To secure virtual machines using processor-specific technology called enclaves, which needs to be configured?

Virtual Intel Software Guard Extensions (vSGX) is the correct configuration to secure virtual machines using enclaves. vSGX provides a hardware-based security feature that allows the creation of unique environments within applications where sensitive processes can execute without interference from outside entities, including the host operating system or other virtual machines. This capability is crucial for safeguarding data and computations, particularly in multi-tenant cloud environments where there is a risk of exposure to unauthorized access.

Enclaves created through vSGX utilize the hardware security features of Intel processors, enabling the encapsulation of sensitive code and data. This ensures that even if the hypervisor or other applications in the virtual machine have been compromised, the data within the enclave remains protected.

The other options, while related to security and virtualization, do not specifically focus on the creation of secure enclaves. For instance, the Trusted Platform Module (TPM) is primarily for hardware-based security features such as secure boot and trusted storage. Advanced Encryption Standard-New Instructions (AES-NI) enhances cryptographic operations but does not relate directly to enclave protection. Transparent Page Sharing (TPS) is a memory optimization technique but can potentially expose data sharing between VMs, which is contrary to the isolation goal of enclaves.