ExamGecko
Search Search Login
Home Home / Nutanix / NCP-CI-AWS
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When selecting the NC2 subscription plan from the Nutanix Billing portal, which options are available.
A company has just adopted Nutanix as their technology of choice and is preparing to deploy Nutanix Cloud Clusters (NC2). Which step must be taken first to again access to the CN2 console?
When creating an NC2 cluster in AWS, what are the required permissions for the account used to run the CloudFormation script?
An administrator has been tasked with deploying an NC2 cluster on AWS with the requirement to protect workloads. Which two options are valid to protect the workloads on this cluster? (Choose two.)
An administrator has recently deployed an NC2 on AWS cluster in the North Virginia region in availability zone us-east-1z. The clusters UUID is 0005F487-4962-91EA-4C98-C4284D123835. The cluster is consuming IPs from a 10.78.2.0/24 range. The AWS VPC has these available CIDR ranges: * 70.73.0.0/16 * 10.79.107.0/24 * 10.0.0.0/22 The following subnets have been configured in the NC2 AWS VPC: The following tags have been applied to a Custom Network Security Group: The Custom Network Security Group is allowing all inbound traffic from the 10.0.0.0/22 network. Which two subnets would be able to receive inbound traffic from AWS instances on a 10.0.0.0/22 network segment'? (Choose two.)
Which statement is true regarding AWS account requirements?
An administrator seeks to ensure that the newly created NC2 organization named Finance can only deploy clusters into certain cloud regions. What action should the administrator take to do this?
Which two statements are the most accurate regarding Cluster Protect? (Choose two.)
An administrator is planning to leverage NC2 on AWS for an elastic DR scenario where the initial cluster is using 13en.metal. Which two additional node types are supported for cluster expansion? (Choose two.)
An administrator has been asked to create a cluster to support new workloads. What are the maximum number of nodes supported in AWS?

Question 66 - NCP-CI-AWS discussion

Report
Export

An administrator is creating and destroying multiple clusters daily for a test/dev environment. The administrator wants ensure that every NC2 on AWS cluster deployed will allow full access from the on-premises CVM subnet.

What is most-efficient way to achive this?

A.
Modify the UVM Network Security Group of each cluster by setting the inbound allow address of the on-premises subnet.
Answers
A.
Modify the UVM Network Security Group of each cluster by setting the inbound allow address of the on-premises subnet.
B.
Modify the UVM Network Security Group of each cluster by setting the outbound allow address of the on-premises subnet.
Answers
B.
Modify the UVM Network Security Group of each cluster by setting the outbound allow address of the on-premises subnet.
C.
Create a Custom AWS Network Security Group using a key value of tag:nutanix:clusters:external and set the inbound allow address of the on-premises subnet.
Answers
C.
Create a Custom AWS Network Security Group using a key value of tag:nutanix:clusters:external and set the inbound allow address of the on-premises subnet.
D.
Create a Custom AWS Network Security Group using a key of tag:nutanix: clusters:external:cluster-uuid and set the value of the UUID for each deployed cluster. Set the inbound allow address of the on-premises subnet.
Answers
D.
Create a Custom AWS Network Security Group using a key of tag:nutanix: clusters:external:cluster-uuid and set the value of the UUID for each deployed cluster. Set the inbound allow address of the on-premises subnet.
Suggested answer: C

Explanation:

To ensure that every NC2 on AWS cluster deployed allows full access from the on-premises CVM subnet efficiently, the administrator should create a custom AWS Network Security Group.

Use a key value of tag:nutanix:clusters:external for the security group, and set the inbound allow address to the on-premises subnet.

This approach leverages AWS tags to manage security group rules dynamically and ensures that the necessary access permissions are applied automatically to all clusters with the specified tag.

This method reduces the need for manual configuration of each cluster's security group, streamlining the process for a test/dev environment where clusters are frequently created and destroyed.

Reference: Refer to the AWS documentation on Network Security Groups and Nutanix documentation on best practices for securing NC2 clusters.

Show Answer
asked 23/09/2024
Tu Nguyen
40 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms