Nutanix NCP Practice Test Questions, Exam Dumps

Practice Exams:

View All

NCP Nutanix Practice Test Questions and Exam Dumps

Question No 1:

An administrator is tasked with running both Microsoft Exchange and Microsoft SQL workloads on the same infrastructure. To ensure consistent performance, the administrator needs to guarantee that each application has its own dedicated and reserved storage capacity.

What is the best approach to fulfill this requirement?

A. Create one container and set capacity reservation
B. Create two containers and reserve space for containers
C. Create one container and enable compression
D. Create two containers and reserve space for vDisks

Answer: B

Explanation:

When managing workloads such as Microsoft Exchange and SQL Server, it’s crucial to ensure resource isolation and performance consistency. Each of these applications has distinct I/O patterns and storage requirements. SQL workloads are typically characterized by random I/O and heavy write operations, while Exchange workloads lean toward sequential access with high transaction rates. Mixing them without adequate resource separation can lead to performance degradation.

Nutanix environments offer storage containers as logical partitions within a storage pool. These containers allow administrators to configure settings such as compression, deduplication, and most importantly in this context, capacity reservation. However, using a single container with capacity reservation (Option A) means both workloads would share the same reserved space, which defeats the purpose of workload isolation. Similarly, enabling compression (Option C) may optimize space usage but doesn’t guarantee any reservation or separation for applications.

The optimal solution is to create two separate containers, one for Exchange and one for SQL, and reserve space for each container (Option B). This ensures that both applications receive dedicated storage, which is especially useful in preventing one workload from starving the other during heavy use. This approach enhances predictability, manageability, and performance tuning.

Option D, which involves reserving space for vDisks, may seem similar but works at a more granular level. It doesn’t provide the same level of storage service management as containers, which support additional features like compression, deduplication, and data tiering.

Therefore, the best practice is to use two containers with reserved capacity, which ensures optimal performance and resource guarantees for both workloads.

Question No 2:

An administrator is setting up LDAP integration in an environment configured as a single domain, single forest, and without SSL encryption. Which port should be used to connect to the LDAP server in this scenario?

A. 389
B. 3269
C. 636
D. 3268

Answer: A

Explanation:

LDAP (Lightweight Directory Access Protocol) is commonly used for directory services and authentication across enterprise environments. It operates over various port numbers depending on the configuration—specifically whether SSL/TLS encryption is used and whether Global Catalog (GC) queries are required.

Port 389 is the default LDAP port used for unencrypted (non-SSL) communication. In scenarios where SSL is not configured—as stated in the question—port 389 is the correct choice. This port allows standard LDAP queries, including user authentication and directory lookups within the same domain and forest.

Port 636 (Option C) is reserved for LDAPS, which is the secure version of LDAP over SSL. Since the question specifies that SSL is not used, this port is not appropriate.

Port 3268 (Option D) and 3269 (Option B) are both used for Global Catalog queries. The Global Catalog enables searches across multiple domains within a forest. Port 3268 is used for unencrypted GC queries, while 3269 is used for SSL-encrypted GC queries. However, since the setup described is single domain, single forest, and no cross-domain searches are needed, the use of Global Catalog ports is unnecessary.

Thus, for a single-domain, single-forest LDAP setup without SSL, port 389 is the correct choice for communication.

This setup ensures basic directory services like user lookups and group membership can be performed efficiently, without introducing the complexity of encryption or multi-domain traversal. For enhanced security, especially in production or internet-facing environments, LDAPS (port 636) is typically recommended—but that is outside the scope of this scenario.

Question No 3:

Which best practice should be followed when creating a bond in a Nutanix cluster?

A. Place NICs of different speeds within the same bond
B. Configure the bond to use LACP
C. Only utilize NICs of the same speed within the same bond
D. Use the default bond configuration after installation

Answer: C

Explanation:

When creating a bonded network interface in a Nutanix cluster, it is considered a best practice to only use NICs (Network Interface Cards) of the same speed. The reason behind this is primarily related to performance consistency and reliability. Mixing NICs of different speeds (such as 1GbE with 10GbE) in the same bond can cause network instability and suboptimal traffic distribution. Bonding assumes all interfaces have the same performance capabilities to effectively balance the load.

Option A is incorrect because placing NICs of different speeds within the same bond can lead to uneven traffic flow and degraded performance.

Option B suggests using LACP (Link Aggregation Control Protocol), which is often used for active-active bonding configurations and does improve load balancing and fault tolerance. However, LACP may not be supported by all network switches or configurations and is not a mandatory or universally best practice in all Nutanix deployments.

Option D, using the default bond configuration, may not be optimal for all environments. The default configuration is often active-backup, which provides redundancy but not load balancing. Therefore, customization based on the environment's requirements and hardware capabilities is typically preferred.

Question No 4:

A customer wants to isolate a group of VMs within their Nutanix environment for security reasons. The customer creates a VM with two NICs to act as a firewall and installs the appropriate software and certificates.

However, no one from the outside can access the application.What is the likely cause of this problem?

A. A shared volume group must be used by all isolated VMs
B. More than one NIC cannot be added to a VM
C. One of the NICs needs to be configured on the internal VLAN
D. Wireshark is installed on the NAT VM

Answer: C

Explanation:

In this scenario, the issue revolves around network configuration and routing. The VM acting as a firewall has two NICs — typically, one NIC is connected to the external/public network, and the other to the internal/private network. For this firewall to properly forward traffic and isolate the VMs, one of the NICs must be correctly configured to connect to the internal VLAN, which handles traffic from the private segment of the infrastructure.

Option C correctly identifies the likely problem: the internal NIC may not have been properly configured or associated with the appropriate VLAN, thus blocking internal communication.

Option A is unrelated to network isolation; volume groups relate to block storage and are not a factor in routing or network isolation.

Option B is incorrect; Nutanix supports multiple NICs per VM, which is a standard practice for firewalls, routers, or load balancers.

Option D is a red herring; the presence of Wireshark on a VM would not, by itself, prevent external access.

Question No 5:

In Files, how many FSVMs are deployed by default?

A. 1
B. 2
C. 3
D. 5

Answer: C

Explanation:

When deploying Nutanix Files (formerly known as Acropolis File Services or AFS), the system automatically deploys three FSVMs (File Server Virtual Machines) by default. This 3-node architecture ensures high availability and fault tolerance across the Nutanix cluster. Each FSVM operates independently but is part of a distributed file server system, which allows for load distribution and redundancy.

Option A (1 FSVM) would create a single point of failure, which contradicts Nutanix's design principles around availability.

Option B (2 FSVMs) may offer some redundancy, but Nutanix has standardized on 3 to meet both performance and fault tolerance requirements.

Option D (5 FSVMs) may be possible in larger or custom deployments, but it is not the default configuration.

Question No 6:

Which two conditions must be met for live migration of VMs between AHV hosts to be successful? (Choose two.)

A. All AHV hosts must have IP addresses within the same subnet
B. All AHV hosts must be part of the same VLAN
C. All virtual machines must have IP addresses within the same subnet
D. All virtual machines must be assigned to the same VLAN

Correct Answers: A, B

Explanation:

Live migration in a Nutanix environment using AHV (Acropolis Hypervisor) allows virtual machines (VMs) to be moved between physical hosts without any downtime. This is a critical feature for load balancing, hardware maintenance, and high availability. For live migration to succeed, several networking and configuration prerequisites must be met.

First, option A is correct because all AHV hosts must be reachable across the network, and having their IP addresses in the same subnet simplifies Layer 2 communication and ensures there are no routing barriers. This is especially important if the cluster design relies on broadcast or multicast traffic for inter-host communication during migration tasks.

Second, option B is also correct. Having all AHV hosts on the same VLAN ensures that the hosts can communicate directly on the same Layer 2 broadcast domain. VLAN consistency across hosts guarantees that migration traffic, including VM memory state and CPU registers, can travel between the source and destination without network segmentation issues or security policy conflicts. Any inconsistency in VLAN tagging can prevent hosts from properly communicating or interpreting migration requests.

Option C is incorrect because the IP addresses of the VMs themselves do not impact the migration process. VM IPs are part of the guest operating system and are not directly involved in how the hypervisor handles memory or disk state migration.

Option D is also incorrect. While keeping VMs on the same VLAN might be desirable for network communication consistency, it is not a prerequisite for live migration. The hypervisor deals with the encapsulated state of the VM, and the guest VM’s VLAN configuration does not impact the underlying migration process between hosts.

In summary, the primary considerations for successful VM live migration involve host-to-host communication and network design at the hypervisor level, not the configuration inside or specific to the virtual machines. Ensuring that all AHV hosts share the same subnet and VLAN forms the foundation for seamless and reliable live migration operations in a Nutanix environment.

Question No 7:

Which protocol should an administrator use to secure Volume access with password-based authentication?

A. iSER
B. SAML
C. CHAP
D. LDAP

Correct Answer: C

Explanation:

When securing access to Volumes (block storage) in a Nutanix environment, especially over iSCSI, it's essential to authenticate clients to prevent unauthorized access. The most widely adopted method for password-based authentication in this context is CHAP (Challenge-Handshake Authentication Protocol).

Option C, CHAP, is correct. CHAP is a secure authentication protocol that uses a challenge-response mechanism to verify a user's identity without transmitting the password in clear text. This method enhances security by avoiding replay attacks and ensuring that the initiator (usually a host or server requesting the volume) is authenticated before establishing the session. In Nutanix Volumes, CHAP can be configured per target or per initiator, providing flexibility and security.

Option A, iSER (iSCSI Extensions for RDMA), is incorrect because it refers to a transport protocol, not an authentication method. While iSER can offer performance enhancements by offloading network traffic via RDMA (Remote Direct Memory Access), it does not handle authentication or security.

Option B, SAML (Security Assertion Markup Language), is used primarily for web-based SSO (Single Sign-On) scenarios and federated identity management. It's not applicable to block storage or iSCSI volume authentication.

Option D, LDAP (Lightweight Directory Access Protocol), is used for directory services and user lookups, such as managing user accounts and roles in centralized databases. While LDAP can be used in administrative access control, it’s not used for securing volume access at the iSCSI level.

Therefore, when the goal is to secure volume access using passwords, CHAP is the appropriate choice. It strikes a balance between simplicity and security, making it widely supported across enterprise storage and operating system environments. Using CHAP also aligns with security best practices by ensuring that even if the network is compromised, the actual password is not exposed, thanks to its hashing and challenge-response mechanism.

Question No 8:

An administrator is deploying a one-node Remote Office/Branch Office (ROBO) cluster. Which of the following statements accurately describes a requirement or characteristic of this configuration?

A. The Controller VM (CVM) must be allocated 8 vCPUs and 20 GB of RAM
B. Supported hardware platforms include NX-1175S-G5 and NX-1175S-G6
C. The minimum Recovery Point Objective (RPO) for this configuration is 8 hours
D. A Witness VM is mandatory to maintain quorum in case of node failure

Correct Answer: B

Explanation:

A one-node ROBO cluster is a specific Nutanix deployment scenario designed for Remote Office/Branch Office (ROBO) environments where there is limited space, power, or cooling capabilities. These clusters offer simplified infrastructure management and centralized oversight while providing essential services like virtualization and storage.

Let’s analyze each option in this context:

Option A claims that the CVM must be assigned 8 vCPUs and 20 GB of RAM. This statement is incorrect for a one-node ROBO deployment. While CVM resource requirements vary based on cluster size and workload, one-node clusters typically use fewer resources to remain lightweight. Over-provisioning a CVM on a compact system like a one-node ROBO may lead to resource contention. Official sizing guides from Nutanix indicate that smaller configurations (especially for ROBO use cases) do not require 20 GB of RAM and 8 vCPUs for CVMs.
Option B is correct. The hardware platforms NX-1175S-G5 and NX-1175S-G6 are officially supported by Nutanix for one-node ROBO deployments. These models are specifically engineered for small form-factor, edge deployments that can run Nutanix AOS (Acropolis Operating System) efficiently with limited physical and power footprint. Hardware compatibility is a critical requirement for Nutanix deployments, and using certified hardware ensures full support and stability.
Option C states that the minimum RPO is 8 hours, which is incorrect. Nutanix supports much lower RPOs depending on configuration and replication settings. The minimum RPO can be as low as 1 minute using Nutanix’s asynchronous replication capabilities. RPO (Recovery Point Objective) is a metric indicating how much data loss is acceptable in case of failure, and 8 hours is too high and not reflective of the true capabilities of the platform.
Option D suggests that a Witness VM is required to break quorum in a one-node ROBO deployment. This is not true. Quorum is a concept used in multi-node clusters to avoid split-brain scenarios. In a one-node configuration, quorum is not applicable in the same way. While a Witness VM is required in two-node ROBO clusters to maintain high availability and quorum, it is not a requirement in a single-node setup.

In summary, only Option B correctly identifies a true statement about one-node ROBO clusters. The other options reflect misconceptions or apply to different configurations.

Question No 9:

An administrator receives an automated alert email indicating that a system health check has failed within a Nutanix environment. To gain further insight and troubleshoot the issue, what is the most appropriate next step?

A. Access the Prism Web Console and click on the link provided in the alert for more information
B. Execute the health check again using the ncc command from the Controller VM (CVM) CLI
C. Forward the email to Nutanix Support and wait for their analysis
D. Use the ncli command on the CVM to manually retrieve details of the failed check

Correct Answer: B

Explanation:

When managing a Nutanix cluster, proactive monitoring and health checks are essential to maintaining system integrity and performance. Nutanix uses a tool called the Nutanix Cluster Check (NCC) to perform comprehensive diagnostics across the environment. These checks cover a wide range of system components including storage, networking, configuration consistency, and more.

In the scenario described, an administrator has received an alert via email stating that a health check has failed. The best course of action is to re-run the health check using the NCC utility from the CVM CLI, as stated in Option B, which is the correct answer.

The ncc command provides a detailed output of each check and categorizes the results into PASS, FAIL, or WARNING. It allows the administrator to dig deeper into the failure, view error codes, logs, and any potential resolutions or recommended actions. Running ncc manually also allows for more control—for example, filtering specific checks or running checks for certain services only. A commonly used command might be:

This runs all available checks and is typically the first step in a troubleshooting workflow after receiving a health alert.

Let’s consider the incorrect options:

Option A mentions using a URL from the email via the Prism Web Console. While Prism does integrate with alerts and can provide health status details, not all alerts will include clickable URLs, and those that do may only point to generic dashboards. For deep-dive diagnostics, the ncc command is more powerful and appropriate.
Option C suggests forwarding the email to Nutanix Support. While Support can certainly assist with issues, relying on them without first performing internal diagnostics wastes valuable time. Nutanix expects administrators to conduct preliminary checks using built-in tools like ncc.
Option D mentions using ncli, which is a command-line interface used for configuration tasks such as managing VMs or networking—not health diagnostics. It lacks the granularity of NCC for troubleshooting system issues.

In conclusion, re-running the check with the ncc tool provides the most direct and detailed method to assess what went wrong, how critical the issue is, and how to resolve it. This makes Option B the most appropriate response.

Question No 10:

In a Nutanix cluster configured with Replication Factor 2 (RF2), what happens when two drives fail on different nodes but within the same storage tier?

A. Some VM data may be lost
B. No VM data is lost if the node has two or more SSDs
C. Some VMs may reboot but will regain access to their data
D. No VM data is lost due to the RF2 configuration

Correct Answer: A

Explanation:

In a Nutanix environment, Replication Factor (RF) refers to the number of copies of data that are maintained for redundancy across different nodes. RF2 means that each block of data is replicated twice across the cluster, ensuring availability even in the event of hardware failures. However, this protection assumes the failures occur in a way that does not exceed the tolerance level defined by the RF configuration.

When two drives fail on different nodes in the same storage tier in an RF2 configuration, the outcome can be more complex than simply no data loss. Let’s break this scenario down:

Replication Factor 2 (RF2) ensures that data is replicated twice across the cluster. This typically means there are two copies of each block, which can tolerate a failure of a single drive or node without data loss. However, this only holds true as long as the failures occur in such a way that at least one replica remains accessible.
In this case, when two drives fail in the same storage tier (on different nodes), it becomes highly likely that the data replicas on those failed drives are lost. This situation could result in data loss because if the failed drives were holding one of the two copies of a piece of data (and the second replica is on a failed drive as well), there would be no remaining copy of that data. Therefore, some VM data may be lost, which is reflected in Option A.

Now, let’s analyze the other options:

Option B claims that no VM data is lost if the node has two or more SSDs. While having multiple SSDs on a node provides redundancy for performance and storage, it does not guarantee data availability in case of a failure. If two drives from different nodes fail in the same storage tier, even with multiple SSDs, data loss is still possible due to the lack of available replicas.
Option C suggests that some VMs may reboot but will regain access to data. This is incorrect because the scenario described indicates a potential data loss situation, not just a temporary unavailability. If the replicas are lost, rebooting VMs won’t restore access to the lost data.
Option D states that no VM data will be lost due to RF2. This is incorrect because while RF2 provides redundancy, it is not infallible. The failure of two drives in the same storage tier can lead to data loss if both copies of the data are impacted.

In summary, the correct answer is Option A because the failure of two drives in the same storage tier, even in an RF2 configuration, can lead to data loss if there are no remaining replicas of the affected data. This highlights the importance of proper hardware redundancy and monitoring to avoid data loss in critical environments.