Which regulatory, standards-based compliance pack is available in vRealize Operations?

Which regulatory, standards-based compliance pack is available in vRealize Operations?
A . Sarbanes-Oxley Act (SOX)
B . Common Vulnerabilities and Exposures (CVE)
C . CIS Security Standards
D . General Data Protection Regulation (GDPR)

View Answer

Answer: C

Explanation:

The regulatory, standards-based compliance pack that is available in vRealize Operations is the CIS Security Standards. The CIS Security Standards are a set of best practices and recommendations for securing IT systems and data against cyberattacks. The CIS Security Standards are developed and maintained by the Center for Internet Security (CIS), a nonprofit organization that provides cybersecurity resources and guidance to organizations and individuals1. The vRealize Operations Compliance Pack for CIS provides alerts, policies, and reports to validate the vSphere resources against the CIS hardening guide. The following resources are being validated using this content: ESXi Host, Virtual Machine, vCenter Server, Distributed Switch, Distributed Port Group, and Distributed Firewall2. The vRealize Operations Compliance Pack for CIS can be downloaded and installed from the VMware Marketplace3. The Sarbanes-Oxley Act (SOX) (option A) is not a regulatory, standards-based compliance pack that is available in vRealize Operations. SOX is a federal law that regulates the financial reporting and auditing of public companies in the United States. SOX does not provide specific technical guidelines or benchmarks for securing IT systems and data4. The Common Vulnerabilities and Exposures (CVE) (option B) is not a regulatory, standards-based compliance pack that is available in vRealize Operations. CVE is a list of publicly known cybersecurity vulnerabilities and exposures that are assigned unique identifiers and descriptions. CVE does not provide specific security standards or recommendations for securing IT systems and data5. The General Data Protection Regulation (GDPR) (option D) is not a regulatory, standards-based compliance pack that is available in vRealize Operations. GDPR is a legal framework that regulates the collection, processing, and transfer of personal data of individuals in the European Union and the European Economic Area. GDPR does not provide specific technical guidelines or benchmarks for securing IT systems and data.

References:

1: CIS Security Standards – cisecurity.org, CIS, 2021, [7].

2: vRealize Operations Compliance Pack for CIS – VMware Marketplace, VMware, 2021, 1.

3: vRealize Operations Manager User Guide, VMware, 2021, p. 237.

4: Sarbanes-Oxley Act (SOX) – investopedia.com, Investopedia, 2021, [8].

5: Common Vulnerabilities and Exposures (CVE) – cve.mitre.org, MITRE, 2021, [9].

[6]: General Data Protection Regulation (GDPR) – ec.europa.eu, European Commission, 2021, [10].

[7]: CIS Security Standards – cisecurity.org, CIS, 2021, [7].

[8]: Sarbanes-Oxley Act (SOX) – investopedia.com, Investopedia, 2021, [8].

[9]: Common Vulnerabilities and Exposures (CVE) – cve.mitre.org, MITRE, 2021, [9].

[10]: General Data Protection Regulation (GDPR) – ec.europa.eu, European Commission, 2021, [10].