Page 11 out of 51 Pages ... Showing Questions in Random order from Exam |
A consultant has been tasked with increasing security on a Nutanix cluster by disabling password authentication when accessing the CVM and AHV hosts and instead moving to key-based SSH. What is the easiest way for the consultant to meet these requirements?
A. Enable STlGs via command line on SSH to a CVM.
B. Configure LDAP authentication through a secure server.
C. Enable Cluster Lockdown and provide an RSA key.
D. Restrict access with User Management in Prism.
Explanation:
The most straightforward approach for increasing security by disabling password authentication and moving to key-based SSH on a Nutanix cluster involves:
C. Enable Cluster Lockdown and provide an RSA key: Cluster Lockdown mode
restricts management access to the cluster, ensuring that only key-based SSH
authentication is used to access the CVM and AHV hosts, enhancing security by
eliminating the use of passwords.
An administrator inherits a new Nutanix environment and logs in to a CVM to check the
network configuration. The configuration is as follows:
Which action should the administrator take to improve network performance?
A. Configure VLAN tagging both on br0 and br1 and their physical interfaces.
B. Add eth0 and eth1 to the br0-up bond
C. Configure balance-sib or balance-tcp mode for br0-up if switch configuration allows
D. Remove one 10 Gbs interface from br0-up to make sure all 10 Gbs can be used.
Explanation: Upon reviewing the network configuration in the provided image and
considering the setup in a Nutanix environment, the best action to improve network
performance is to adjust the bonding mode for the bridge that includes multiple highbandwidth
interfaces.
Option C, "Configure balance-sib or balance-tcp mode for br0-up if switch configuration
allows," is the most effective choice. The bonding mode "balance-sib" (source IP-based
load balancing) or "balance-tcp" (TCP/IP layer balancing) can optimize the distribution of
network traffic across multiple interfaces, thereby enhancing throughput and redundancy.
This approach utilizes the capabilities of multiple network interfaces more efficiently,
distributing the load to prevent any one interface from becoming a bottleneck while
providing failover redundancy.
A consultant asks a customer to verify the ToR Switch data port configuration was done according to Nutanix best practices. The switch configuration must simplify future deployments and expansions. Which two configuration actions will satisfy this requirement? (Choose two.)
A. Disable multicast and broadcast flood optimizations.
B. Configure the CVM and hypervisor host VLAN as the native.
C. Use a tagged VLAN for the CVM and hypervisor hosts.
D. Configure the connected switch ports as access.
Explanation: For a Nutanix cluster configuration that simplifies future deployments and expansions, disabling multicast and broadcast flood optimizations (A) and using a tagged VLAN for the CVM and hypervisor hosts (C) are the best practices. Disabling these optimizations helps in reducing unnecessary network traffic and potential broadcast storms in a growing environment. Using tagged VLANs for CVM and hypervisor hosts ensures proper network segmentation and scalability, allowing for easier management and expansion without reconfiguring the native network setup for each expansion or deployment.References: Nutanix Network Configuration Best Practices, Nutanix Deployment Guide.
An administrator is configuring software only. Data-at-Rest Encryption on their Nutanix cluster. They are planning to deploy a third-party key management server (KMS). Where should this server be hosted?
A. As a single VM on the Nutanix cluster
B. On hardware external to the Nutanix duster
C. As a clustered VM setup on the Nutanix cluster
D. As a single VM deployed on the host that contains the Prism leader CVM
A consultant is reviewing a customers Pre-delivery Questionnaire.
The customer wants to deploy their cluster with ESXi as the hypervisor with vSphere Distributed Switch. The customer will be using Cisco Nexus 9k as their switch choice In the kick-off call, it is confirmed that the customer has a business requirement to use LACP in their environment.
What should the consultant ensure that the customer configures on the port-channel interface before deployment?
A. show pore-channel
B. no lacp graceful-convergence
C. service unsupported-transceiver
D. no lacp suspend-individual
A consultant is preparing for a cluster deployment and evaluates portable Foundation. Laptop configuration is as follows: •CPU: 2.8 GHz Quad-Core Intel Core i7 •Memory: 4GB RAM During the installation, the consultant encounters some errors and tries to troubleshoot. What could prevent successful installation and Foundation usage?
A. Gatekeeper must be enabled
B. Oracle VirtualBox is installed on the laptop
C. Laptop configuration does not meet installation requirements
D. Firewall Stealth Mode is disabled
Page 11 out of 51 Pages |
Previous |