Certification Training for NCP-CI-AWS Exam Dumps Test Engine [2025]
Jan 02, 2025 Step by Step Guide to Prepare for NCP-CI-AWS Exam
NEW QUESTION # 36
An administrator planned to create a new NC2 cluster and chose the existing AWS VPC infrastructure in the workflow. The administrator need two private subnets to complete the configuration.
What are these two private subnets used for..
- A. For Prism Element and Prism Central management
- B. For user VMs and cluster management
- C. For private NAT and Elastic IP management
- D. For DNS and NTP management
Answer: B
Explanation:
The requirement for two private subnets in the NC2 cluster configuration workflow serves the same purposes:
One subnet is designated for user VMs, ensuring user workloads are separated from management operations.
The other subnet is designated for cluster management, maintaining the integrity and security of management processes and internal communications.
Reference:
Nutanix Clusters on AWS Deployment Guide
Nutanix Cloud Clusters on AWS Administration
NEW QUESTION # 37
Which statement is true regarding AWS account requirements?
- A. An AWS root user can be used for any deployment or operations related to NC2.
- B. IAMFullAccess permission gets configuration details for supported AWS resources.
- C. NC2 on AWS uses AWS Secrets Manager for maintaining any stored secrets.
- D. AWSCloudFormationFullAccess role is required to create a CloudFormation stack.
Answer: D
Explanation:
To create a CloudFormation stack, the AWSCloudFormationFullAccess role is required.
This role grants the necessary permissions to create, update, and delete CloudFormation stacks, which are essential for deploying and managing AWS infrastructure using CloudFormation templates.
CloudFormation stacks are often used to automate the deployment of complex infrastructures, including those required for NC2 on AWS.
Proper permissions ensure that the deployment process is seamless and adheres to the security and operational policies of the organization.
Reference:
Refer to the AWS IAM documentation for details on the AWSCloudFormationFullAccess role and Nutanix documentation on prerequisites for deploying NC2 on AWS.
NEW QUESTION # 38
An administrator is deploying a new NC2 cluster on AWS and needs to ensure full connectivity is established between the company's on-premises datacenter and the AWS cloud.
Which two AWS offering will satisfy this requirement? (Choose two.)
- A. Direct Connect
- B. Dedicated interconnect
- C. AWS VPN
- D. ExpressRoute
Answer: A,C
Explanation:
To establish full connectivity between the company's on-premises datacenter and the AWS cloud, the following AWS offerings will satisfy this requirement:
AWS VPN: This service allows you to create a secure connection between your on-premises network or other remote network and your AWS VPC using an IPsec VPN tunnel. It is suitable for low to moderate bandwidth requirements and provides secure, encrypted connections.
Direct Connect: AWS Direct Connect is a dedicated network connection from your premises to AWS. It provides a private, high-bandwidth, low-latency connection which is ideal for high-throughput applications and workloads that need consistent network performance.
Reference:
AWS VPN Documentation
AWS Direct Connect Documentation
NEW QUESTION # 39
An administrator needs to create user VM subnets for multiple NC2 clusters in AWS.
What would be the best approach to take?
- A. Create guest-VM subnets for each cluster.
- B. Create guest-VM subnets to be shared by all clusters.
- C. Use the cluster management subnet dedicated to each cluster.
- D. Create guest-VM VNets for each cluster.
Answer: A
Explanation:
When creating user VM subnets for multiple NC2 clusters in AWS, the best approach is to create guest-VM subnets for each cluster. This ensures that each cluster has its own dedicated subnets, which simplifies network management and avoids potential IP conflicts.
Advantages of Dedicated Subnets:
Isolation: Each cluster operates in its own subnet, providing better isolation and security.
Management: Easier to manage and troubleshoot network issues when each cluster has its own subnets.
Scalability: More scalable as each subnet can be managed and expanded independently.
Steps to Create Guest-VM Subnets:
Identify the IP range for each subnet.
In the AWS VPC console, create a new subnet for each cluster using the identified IP ranges.
Associate the new subnets with the respective clusters during or after the cluster deployment process.
Why Not Shared Subnets:
Shared subnets could lead to IP conflicts and make network management more complex, especially as the number of clusters grows.
Reference:
Nutanix Cloud Clusters on AWS Administration Guide
AWS VPC Subnet Creation Documentation
NEW QUESTION # 40
An administrator has noticed the company's NC2 free trial expired 60 days ago.
What should the administrator do to continue using all of the NC2 features on existing clusters?
- A. Nothing. The clusters will have full feature support.
- B. Switch to a paid subscription plan.
- C. Contact the AWS cloud vendor.
- D. Contact Nutanix support to redeploy the cluster.
Answer: B
NEW QUESTION # 41
Which two statements are the most accurate regarding Cluster Protect? (Choose two.)
- A. An AWS subnet can be shared by VMs, Prism Central, and Multicloud Snapshort Technology (MST).
- B. Nutanix Guest Tools (NGT) is not required to be installed on User VMs.
- C. The dusters that are to be protected must be registered with the same instance of Prism Central.
- D. The Cluster Protect feature requires AOS version 6.7 or higher.
Answer: C,D
Explanation:
The clusters that are to be protected must be registered with the same instance of Prism Central (Answer C):
For Cluster Protect to function correctly, all clusters intended for protection must be registered under the same Prism Central instance. This ensures consistent management and coordination of protection policies and operations across clusters.
The Cluster Protect feature requires AOS version 6.7 or higher (Answer D):
Cluster Protect is a feature that is available starting from AOS version 6.7. To utilize this feature, ensure that the Nutanix clusters are running this version or a newer one.
Reference:
Nutanix Cluster Protection Documentation
Nutanix AOS Release Notes
NEW QUESTION # 42
Exhibit.
What action is taken against the Condemned node shown in the exhibit?
- A. The node is powered off.
- B. The node Is automatically replaced.
- C. The node has a power reset sent to it.
- D. The node is restarted.
Answer: C
Explanation:
When a node is marked as "Condemned," it indicates that the system has determined that the node is no longer reliable for operations. As part of the automated recovery and protection process, the following action is typically taken:
The node has a power reset sent to it (Answer A):
In most cases, a condemned node undergoes a power reset as an initial recovery attempt. This action attempts to reboot the node to bring it back to a healthy state. If the reset fails, further manual or automated steps may be required to address the hardware or software issue.
Reference:
Nutanix Cluster Management Documentation
Nutanix Support Knowledge Base
NEW QUESTION # 43
An administrator is deploying an NC2 cluster on AWS in the us-west-2 region. A VPC, management subnet, and a VM subnet are already created in the target region.
The management subnet has a local route and a route to the internet. The subnet has a route and a route to the NAT gateway. During the deployment, the management subnet appears in the drop-down list in the Create Cluster wizard, but cannot be selected.
What is the cause of this problem?
- A. The subnet has an IPv4 CIDR block but does not have an IPv6 CIDR block.
- B. The subnet has both an IPv4 CIDR block and an IPv6 CIDR block.
- C. The subnet has a direct route to an Internet gateway.
- D. The subnet does not have route to a Site-to-Site VPN connection through a virtual private gateway.
Answer: B
Explanation:
The Nutanix Create Cluster wizard may not support selecting subnets that have both IPv4 and IPv6 CIDR blocks due to compatibility or configuration constraints.
When a subnet with both CIDR blocks is present, it can cause issues in the selection process during cluster creation, as the system might not be able to properly handle or recognize the dual-stack configuration.
Ensuring that the management subnet has only an IPv4 CIDR block, without an IPv6 CIDR block, could resolve this issue and allow for successful selection in the cluster creation wizard.
Reference:
Refer to the Nutanix and AWS documentation on subnet configuration and requirements for NC2 cluster deployments, specifically addressing IPv4 and IPv6 compatibility and constraints.
NEW QUESTION # 44
A company wants to use Nutanix NC2 to burst VDI resources to the AWS cloud. The VDI workloads requires GPU accelation.
Which solution meets the company's requirements?
- A. AN36P nodes
- B. g4dn.metal nodes
- C. AN36 nodes
- D. m6g.metal nodes
Answer: B
Explanation:
For VDI workloads that require GPU acceleration, the g4dn.metal nodes are the appropriate choice. These instances are equipped with NVIDIA T4 GPUs, which are well-suited for graphics-intensive applications such as VDI workloads that need GPU acceleration. Other node types like AN36P, m6g.metal, or AN36 do not provide the necessary GPU capabilities.
Reference:
Nutanix Support & Insights - GPU support in AWS
NEW QUESTION # 45
An administrator has recently deployed an NC2 on AWS cluster in the North Virginia region in availability zone us-east-1z. The clusters UUID is 0005F487-4962-91EA-4C98-C4284D123835.
The cluster is consuming IPs from a 10.78.2.0/24 range.
The AWS VPC has these available CIDR ranges:
* 70.73.0.0/16
* 10.79.107.0/24
* 10.0.0.0/22
The following subnets have been configured in the NC2 AWS VPC:
The following tags have been applied to a Custom Network Security Group:
The Custom Network Security Group is allowing all inbound traffic from the 10.0.0.0/22 network. Which two subnets would be able to receive inbound traffic from AWS instances on a 10.0.0.0/22 network segment"? (Choose two.)
- A. Tier01
- B. SQL
- C. Server01
- D. VDl
Answer: A,C
Explanation:
To determine which subnets would be able to receive inbound traffic from AWS instances on a 10.0.0.0/22 network segment, we need to look at the configured subnets and their CIDR ranges, as well as the custom network security group's inbound rules.
Available CIDR ranges in VPC:
70.73.0.0/16
10.79.107.0/24
10.0.0.0/22
Configured Subnets in NC2 AWS VPC:
VDI: 10.78.130.0/22
SQL: 10.78.3.0/24
Server01: 10.78.2.0/24
Server02: 10.79.120.0/24
Tier01: 10.19.101.0/24
Custom Network Security Group Inbound Rule:
Allows all inbound traffic from 10.0.0.0/22.
Given that the custom network security group is allowing inbound traffic from the 10.0.0.0/22 network, we need to identify which of the configured subnets fall within this allowed range.
Analysis:
The subnets 10.78.130.0/22, 10.78.3.0/24, 10.78.2.0/24, 10.79.120.0/24, and 10.19.101.0/24 do not overlap with 10.0.0.0/22. Therefore, none of these subnets would naturally fall within the 10.0.0.0/22 range directly.
However, since the question is about receiving inbound traffic from the 10.0.0.0/22 network and considering security group rules, all subnets mentioned can technically receive traffic if the inbound rules are configured correctly, but since we are strictly asked about the configuration from the image and the overlap in the ranges:
Server01 (10.78.2.0/24) and Tier01 (10.19.101.0/24) will receive traffic because their CIDR ranges do not conflict with the 10.0.0.0/22 range, thus allowing traffic without additional restrictions.
Reference:
Nutanix Clusters on AWS Administration Guide
AWS VPC and Subnet documentation
Network Security Group rules configuration in Nutanix documentation
NEW QUESTION # 46
An administrator has been tasked with deploying a new production NC2 cluster on AWS and is studying the deployment..
AWS supports EC2 bare-metal instances in regions with at least how many partitions?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: A
Explanation:
AWS supports EC2 bare-metal instances in regions with at least 3 partitions. Partitions in AWS provide high availability and fault tolerance by distributing instances across different hardware to minimize the impact of hardware failures.
Reference:
AWS EC2 Bare Metal Instances Documentation
AWS Regions and Availability Zones
NEW QUESTION # 47
Which two options are prerequisites for deploying an NC2 on AWS cluster? (Choose two.)
- A. An on-premises Prism Central environment
- B. A valid CIDR range
- C. A my.nutanix.com account
- D. AWS Direct Connect
Answer: B,C
Explanation:
A valid CIDR range: A CIDR (Classless Inter-Domain Routing) range is necessary for creating the subnets within the VPC. This range defines the IP address space for the cluster and its components.
A my.nutanix.com account: This account is required to access Nutanix services, including the NC2 console, manage licenses, and perform other administrative tasks.
AWS Direct Connect and an on-premises Prism Central environment are not prerequisites for deploying an NC2 on AWS cluster. While Direct Connect can be used for enhanced network performance and connectivity, it is not a requirement for deployment. Similarly, having an on-premises Prism Central environment is not mandatory for NC2 deployment on AWS.
Reference:
Refer to the Nutanix documentation on NC2 prerequisites and setup guides, and AWS documentation on VPC and subnet creation.
NEW QUESTION # 48
An administrator is attempting to deploy an NC2 cluster.
The cluster configuration is as follows:
* Name - Cluster-1
* Nodes of type i4i.metal
* Replication Factor 2
* Existing VPC resources
* VPC - 10.0.0.0/16
* Subnets:
* Bare metal hosts: 10.0.1.0/24
* User VMs:10.0.2.0/24
* Public: 10.0.3.0/24
During the deployment process, the administrator notices the following alert:
What should the administrator do to ensure the cluster deployment does not fail?
- A. Check AWS VPC and subnet quotas for the cloud account.
- B. Ensure an outbound Internet connection exists from 10.0.1.0/24.
- C. Modify the administrator's RBAC permissions in the NC2 console.
- D. Create a new VPC and modify the cluster configuration to use the new VPC.
Answer: B
Explanation:
The alert indicates a potential issue with the VPC/Subnet settings, preventing the cluster nodes from contacting Nutanix services.
To resolve this, the administrator needs to ensure that the subnet 10.0.1.0/24, which is assigned for Bare metal hosts, has an outbound Internet connection.
This connection is necessary for the cluster nodes to communicate with external Nutanix services for updates, license validation, and other essential operations.
Verify that there are appropriate route tables and security group rules allowing outbound traffic to the Internet from the 10.0.1.0/24 subnet.
Ensure that there is either an Internet Gateway (IGW) attached to the VPC or a NAT Gateway configured if using private subnets.
Reference:
Refer to the Nutanix documentation and AWS VPC configuration guides to ensure proper Internet connectivity and routing setups.
NEW QUESTION # 49
What is the purpose of an organization in the NC2 console?
- A. To map the on-premises Prism Central environment
- B. To link with NC2 subscription plans
- C. To Link with a Public Cloud account
- D. To segregate clusters based on specific requirements
Answer: D
Explanation:
In the NC2 console, an organization is used to segregate clusters based on specific requirements. This segregation allows administrators to manage clusters more effectively by grouping them according to business units, projects, or other criteria. This organizational structure helps in maintaining clear boundaries and applying specific policies or permissions to different clusters within the same NC2 environment.
Reference:
Nutanix Cloud Clusters on AWS Administration
Nutanix Certified Professional - Cloud Integration - AWS
NEW QUESTION # 50
An administrator is creating and destroying multiple clusters daily for a test/dev environment. The administrator wants ensure that every NC2 on AWS cluster deployed will allow full access from the on-premises CVM subnet.
What is most-efficient way to achive this?
- A. Create a Custom AWS Network Security Group using a key value of tag:nutanix:clusters:external and set the inbound allow address of the on-premises subnet.
- B. Modify the UVM Network Security Group of each cluster by setting the outbound allow address of the on-premises subnet.
- C. Modify the UVM Network Security Group of each cluster by setting the inbound allow address of the on-premises subnet.
Answer: A
Explanation:
D/ Create a Custom AWS Network Security Group using a key of tag:nutanix: clusters:external:cluster-uuid and set the value of the UUID for each deployed cluster. Set the inbound allow address of the on-premises subnet.
Explanation:
To ensure that every NC2 on AWS cluster deployed allows full access from the on-premises CVM subnet efficiently, the administrator should create a custom AWS Network Security Group.
Use a key value of tag:nutanix:clusters:external for the security group, and set the inbound allow address to the on-premises subnet.
This approach leverages AWS tags to manage security group rules dynamically and ensures that the necessary access permissions are applied automatically to all clusters with the specified tag.
This method reduces the need for manual configuration of each cluster's security group, streamlining the process for a test/dev environment where clusters are frequently created and destroyed.
Reference:
Refer to the AWS documentation on Network Security Groups and Nutanix documentation on best practices for securing NC2 clusters.
NEW QUESTION # 51
If an administrator deploys an NC2 cluster using an existing AWS network, in which type of subnet should the administrator deploy the NAT Gateway?
- A. Public subnet
- B. Private subnet
- C. VPN-only subnet
- D. Isolated subnet
Answer: A
Explanation:
To deploy an NC2 cluster using an existing AWS network, the NAT Gateway should be placed in a public subnet. A public subnet is one that has a route to an Internet Gateway, allowing the NAT Gateway to provide outbound internet access for resources in private subnets. The NAT Gateway is used to enable instances in private subnets to access the internet while keeping them secure by not exposing them directly to the public internet.
Reference:
Nutanix Cloud Clusters (NC2) on AWS Documentation
NEW QUESTION # 52
An administrator is tasked with providing VMs outbound internet connectivity in AWS.
Which components would the administrator need to create in the VPC to achieve this?
- A. Private Subnet Flow Gateway, Public EIP, Route Table
- B. Public Subnet Flow Gateway, Public EIP, Route Table
- C. Public Subnet NAT Gateway, Public EIP, Route Table
- D. Private Subnet NAT Gateway, Public EIP, Route Table
Answer: D
Explanation:
To provide VMs with outbound internet connectivity in AWS using a private subnet, the administrator needs to create the following components in the VPC:
Private Subnet: A private subnet is required to house the VMs that need outbound internet access but do not require direct inbound access from the internet.
NAT Gateway: A NAT (Network Address Translation) Gateway is necessary to allow instances in the private subnet to connect to the internet or other AWS services while preventing the internet from initiating a connection with those instances.
Public EIP (Elastic IP Address): An EIP is associated with the NAT Gateway to provide a persistent public IP address that allows outbound internet traffic from the private subnet to be routed correctly.
Route Table: A route table is configured to route traffic from the private subnet to the NAT Gateway for outbound internet access.
Reference:
AWS NAT Gateway Documentation
AWS VPC Subnet Basics
NEW QUESTION # 53
An administrator is seeking help with an ongoing NC2 issue. After reaching out to Nutanix support, the administrator is introduced to NC2 specialist who can help troubleshoot the problem.
- A. Ensure the specialist is assigned the RBAC role with proper permissions.
- B. Confirm the Support Authorization on the organization is set to Full Access.
- C. Add the specialist as an admin user to the organizations.
- D. Provide the specialist with the administrator's login credentials.
Answer: A,B
Explanation:
Ensure the specialist is assigned the RBAC role with proper permissions (Answer A):
Role-Based Access Control (RBAC) ensures that the specialist has the necessary permissions to troubleshoot and manage the NC2 environment. This avoids unnecessary privilege escalations and maintains security.
Confirm the Support Authorization on the organization is set to Full Access (Answer C):
Setting the Support Authorization to Full Access allows the Nutanix support specialist to have the required access to investigate and resolve issues in the environment. This is essential for effective troubleshooting.
Reference:
Nutanix RBAC Documentation
Nutanix Support Access Guide
NEW QUESTION # 54
Which interface must be used to deploy NC2?
- A. NC2 Tile within the my.nutanix.com portal
- B. Foundation running in a Cloud Virtual Machine
- C. Prism Central Dashboard
- D. Cloud Provider portal
Answer: A
Explanation:
The NC2 Tile within the my.nutanix.com portal is the correct interface to deploy NC2. This portal provides an integrated and user-friendly interface specifically designed for deploying and managing Nutanix Clusters on AWS.
NC2 Deployment Interface:
NC2 Tile within the my.nutanix.com portal: This portal provides the necessary tools and options to deploy and manage NC2 clusters. It includes functionalities for setting up the clusters, configuring network settings, and managing resources.
Advantages:
User-Friendly Interface: Simplifies the deployment process with a guided setup.
Integrated Tools: Provides access to all necessary tools for managing the deployment and monitoring of NC2 clusters.
Reference:
Nutanix Cloud Clusters on AWS Administration Guide
Nutanix my.nutanix.com Portal Documentation
Nutanix Best Practices for Cluster Deployment
NEW QUESTION # 55
......
Nutanix NCP-CI-AWS Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
Ultimate Guide to Prepare NCP-CI-AWS Certification Exam for Nutanix Certified Professional: https://pass4sure.testvalid.com/NCP-CI-AWS-valid-exam-test.html