Nutanix NCP-CI-AWS Exam Practice Test Instant Access

Question 1

What is an available log module when configuring a syslog server in the Prism Central Admin Center?

AAPI Audit

BPrism

CZookeeper

DAcropolis

Answer : D

When configuring a syslog server in the Prism Central Admin Center for Nutanix, one of the available log modules is Acropolis.

The Acropolis module logs system events related to the Nutanix Acropolis operating system, which is critical for monitoring and auditing system activities and performance.

Configuring syslog with the Acropolis module ensures that important events and issues related to the Acropolis environment are captured and can be forwarded to an external syslog server for centralized logging and analysis.

Reference: Refer to the Nutanix documentation on Prism Central and syslog configuration for the full list of available log modules and detailed steps for configuration.

Question 2

An administrator has deployed an NC2 on AWS cluster that is running mixed workloads. Multiple SQL database are running on the NC2 cluster using a native subnet of 10.78.1.0/24.

The administrator wants to ensure only application servers from source subnet 10.79.1.0/24 that reside outside of the NC2 cluster can access the databases.

Which two actions will help the administrator most securely achieve this? (Choose two.)

AOption A

BOption B

COption C

DOption D

Answer : A, D

To ensure that only application servers from the source subnet 10.79.1.0/24 can access the SQL databases running on the NC2 cluster in the subnet 10.78.1.0/24, the administrator can take the following actions:

Option A: Create a custom Security Group with the following rules:

Key = tag:nutanix:clusters

Key = tag:nutanix:clusters:external

and value = the clusters' UUID

Key = tag:nutanix:clusters:external

and value = 10.78.1.0/24

Option D: Create a custom Security Group with the following:

Key = nutanix:clusters

Key = nutanix:clusters:external

and value = the clusters' UUID

Key = nutanix:clusters:external

and value = 10.79.1.0/24

These actions help create security rules that restrict access to the databases only from the specified source subnet, ensuring secure and controlled access.

Nutanix Cloud Clusters on AWS Administration

AWS Security Groups Documentation

Question 3

An administrator is deploying a new NC2 cluster on AWS and needs to ensure full connectivity is established between the company's on-premises datacenter and the AWS cloud.

Which two AWS offering will satisfy this requirement? (Choose two.)

AExpressRoute

BAWS VPN

CDirect Connect

DDedicated interconnect

Answer : B, C

To establish full connectivity between the company's on-premises datacenter and the AWS cloud, the following AWS offerings will satisfy this requirement:

AWS VPN: This service allows you to create a secure connection between your on-premises network or other remote network and your AWS VPC using an IPsec VPN tunnel. It is suitable for low to moderate bandwidth requirements and provides secure, encrypted connections.

Direct Connect: AWS Direct Connect is a dedicated network connection from your premises to AWS. It provides a private, high-bandwidth, low-latency connection which is ideal for high-throughput applications and workloads that need consistent network performance.

AWS VPN Documentation

AWS Direct Connect Documentation

Question 4

An administrator needs to understand which of the services implemented on their NC2 AWS deployment will be protected with Cluster protect.

Which service of feature is Cluster Protect able to both protect and recover its associated metadata?

AObject

BVM templates

CFiles

DCategories

Answer : B, C

Cluster Protect in an NC2 environment can protect and recover the following services and their associated metadata:

VM Templates: Ensures that templates used for creating virtual machines are backed up and recoverable.

Files: Protects data stored in Nutanix Files, ensuring that file services are backed up and can be restored as needed.

Nutanix Support & Insights

Nutanix Cloud Clusters on AWS Administration

Question 5

Which two features or services can an administrator ensure are protected by cluster protect within an NC2 environment? (Choose two.)

AFlow Network Security

BVM Templates

CNutanix Files

DVirtual Machine Disks

Answer : C, D

Within an NC2 environment, the Cluster Protect feature can ensure the protection of:

Nutanix Files: This provides file services within the Nutanix ecosystem, and Cluster Protect can safeguard the data stored in Nutanix Files.

Virtual Machine Disks: This ensures that the data stored on virtual machine disks is protected, providing backup and recovery options for the virtual machines running within the cluster.

Nutanix Cloud Clusters on AWS Administration

Nutanix AOS 6.7 Documentation

Question 6

An administrator has deployed an NC2 cluster on AWS to an existing environment for VDI.

Afterwards, the corporate security teams direct the administrator to reuse an existing AWS subnet, 10.79.4.0/24 that has two EC2 instances: EC2-1 (10.79.4.200) and EC2-2 (10.79.4.201). The security team indicates that this directive is to avoid overlap with the AHV IPAM.

Which two configuration actions should the administrator take to ensure there are no configuration issues? (Choose two.)

AaCLI > net.add_to_ip_bfacklist 10.79.4.200 aCLI > net.add_to_ip_blacklist 10.79.4.201

BDeploy two VMs on the NC2 cluster and assign 10.79.4.200 and 10.79.4.201 as the assigned IPs in Prism Element

CaCLI > net.de/ete_from_ip_blacklist 10.79.4.200 aCLI > net.defete_fromjp_blacklist 10.79.4.201

DConfigure the AHV JPAM to use DHCP range 10.79.4.2 -10.79.4.253.

Answer : A, D

To avoid IP address conflicts and ensure there are no configuration issues when reusing an existing AWS subnet, the administrator should take the following actions:

aCLI > net.add_to_ip_blacklist 10.79.4.200 aCLI > net.add_to_ip_blacklist 10.79.4.201 (Answer A):

This command adds the specified IP addresses to the blacklist, preventing AHV IPAM from assigning these addresses to any VMs. This ensures that the existing EC2 instances with IPs 10.79.4.200 and 10.79.4.201 are not allocated to other VMs in the NC2 cluster.

Configure the AHV IPAM to use DHCP range 10.79.4.2 -10.79.4.253 (Answer D):

By configuring the AHV IPAM to use a specific DHCP range, you ensure that the IP addresses assigned to the EC2 instances (10.79.4.200 and 10.79.4.201) are not included in the DHCP pool. This prevents IP address conflicts within the subnet.

Nutanix aCLI Reference

Nutanix NC2 on AWS Documentation

AWS VPC and Subnet Basics

Question 7

An administrator has created an NC2 cluster on AWS, but the NC2 console has issued this alert:

Which two scenarios could have resulted in the cluster creation failure? (Choose two.)

ABad Terraform (TF) state in provisioning

BInsufficient permissions

CNo available AWS credits

DAWS Quota exceeded/instance limit exceeded

Answer : B, D

The error message in the image indicates that the cluster creation failed due to reaching the maximum retries for provisioning cluster nodes. Here are two possible scenarios that could lead to this issue:

Insufficient Permissions (Answer B):

If the AWS user or role used to create the cluster does not have sufficient permissions, it can result in failures during the provisioning process. Proper IAM policies must be attached to ensure that the necessary actions can be performed, such as launching instances, creating VPCs, or managing networking components.

AWS Quota Exceeded/Instance Limit Exceeded (Answer D):

AWS imposes quotas and limits on the number of instances and other resources that can be created within an account. If these quotas are exceeded, new instances cannot be provisioned, causing the cluster creation to fail. This can be resolved by requesting a quota increase from AWS.

Nutanix Knowledge Base Article 9774

AWS Service Quotas

Nutanix NC2 on AWS Documentation

Nutanix NCP-CI-AWS Nutanix Certified Professional - Cloud Integration - AWS v6.7 Exam Practice Test