Login
Login

Nutanix NCP-CI-AWS Practice Questions

74 Questions ...

Updated On : 15-Apr-2025




Prepare with our NCP-CI-AWS practice questions and boost your chances of passing the exam effortlessly. Featuring Nutanix exam-like questions, they cover all critical topics and provide detailed explanations to enhance your understanding. Prepare smarter, not harder, and achieve your Nutanix NCP-CI-AWS certification goals effortlessly!

Page 2 out of 13 Pages

An organization wants to control network traffic at the individual User VM (UVM) subnet level. Which action will help achieve this goal?


A. Create a custom security group.


B. Modify the default UVM security group.


C. Modify the user management security group.


D. Modify the internal management security group.





A.   Create a custom security group.

Explanation:
To control network traffic at the individual User VM (UVM) subnet level, creating a custom security group is the appropriate action. This approach allows for fine-grained control over inbound and outbound traffic rules that can be applied to specific subnets or individual instances within those subnets.

Custom Security Group:
Custom security groups enable administrators to define specific traffic rules tailored to the needs of individual subnets or VMs. This includes specifying allowed IP ranges, ports, and protocols. By applying these custom security groups to the UVMs, the organization can control access and enhance security according to their policies and requirements.

Steps to Create a Custom Security Group:

  • Navigate to the AWS Management Console and go to the VPC service.
  • Select "Security Groups" under the "Security" section.
  • Click on "Create Security Group" and define the name, description, and VPC.
  • Add inbound and outbound rules according to the desired traffic control policies.
  • Attach the custom security group to the UVMs or subnets in question.

An administrator has created an NC2 cluster on AWS, but the NC2 console has issued this alert:

Which two scenarios could have resulted in the cluster creation failure? (Choose two.)


A. Bad Terraform (TF) state in provisioning


B. Insufficient permissions


C. No available AWS credits


D. AWS Quota exceeded/instance limit exceeded





B.   Insufficient permissions

D.   AWS Quota exceeded/instance limit exceeded

Explanation:
The error message in the image indicates that the cluster creation failed due to reaching the maximum retries for provisioning cluster nodes. Here are two possible scenarios that could lead to this issue:

Insufficient Permissions (Answer B):
If the AWS user or role used to create the cluster does not have sufficient permissions, it can result in failures during the provisioning process. Proper IAM policies must be attached to ensure that the necessary actions can be performed, such as launching instances, creating VPCs, or managing networking components.

AWS Quota Exceeded/Instance Limit Exceeded (Answer D):
AWS imposes quotas and limits on the number of instances and other resources that can be created within an account. If these quotas are exceeded, new instances cannot be provisioned, causing the cluster creation to fail. This can be resolved by requesting a quota increase from AWS.

Which two options are prerequisites for deploying an NC2 on AWS cluster? (Choose two.)


A. AWS Direct Connect


B. A valid CIDR range


C. A my.nutanix.com account


D. An on-premises Prism Central environment





B.   A valid CIDR range

C.   A my.nutanix.com account

Explanation:

  • A valid CIDR range: A CIDR (Classless Inter-Domain Routing) range is necessary for creating the subnets within the VPC. This range defines the IP address space for the cluster and its components.
  • A my.nutanix.com account: This account is required to access Nutanix services, including the NC2 console, manage licenses, and perform other administrative tasks.
  • AWS Direct Connect and an on-premises Prism Central environment are not prerequisites for deploying an NC2 on AWS cluster. While Direct Connect can be used for enhanced network performance and connectivity, it is not a requirement for deployment. Similarly, having an on-premises Prism Central environment is not mandatory for NC2 deployment on AWS.

An administrator planned to create a new NC2 cluster and chose the existing AWS VPC infrastructure in the workflow. The administrator needs two private subnets to complete the configuration.


A. For user VMs and cluster management


B. For Prism Element and Prism Central management


C. For DNS and NJP management


D. For private NAT and Elastic IP management





A.   For user VMs and cluster management

Explanation:
When creating a new NC2 cluster using an existing AWS VPC infrastructure, two private subnets are needed. These subnets are used as follows:

  • One private subnet for user VMs, which houses the virtual machines that users interact with.
  • Another private subnet for cluster management, which is used for internal cluster operations and management tasks, ensuring that management traffic is isolated from user traffic for security and performance reasons.

Which address must AWS Directory Service be able to resolve when deploying a new NC2 cluster?


A. gateway-internal-api.cloud.nutanix.com


B. gateway-external-api. cloud, nutanix.com


C. dovvnloads.cloud.nutanix.com


D. apikeys.nutanix.com





B.   gateway-external-api. cloud, nutanix.com

Explanation:

  • When deploying a new NC2 cluster, the AWS Directory Service must be able to resolve the address gateway-external-api.cloud.nutanix.com.
  • This external API gateway is critical for the NC2 cluster to communicate with Nutanix services for operations such as management, updates, and licensing.
  • Ensuring that this address can be resolved allows the cluster to interact properly with the Nutanix cloud infrastructure and services.

An administrator is tasked with providing VMs outbound internet connectivity in AWS. Which components would the administrator need to create in the VPC to achieve this?


A. Public Subnet NAT Gateway, Public EIP, Route Table


B. Private Subnet NAT Gateway, Public EIP, Route Table


C. Private Subnet Flow Gateway, Public EIP, Route Table


D. Public Subnet Flow Gateway, Public EIP, Route Table





B.   Private Subnet NAT Gateway, Public EIP, Route Table

Explanation:
To provide VMs with outbound internet connectivity in AWS using a private subnet, the administrator needs to create the following components in the VPC:
Private Subnet: A private subnet is required to house the VMs that need outbound internet access but do not require direct inbound access from the internet.
NAT Gateway: A NAT (Network Address Translation) Gateway is necessary to allow instances in the private subnet to connect to the internet or other AWS services while preventing the internet from initiating a connection with those instances.
Public EIP (Elastic IP Address): An EIP is associated with the NAT Gateway to provide a persistent public IP address that allows outbound internet traffic from the private subnet to be routed correctly.
Route Table: A route table is configured to route traffic from the private subnet to the NAT Gateway for outbound internet access.


Page 2 out of 13 Pages
Previous

Contact Us - Privacy Policy - Refund Policy - Terms ... Copyright © - All Rights Reserved