A server administrator is configuring a new virtual machine (VM) that will host a development environment. The VM requires access to the internet to download software packages and updates. However, to minimize security risks, the VM must not be directly addressable from the external corporate network. The host server has a single network interface card (NIC) connected to the corporate network.
Which virtual networking mode should the administrator select to meet these requirements?
The correct answer is Network Address Translation (NAT). In NAT mode, the hypervisor acts as a router for the VM. It provides the VM with internet access by translating the VM's private IP address to the host's IP address for outbound traffic. This configuration effectively hides the VM from the external network, as it cannot be reached directly without specific port forwarding rules, thus meeting the security requirement.
Bridged networking is incorrect because this mode connects the VM directly to the physical network, giving it a unique IP address on the same subnet as the host. This would make the VM directly addressable from the external network, violating the stated security requirement.
Host-only networking is incorrect because it creates a private network that is isolated from any external networks. While secure, this mode would prevent the VM from accessing the internet to download necessary updates.
VLAN tagging is incorrect because it is a Layer 2 method used to segment a network into different broadcast domains for traffic isolation and management. While it can isolate the VM from other network segments, it does not inherently provide the address translation functionality of NAT that allows outbound internet access while preventing unsolicited inbound connections.