
Reference:
VMware Aria Operations for VCF 9.0 Deployment Guide – Monitoring Levels and Telegraf Agent
Management
VMware Cloud Foundation Operations Monitoring Levels Explained
During a design workshop, the security team provides the following requirement for the VMware
Cloud Foundation (VCF) Automation deployment:
All Virtual Machine images must be reviewed and vetted by the security team prior to consumption.
Which Content Library type supports the requirement?
D
Explanation:
A Provider-managed Content Library is curated and controlled centrally by the VCF administrator or
provider. It enables vetting and version control over VM templates and OVFs, ensuring compliance
with organizational policies, including security reviews. This directly supports the requirement that
all images must be reviewed and approved before being used in deployments.
Reference:
VMware Cloud Foundation 9.0 Planning and Preparation Guide – Content Library Management
VMware Aria Automation Content Management Best Practices
A VMware Cloud Foundation (VCF) architect is planning for the expansion of an existing VCF instance.
The existing VCF instance is deployed with a single workload domain. The number of ESXi hosts has
grown to the maximum number the existing vCenter can support.
Which design decision would the architect need to make to allow the existing VCF Instance to add
more ESXi hosts?
B
Explanation:
A single workload domain in VCF maps to a single vCenter instance. When the host limit for that
vCenter is reached (typically ~1000 hosts per vCenter), the correct and supported scale-out design is
to deploy a second VI workload domain, which comes with its own dedicated vCenter instance,
allowing continued expansion without affecting the existing domain.
Reference:
VMware Cloud Foundation 9.0 Design Guide – Workload Domain Scaling Considerations
VMware Configuration Maximums for vCenter Server
An architect is designing a VMware Cloud Foundation (VCF) fleet. The following information has been
provided by the customer:
Due to budget constraints, the solution must utilize the existing server hardware.
The existing server hardware consists of server models from the same vendor but different
generations.
There are ten servers available for use in this solution.
Management and Business workloads should be hosted in different clusters.
What design decision should the architect make for the lifecycle management of the solution based
on this information?
B
Explanation:
In VMware Cloud Foundation 9.0, vSphere Lifecycle Manager (vLCM) with composite images is the
recommended method for managing host lifecycle. However, when using hardware of different
generations, it's not advisable to use a single composite image across clusters with hardware
inconsistencies due to potential compatibility mismatches with firmware and drivers.
By using separate vLCM composite images for each cluster (i.e., management and workload), the
architect ensures that each cluster's image is optimized for its specific hardware generation, reducing
the risk of driver/firmware issues during updates or drift remediation.
This design aligns with the principle of cluster-level lifecycle independence, especially important
when working with a mix of hardware generations.
Reference:
VMware Cloud Foundation Lifecycle Management Design Guide – vSphere Lifecycle Manager Best
Practices
VMware vSphere 8 Lifecycle Manager Guide – Composite Image Strategy for Heterogeneous Hosts
An architect is designing a private cloud infrastructure for two departments (HR and Finance) based
on VMware Cloud Foundation (VCF) and has been given the following requirements:
HR and Finance superusers require access to VCF Operations.
VCF Operations access, monitoring, and logging information must not be shared across departments.
Which design decision would meet the requirement?
C
Explanation:
To enforce strict separation of monitoring data, logs, and access control, deploying two separate VCF
Operations instances is the recommended solution. This ensures that each department (HR and
Finance) has a completely isolated monitoring stack, including dashboards, alerts, log retention, and
user roles.
Although scopes and index partitions can provide some level of logical segregation within a single
instance, they do not guarantee complete security isolation, especially in environments with strict
compliance or multi-tenancy concerns. Deploying two separate instances ensures compliance with
data isolation and privacy requirements, making it the most secure and compliant option.
Reference:
VMware Aria Operations Deployment Guide for Multi-Tenancy and Isolation
VMware Cloud Foundation 9.0 Logical Design Guide – Operations Segmentation Models
An architect is designing a Business Continuity Disaster Recovery (BCDR) strategy for a Virtual Cloud
Foundation (VCF) environment with a management domain and multiple workload domains
deployed in two datacenters located in the same city.
During one of the initial workshops with stakeholders, the following information was identified:
The Recovery Time Objective (RTO) for workloads is 24 hours.
The management domain must remain continuously available with Recovery Point Objective (RPO)
of 0.
Hardware overhead should be minimized by utilizing standby resources that host test workloads
during normal operation.
Operational overhead should be minimized.
Latency between both datacenters is 2 ms.
Which design decision should the architect document to satisfy provided requirements?
B
Explanation:
To ensure zero RPO and high availability for the management domain, the best-fit design is to use a
vSAN Stretched Cluster. With a 2ms latency and shared witness site, this design enables synchronous
replication and automatic failover, ensuring no data loss (RPO 0) and minimal downtime.
For the workload domains where 24-hour RTO is acceptable, Live Recovery (leveraging replication
and automation like Site Recovery Manager or Aria Automation Orchestrator) can be used to
minimize operational effort and still meet recovery timelines. This strategy also aligns with
minimizing hardware overhead by using the standby test infrastructure as failover capacity.
Reference:
VMware Cloud Foundation Multisite Design Guide – Stretched Clusters and Disaster Recovery
VMware vSAN Stretched Cluster Architecture Design
A customer is deploying VMware Cloud Foundation (VCF) in an enterprise environment. During a
series of workshops with stakeholders, the following requirements were identified:
The network solution must be capable of complete logical isolation.
The network solution must be capable of supporting independent upgrade cycles for network stacks.
The network solution must be capable of tenant-specific customization of NSX configurations.
The architect has made the following design decisions:
The solution will consist of a single VCF instance.
The solution will include a management domain and two workload domains.
Based on the scenario, which additional design decision meets all of the stated requirements?
D
Explanation:
Dedicated NSX instances per workload domain provide the highest level of logical isolation and allow
independent upgrade cycles, fulfilling the requirement of tenant-specific customization. Each
workload domain with its own NSX instance can be managed separately, updated independently, and
configured with its own security policies, BGP/VRF, segments, and gateways.
NSX Federation could achieve some level of centralization but does not support independent
upgrade cycles per domain. A shared NSX instance breaks isolation and would tightly couple upgrade
cycles, violating two of the key stated requirements.
Reference:
VMware Cloud Foundation NSX-T Design Guide – NSX Instance Design Options
VMware Cloud Foundation 9.0 – Multi-Tenant Networking Models
An architect was in an architectural workshop and noted the following business objectives:
The solution must prioritize optimal end-to-end user shopping experience for customers accessing
the website.
The website must be available 24 x 7 x 365.
Which three conceptual model items relate to these business objectives? (Choose three.)
A, B, F
Explanation:
Conceptual model items are categorized as requirements, assumptions, risks, and constraints:
A is a clear requirement, aligned with the business objective of continuous uptime and availability.
B is a valid risk, as the availability of the external internet provider impacts the user experience.
F is an assumption, implying that budget will not be a limitation in achieving the desired level of
performance.
Items like C are too technically specific for the conceptual layer. D directly contradicts the business
objective, and E relates more to operational constraints rather than high-level design goals.
Reference:
VMware Cloud Foundation Conceptual Design Guide – Requirements, Assumptions, Constraints,
Risks (RACR) Framework
Which configuration should the architect recommend as part of the design of a VMware Cloud
Foundation (VCF) solution to ensure optimal performance in a multi-tenant environment?
C
Explanation:
In a multi-tenant environment, isolation, predictable performance, and scalability are critical. vSAN
with tiered storage policies enables the architect to define performance tiers (e.g., RAID-1 for critical
workloads, RAID-5/6 for capacity-efficient workloads). This aligns with the need for low latency and
high IOPS for tenant workloads, without oversubscribing or compromising performance.
Options A and D disregard tenant performance and isolation, potentially leading to noisy neighbor
issues. Option B reduces availability and scalability and is contrary to best practices.
Reference:
VMware Cloud Foundation 9.0 – vSAN Design Guide, vSAN Storage Policy-Based Management
(SPBM) Best Practices
An architect is documenting the design for a new VMware Cloud Foundation (VCF) solution and
makes the following design decision:
Two vSphere clusters will be deployed within the single VI workload domain.
What statement should the architect include as an implication of this design decision?
B
Explanation:
In VMware Cloud Foundation, each VI workload domain is backed by a single vCenter Server
instance. By deploying multiple clusters within the same VI workload domain, the architect can
support multiple use cases (e.g., separating prod/dev), without provisioning new vCenters. This
design reduces management overhead and operational complexity.
However, if stricter separation is needed (e.g., multi-tenancy or lifecycle independence), separate
workload domains may be more suitable. While vSAN is the default, it's not mandatory unless vSAN
Ready Nodes are used for bring-up.
Reference:
VMware Cloud Foundation Logical Design Guide – Workload Domain and Cluster Design Principles
An architect has made an assumption that existing support staff are adequately skilled to operate the
proposed infrastructure design.
The risk associated with this assumption would be that existing support staff are inadequately skilled
to operate the proposed infrastructure design. How would the architect mitigate the risk?
B
Explanation:
The correct mitigation for a skills-based risk is to bridge the gap through training and upskilling.
Providing time and budget for training ensures that existing staff can competently support the
solution and aligns with long-term sustainability of the environment.
Option A does not address the skills gap, just adds capacity. Option C is a risk identification tool, not a
mitigation step. Option D outsources the issue, which contradicts the goal of internal capability
development.
Reference:
VMware Cloud Foundation Architecture and Design Guide – Risk Identification and Mitigation
Strategies
As part of a design for a VMware Cloud Foundation (VCF) solution, an architect has documented the
following dependencies and constraints:
CONSOOl - Internet access will not be permitted from anywhere within the VCF solution.
CONS002 - The password must not be stored in plain text anywhere within the VCF solution.
DEP001 - The customer must make the required VCF binaries accessible to the VCF Installer appliance
during the deployment phase.
Which design decision should the architect include in the design for the download of the VCF
binaries?
B
Explanation:
Due to the explicit constraint that no internet access is permitted, the VCF Installer cannot connect to
an online depot. Instead, the architect must use the offline depot model, where binaries are
downloaded externally and made accessible locally within the VCF environment (e.g., using a local
web server).
This setup aligns with VMware's "air-gapped" deployment guidance for VCF environments with strict
security postures.
Reference:
VMware Cloud Foundation Deployment Guide – Offline Depot Configuration for Air-Gapped
Environments
As part of the VMware Cloud Foundation (VCF) logical design, the architect has determined that the
VCF Private Cloud will encompass multiple VCF instances contained within a single VCF Fleet. The
architect documented the following requirements when using VCF Operations:
Monitoring downtime must be minimized.
Alerting downtime must be minimized.
Which design decision supports these requirements?
C
Explanation:
The High Availability (HA) deployment model of VCF Operations ensures that both monitoring and
alerting services are resilient to node failure. Deploying Collector nodes at remote sites enables local
data collection, reducing WAN dependency and ensuring data is not lost during network
interruptions.
This configuration aligns perfectly with the need to minimize monitoring and alerting downtime,
which is critical in distributed, multi-instance environments.
Reference:
VMware Aria Operations for VCF Design and Deployment Guide – HA and Remote Collection Models