Nutanix Certified Professional - Network and Security (NCP-NS) 7.5 Sample Questions:
1. While configuring third-party services (Service Insertion) in Flow Network Security Next-Gen, an administrator notices dropped packets when redirecting traffic through a network function. Which configuration change would address this issue?
A) Keep the default MTU at 1500. Encapsulation is handled automatically.
B) Disable Geneve tunneling on the virtual switch.
C) Reduce the MTU size to 1400 to match Geneve encapsulation.
D) Increase the MTU by an additional 58 bytes for the Geneve header.
2. An administrator recently deployed a new set of virtual machines... 3-tier web application... restricted as follows: Only application VMs can talk to database VMs on port 3306 Frontend VMs should only communicate with application VMs on port 8080 Which action will correctly create and configure the Security Policies in Nutanix Flow to satisfy this task?
A) Create VLANs for each tier and configure ACLs to restrict communication.
B) Create categories for each tier then define an Application Policy allowing specific ports between them.
C) Configure a global "Allow All" Security Policy and rely on guest OS firewalls for tier-based restrictions.
D) Create IP-based rules for each VM category within a Security Policy.
3. Exhibit:
An administrator needs to setup a Syslog server to capture the Flow Network Security Hit logs. Which module name should be selected?
A) Audit
B) Security Policy Hit logs
C) API Audit
D) Flow Service Logs
4. Which action allows an administrator to reuse a single existing policy in a different scope?
A) Place policy in Enforce mode
B) Place policy in Monitor mode
C) Export
D) Clone
5. An administrator has deployed a microsegmentation policy in Nutanix Flow that allows certain VM traffic based on Active Directory (AD) user group membership. Users in a specific AD group report they are unable to access the VMs, while other users can connect without issues. The administrator suspects the problem is related to identity-based policy mapping. What should the administrator do to troubleshoot and resolve the access issue related to the identity-based policy?
A) Reboot all VMs associated with the policy to refresh their security group mapping.
B) Verify that the affected users are members of the mapped AD group.
C) Ensure the VMs are associated to the proper AD group categories.
D) Add the IP addresses of the blocked VMs to the Inbound ruleset.
Solutions:
| Question # 1 Answer: D | Question # 2 Answer: B | Question # 3 Answer: B | Question # 4 Answer: D | Question # 5 Answer: B |
We're so confident of our products that we provide no hassle product exchange.


By Lance

