Crucial Exams

ISC2 Certified Cloud Security Professional (CCSP) Practice Question

During the logical design of an on-premises private cloud, you must ensure that virtual machines owned by different internal tenants remain isolated even when they vMotion between hosts in the same cluster. Security staff want to enforce firewall rules that follow each workload and are expressed in terms of VM tags rather than IP subnets. They also need to avoid frequent reconfiguration of upstream switches. Which design choice BEST satisfies these requirements?

  • Creating separate virtual routing and forwarding (VRF) instances for every tenant at the data-center core

  • Installing additional physical NICs in each host and mapping one to each tenant network

  • Assigning a dedicated VLAN and subnet to each tenant on the physical switches

  • Hypervisor-based microsegmentation using distributed virtual switches and security groups

ISC2 Certified Cloud Security Professional (CCSP)
Cloud Platform & Infrastructure Security
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot