ExamGecko
Search Search Login
Home Home / Nutanix / NCM-MCI-6.5
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Task 6 An administrator has requested the commands needed to configure traffic segmentation on an unconfigured node. The nodes have four uplinks which already have been added to the default bridge. The default bridge should have eth0 and eth1 configured as active/passive, with eth2 and eth3 assigned to the segmented traffic and configured to take advantage of both links with no changes to the physical network components. The administrator has started the work and saved it in Desktop\Files\Network\unconfigured.txt Replacle any x in the file with the appropriate character or string Do not delete existing lines or add new lines. Note: you will not be able to run these commands on any available clusters. Unconfigured.txt manage_ovs --bond_name brX-up --bond_mode xxxxxxxxxxx --interfaces ethX,ethX update_uplinks manage_ovs --bridge_name brX-up --interfaces ethX,ethX --bond_name bond1 --bond_mode xxxxxxxxxxx update_uplinks
Task 7 An administrator has environment that will soon be upgraded to 6.5. In the meantime, they need to implement log and apply a security policy named Staging_Production, such that not VM in the Staging Environment can communicate with any VM in the production Environment, Configure the environment to satisfy this requirement. Note: All other configurations not indicated must be left at their default values.
Task 1 An administrator has been asked to configure a storage for a distributed application which uses large data sets across multiple worker VMs. The worker VMs must run on every node. Data resilience is provided at the application level and low cost per GB is a Key Requirement. Configure the storage on the cluster to meet these requirements. Any new object created should include the phrase Distributed_App in the name.
Task 4 An administrator will be deploying Flow Networking and needs to validate that the environment, specifically switch vs1, is appropriately configured. Only VPC traffic should be carried by the switch. Four versions each of two possible commands have been placed in Desktop\Files\Network\flow.txt. Remove the hash mark (#) from the front of correct First command and correct Second command and save the file. Only one hash mark should be removed from each section. Do not delete or copy lines, do not add additional lines. Any changes other than removing two hash marks (#) will result in no credit. Also, SSH directly to any AHV node (not a CVM) in the cluster and from the command line display an overview of the Open vSwitch configuration. Copy and paste this to a new text file named Desktop\Files\Network\AHVswitch.txt. Note: You will not be able to use the 192.168.5.0 network in this environment. First command #net.update_vpc_traffic_config virtual_switch=vs0 net.update_vpc_traffic_config virtual_switch=vs1 #net.update_vpc_east_west_traffic_config virtual_switch=vs0 #net.update_vpc_east_west_traffic_config virtual_switch=vs1 Second command #net.update_vpc_east_west_traffic_config permit_all_traffic=true net.update_vpc_east_west_traffic_config permit_vpc_traffic=true #net.update_vpc_east_west_traffic_config permit_all_traffic=false #net.update_vpc_east_west_traffic_config permit_vpc_traffic=false
Task 3 An administrator needs to assess performance gains provided by AHV Turbo at the guest level. To perform the test the administrator created a Windows 10 VM named Turbo with the following configuration. 1 vCPU 8 GB RAM SATA Controller 40 GB vDisk The stress test application is multi-threaded capable, but the performance is not as expected with AHV Turbo enabled. Configure the VM to better leverage AHV Turbo. Note: Do not power on the VM. Configure or prepare the VM for configuration as best you can without powering it on.
Task 11 An administrator has noticed that after a host failure, the SQL03 VM was not powered back on from another host within the cluster. The Other SQL VMs (SQL01, SQL02) have recovered properly in the past. Resolve the issue and configure the environment to ensure any single host failure affects a minimal number os SQL VMs. Note: Do not power on any VMs
Task 8 Depending on the order you perform the exam items, the access information and credentials could change. Please refer to the other item performed on Cluster B if you have problems accessing the cluster. The infosec team has requested that audit logs for API Requests and replication capabilities be enabled for all clusters for the top 4 severity levels and pushed to their syslog system using highest reliability possible. They have requested no other logs to be included. Syslog configuration: Syslog Name: Corp_syslog Syslop IP: 34.69.43.123 Port: 514 Ensure the cluster is configured to meet these requirements.
Task 2 An administrator needs to configure storage for a Citrix-based Virtual Desktop infrastructure. Two VDI pools will be created Non-persistent pool names MCS_Pool for tasks users using MCS Microsoft Windows 10 virtual Delivery Agents (VDAs) Persistent pool named Persist_Pool with full-clone Microsoft Windows 10 VDAs for power users 20 GiB capacity must be guaranteed at the storage container level for all power user VDAs The power user container should not be able to use more than 100 GiB Storage capacity should be optimized for each desktop pool. Configure the storage to meet these requirements. Any new object created should include the name of the pool(s) (MCS and/or Persist) that will use the object. Do not include the pool name if the object will not be used by that pool. Any additional licenses required by the solution will be added later.
Task 10 An administrator is working to create a VM using Nutanix V3 API calls with the following specifications. * VM specifications: * vCPUs: 2 * Memory: BGb * Disk Size: 50Gb * Cluster: Cluster A * Network: default- net The API call is falling, indicating an issue with the payload: The body is saved in Desktop/ Files/API_Create_VM,text Correct any issues in the text file that would prevent from creating the VM. Also ensure the VM will be created as speeded and make sure it is saved for re-use using that filename. Deploy the vm through the API Note: Do not power on the VM.
Task 9 Part1 An administrator logs into Prism Element and sees an alert stating the following: Cluster services down on Controller VM (35.197.75.196) Correct this issue in the least disruptive manner. Part2 In a separate request, the security team has noticed a newly created cluster is reporting. CVM [35.197.75.196] is using the default password. They have provided some new security requirements for cluster level security. Security requirements: Update the default password for the root user on the node to match the admin user password: Note: 192.168.x.x is not available. To access a node use the Host IP (172.30.0.x) from a CVM or the supplied external IP address. Update the default password for the nutanix user on the CVM to match the admin user password. Resolve the alert that is being reported. Output the cluster-wide configuration of the SCMA policy to Desktop\Files\output.txt before changes are made. Enable the Advance intrusion Detection Environment (AIDE) to run on a weekly basis for the cluster. Enable high-strength password policies for the cluster. Ensure CVMs require SSH keys for login instead of passwords. (SSH keys are located in the Desktop\Files\SSH folder). Ensure the clusters meets these requirements. Do not reboot any cluster components.

Question 8 - NCM-MCI-6.5 discussion

Report
Export

Task 8

Depending on the order you perform the exam items, the access information and credentials could change. Please refer to the other item performed on Cluster B if you have problems accessing the cluster.

The infosec team has requested that audit logs for API Requests and replication capabilities be enabled for all clusters for the top 4 severity levels and pushed to their syslog system using highest reliability possible. They have requested no other logs to be included.

Syslog configuration:

Syslog Name: Corp_syslog

Syslop IP: 34.69.43.123

Port: 514

Ensure the cluster is configured to meet these requirements.

A.
See the Explanation for step by step solution
Answers
A.
See the Explanation for step by step solution
Suggested answer: A

Explanation:

To configure the cluster to meet the requirements of the infosec team, you need to do the following steps:

Log in to Prism Central and go to Network > Syslog Servers > Configure Syslog Server. Enter Corp_syslog as the Server Name, 34.69.43.123 as the IP Address, and 514 as the Port. Select TCP as the Transport Protocol and enable RELP (Reliable Logging Protocol). This will create a syslog server with the highest reliability possible.

Click Edit against Data Sources and select Cluster B as the cluster. Select API Requests and Replication as the data sources and set the log level to CRITICAL for both of them. This will enable audit logs for API requests and replication capabilities for the top 4 severity levels (EMERGENCY, ALERT, CRITICAL, and ERROR) and push them to the syslog server. Click Save.

Repeat step 2 for any other clusters that you want to configure with the same requirements.

To configure the Nutanix clusters to enable audit logs for API Requests and replication capabilities, and push them to the syslog system with the highest reliability possible, you can follow these steps:

Log in to the Nutanix Prism web console using your administrator credentials.

Navigate to the 'Settings' section or the configuration settings interface within Prism.

Locate the 'Syslog Configuration' or 'Logging' option and click on it.

Configure the syslog settings as follows:

Syslog Name: Enter 'Corp_syslog' as the name for the syslog configuration.

Syslog IP: Set the IP address to '34.69.43.123', which is the IP address of the syslog system.

Port: Set the port to '514', which is the default port for syslog.

Enable the option for highest reliability or persistent logging, if available. This ensures that logs are sent reliably and not lost in case of network interruptions.

Save the syslog configuration.

Enable Audit Logs for API Requests:

In the Nutanix Prism web console, navigate to the 'Cluster' section or the cluster management interface.

Select the desired cluster where you want to enable audit logs.

Locate the 'Audit Configuration' or 'Security Configuration' option and click on it.

Look for the settings related to audit logs and API requests. Enable the audit logging feature and select the top 4 severity levels to be logged.

Save the audit configuration.

Enable Audit Logs for Replication Capabilities:

In the Nutanix Prism web console, navigate to the 'Cluster' section or the cluster management interface.

Select the desired cluster where you want to enable audit logs.

Locate the 'Audit Configuration' or 'Security Configuration' option and click on it.

Look for the settings related to audit logs and replication capabilities. Enable the audit logging feature and select the top 4 severity levels to be logged.

Save the audit configuration.

After completing these steps, the Nutanix clusters will be configured to enable audit logs for API Requests and replication capabilities. The logs will be sent to the specified syslog system with the highest reliability possible.

ncli

<ncli> rsyslog-config set-status enable=false

<ncli> rsyslog-config add-server name=Corp_Syslog ip-address=34.69.43.123 port=514 network-protocol=tdp relp-enabled=false

<ncli> rsyslog-config add-module server-name= Corp_Syslog module-name=APLOS level=INFO

<ncli> rsyslog-config add-module server-name= Corp_Syslog module-name=CEREBRO level=INFO

<ncli> rsyslog-config set-status enable=true

https://portal.nutanix.com/page/documents/kbs/details?targetId=kA00e0000009CEECA2

Show Answer
asked 23/09/2024
Fernando Pereira dos Santos
39 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms