The vsphere compliance checker checks for some issues around “devices”, specifically:
• Ensure unauthorised devices are not connected
• Prevent unauthorised removal connection and modification of devices
1) For starters, what is the definition of “unauthorised device”, and when they say “connected”, connected to what?
2) Who could (what permissions would they need) connect an unauthorised device?
3) What is the overall risk in connecting an unauthorised device?
4) How does this setting prevent this, and who is it preventing?
5) When they refer to “removal” or “modification”, can you explain what they mean, and their definition of device?
6) What is the overall risk in removing or modifying a device? Who could do it? And how does this setting prevent such?