CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Nutanix
  5. NCP-CI-AWS

Free NCP-CI-AWS Exam Braindumps (page: 3)

Page 2 of 20
PDF with 75 Questions

An administrator has deployed an NC2 on AWS cluster and doesn't have connectivity back to the on- premises environment yet. The administrator wants to SSH into a CVM to edit a security setting and has deployed a Jump Host into an existing public subnet.
What action must the administrator still take to gain access to the CVM?

  1. Edit the CVM iptables to allow SSH.
  2. Edit the User Management Network Security Group to allow SSH from the Jump Host IP.
  3. Edit the UVM security group to allow SSH from the Jump Host IP and remove Cluster Lockdown.
  4. Create Custom Network Security Group at the subnet level and add the IP address of the Jump Host

Answer(s): B

Explanation:

To SSH into a Controller VM (CVM) in an NC2 on AWS cluster without on-premises connectivity, the administrator needs to ensure that the security settings allow SSH access from the Jump Host. This involves editing the User Management Network Security Group to permit SSH traffic from the Jump Host IP.
Deploy Jump Host:
Ensure the Jump Host is deployed in a public subnet with an Elastic IP (EIP) assigned for external access.
Edit User Management Network Security Group:

Locate the security group associated with the user management network. Modify the inbound rules to allow SSH (port 22) from the Jump Host's IP address. This ensures that the Jump Host can establish an SSH connection to the CVM.
Steps to Edit Security Group:
Navigate to the EC2 dashboard in the AWS Management Console. Select "Security Groups" under the "Network & Security" section.
Find and select the appropriate security group.
Edit the inbound rules to add a new rule:
Type: SSH
Protocol: TCP
Port Range: 22
Source: Custom IP (enter the Jump Host's public IP address) Additional Configuration:
Ensure that the CVM itself allows SSH connections and that no internal firewall rules block the traffic.


Reference:

Nutanix Cloud Clusters on AWS Administration Guide
AWS Security Group Documentation
Nutanix Best Practices for Secure Access



Which service enables the monitoring of key metrics on various AWS services, inducing EC2, EBS, and VPC for an NC2 cluster deployments?

  1. Amazon CloudWatch
  2. AWS CloudTrail
  3. AWS CloudFormation
  4. Amazon inspector

Answer(s): A

Explanation:

Amazon CloudWatch is the service that enables the monitoring of key metrics on various AWS services, including EC2, EBS, and VPC, for NC2 cluster deployments.
Amazon CloudWatch:
Amazon CloudWatch provides monitoring for AWS cloud resources and applications. It collects and tracks metrics, collects and monitors log files, and sets alarms. Specifically, for NC2 deployments, CloudWatch can be used to monitor key metrics such as CPU utilization, disk I/O, network I/O for EC2 instances, EBS volume performance, and VPC network traffic.
Features:
Metrics Monitoring: Collects and visualizes operational data in the form of metrics, including utilization, performance, and health.
Logs Monitoring: Collects log data, monitors it in real-time, and triggers alarms based on predefined thresholds.
Alarms: Notifies when operational performance thresholds are breached.
Integration with NC2:
By setting up CloudWatch, administrators can ensure they have visibility into the performance and health of their Nutanix clusters on AWS, aiding in proactive management and troubleshooting.


Reference:

Amazon CloudWatch Documentation
Nutanix Cloud Clusters on AWS Administration Guide
AWS Monitoring Best Practices



An administrator needs the permissions to create and manage multiple organizations and clusters in NC2, as well as manage user access for the entire company.
What role should be assigned to meet the minimum requirements of this task?

  1. Organization Administrator
  2. Customer Administrator
  3. Customer Security Administrator
  4. Cluster Administrator

Answer(s): B

Explanation:

The role of "Customer Administrator" in Nutanix Cloud Integration with AWS (NC2) is designed to meet the requirements of creating and managing multiple organizations and clusters, as well as managing user access for the entire company.
Roles and Permissions:
Customer Administrator: This role has the broadest set of permissions, allowing the user to create and manage organizations, clusters, and user access across the entire company. It encompasses administrative control over multiple aspects of the NC2 environment.
Capabilities:
Organization Management: Ability to create and manage multiple organizations. Cluster Management: Full control over creating, configuring, and managing clusters. User Access Management: Manage user roles and permissions, ensuring that the right individuals have access to the necessary resources.
Why Not Other Roles:
Organization Administrator: Limited to managing organizations but not clusters and user access at the company level.
Customer Security Administrator: Focuses on security aspects, lacking broader administrative capabilities.
Cluster Administrator: Limited to managing clusters without the ability to manage organizations and user access comprehensively.


Reference:

Nutanix Cloud Clusters on AWS Administration Guide
Nutanix Role-Based Access Control Documentation



An administrator needs to create user VM subnets for multiple NC2 clusters in AWS.
What would be the best approach to take?

  1. Create guest-VM VNets for each cluster.
  2. Use the cluster management subnet dedicated to each cluster.
  3. Create guest-VM subnets to be shared by all clusters.
  4. Create guest-VM subnets for each cluster.

Answer(s): D

Explanation:

When creating user VM subnets for multiple NC2 clusters in AWS, the best approach is to create guest-VM subnets for each cluster. This ensures that each cluster has its own dedicated subnets, which simplifies network management and avoids potential IP conflicts.
Advantages of Dedicated Subnets:
Isolation: Each cluster operates in its own subnet, providing better isolation and security. Management: Easier to manage and troubleshoot network issues when each cluster has its own subnets.
Scalability: More scalable as each subnet can be managed and expanded independently.
Steps to Create Guest-VM Subnets:
Identify the IP range for each subnet.
In the AWS VPC console, create a new subnet for each cluster using the identified IP ranges. Associate the new subnets with the respective clusters during or after the cluster deployment process.
Why Not Shared Subnets:
Shared subnets could lead to IP conflicts and make network management more complex, especially as the number of clusters grows.


Reference:

Nutanix Cloud Clusters on AWS Administration Guide
AWS VPC Subnet Creation Documentation






Post your Comments and Discuss Nutanix NCP-CI-AWS exam with other Community members:

NCP-CI-AWS Discussions & Posts