A virtual Trusted Platform Module (vTPM) is a technology that can be used to harden guest virtual machines by providing them with a secure cryptographic device. A vTPM can store encryption keys, certificates, and passwords, and can perform integrity checks on the guest operating system and applications. A vTPM can also enable features such as BitLocker and Credential Guard in Windows 10 virtual machines.
A. Containerization is a technology that can be used to isolate applications from the underlying operating system and hardware resources. Containerization does not directly harden guest virtual machines, but rather provides a lightweight alternative to virtualization.
B. Network isolation is a technology that can be used to separate network traffic between different virtual machines or groups of virtual machines. Network isolation can help prevent unauthorized access or attacks on guest virtual machines, but it does not harden them internally.
C. Resource reservation is a technology that can be used to guarantee a minimum amount of CPU, memory, disk, or network resources for a virtual machine or a group of virtual machines. Resource reservation can help improve the performance and availability of guest virtual machines, but it does not harden them against security threats.
D. vTPM is a technology that can be used to harden guest virtual machines by providing them with a secure cryptographic device. A vTPM can store encryption keys, certificates, and passwords, and can perform integrity checks on the guest operating system and applications.
[Reference: CompTIA A+ Core 1 (220-1101) Certification Study Guide, page 3161., , , , ]
