New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Nutanix NCP-CI-AWS Exam - Topic 4 Question 14 Discussion

Actual exam question for Nutanix's NCP-CI-AWS exam
Question #: 14
Topic #: 4
[All NCP-CI-AWS Questions]

An administrator has deployed an NC2 on AWS cluster that is running mixed workloads. Multiple SQL database are running on the NC2 cluster using a native subnet of 10.78.1.0/24.

The administrator wants to ensure only application servers from source subnet 10.79.1.0/24 that reside outside of the NC2 cluster can access the databases.

Which two actions will help the administrator most securely achieve this? (Choose two.)

A)

B)

C)

D)

Show Suggested Answer Hide Answer
Suggested Answer: A, D

To ensure that only application servers from the source subnet 10.79.1.0/24 can access the SQL databases running on the NC2 cluster in the subnet 10.78.1.0/24, the administrator can take the following actions:

Option A: Create a custom Security Group with the following rules:

Key = tag:nutanix:clusters

Key = tag:nutanix:clusters:external

and value = the clusters' UUID

Key = tag:nutanix:clusters:external

and value = 10.78.1.0/24

Option D: Create a custom Security Group with the following:

Key = nutanix:clusters

Key = nutanix:clusters:external

and value = the clusters' UUID

Key = nutanix:clusters:external

and value = 10.79.1.0/24

These actions help create security rules that restrict access to the databases only from the specified source subnet, ensuring secure and controlled access.


Nutanix Cloud Clusters on AWS Administration

AWS Security Groups Documentation

by Stephaine at Sep 18, 2024, 07:41 PM

Limited Time Offer

25%

Off

Get Premium NCP-CI-AWS Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Berry
3 months ago
I’m surprised there’s no mention of IAM roles here!
upvoted 0 times
...
Stephanie
3 months ago
Wait, why not just use a security group for this?
upvoted 0 times
...
Adelle
3 months ago
Definitely A! It’s the most secure option.
upvoted 0 times
...
Callie
4 months ago
I think B might work too, but not sure.
upvoted 0 times
...
Shawnda
4 months ago
Option A and C seem like the best choices.
upvoted 0 times
...
Cordelia
4 months ago
I’m leaning towards options that involve security groups, but I’m not completely confident. I hope I can remember the details from our practice tests!
upvoted 0 times
...
Janine
4 months ago
I think we need to ensure that only the right subnet can access the databases, so maybe one of the options involves setting up a specific rule for that subnet?
upvoted 0 times
...
Vicki
4 months ago
I’m a bit unsure about which options to pick. I feel like we had a similar question about subnet access control last week, but I can’t recall the specifics.
upvoted 0 times
...
Beata
5 months ago
I remember we discussed security groups and network ACLs in class. I think one of the options might involve modifying those to restrict access.
upvoted 0 times
...
Lili
5 months ago
Hmm, I'm not entirely sure about this one. I think I'll need to sketch out the network diagram and think through the requirements step-by-step to come up with the best solution. Careful planning will be key here.
upvoted 0 times
...
Quentin
5 months ago
This seems straightforward enough. I'd start by creating a security group for the application servers and another for the databases, then configure the appropriate inbound and outbound rules to allow the necessary access.
upvoted 0 times
...
Queenie
5 months ago
I'm a bit confused by the different subnets and network components involved. I'll need to review the details carefully and make sure I understand the relationships between them before deciding on the right solution.
upvoted 0 times
...
Jolene
5 months ago
Okay, let's see here. We need to restrict access to the databases from the application servers in the 10.79.1.0/24 subnet, while allowing the NC2 cluster to access them. I think a combination of network ACLs and security groups might be the way to go.
upvoted 0 times
...
Luis
5 months ago
Hmm, this looks like a tricky one. I'll need to carefully analyze the network topology and security requirements to determine the best approach.
upvoted 0 times
...
Man
5 months ago
This looks like a straightforward regex question. I'm pretty sure the answer is B, [A-Z], since that represents a single uppercase letter.
upvoted 0 times
...
Brock
1 year ago
Hmm, this question is a piece of cake. All these security-conscious candidates are making me wish I had brought my snacks to the exam. *chuckles*
upvoted 0 times
...
Paris
1 year ago
Option D is just plain wrong. Allowing all traffic to the database is a security nightmare! I hope none of my fellow candidates choose that one.
upvoted 0 times
Arthur
1 year ago
Yeah, Option D is a disaster waiting to happen. Option A and Option C are the way to go for sure.
upvoted 0 times
...
Fletcher
1 year ago
I'm leaning towards Option B and Option C. They seem like the most secure options for this scenario.
upvoted 0 times
...
Ilona
1 year ago
I think Option A and Option C would be the best choices to securely achieve the goal.
upvoted 0 times
...
Alise
1 year ago
I agree, Option D is definitely not the way to go. It's a huge security risk.
upvoted 0 times
...
...
Bernardo
1 year ago
I disagree. I think option B and D would be better to ensure secure access to the databases.
upvoted 0 times
...
Kenneth
1 year ago
Haha, good one! I'll make sure to stock up on energy bars next time. Can't let the security questions distract me from the real task at hand - acing this exam!
upvoted 0 times
Veda
1 year ago
Definitely, focusing on security measures is crucial for acing the exam. Good luck with your preparation!
upvoted 0 times
...
Melvin
1 year ago
I agree, those options look like they would help restrict access to the application servers from the specified subnet.
upvoted 0 times
...
Terrilyn
1 year ago
Option A and Option C seem like the best choices to secure the access to the databases.
upvoted 0 times
...
...
Felton
1 year ago
I agree with Margurite. Option A and C seem like the most secure choices.
upvoted 0 times
...
Margurite
1 year ago
I think the administrator should choose option A and option C.
upvoted 0 times
...
Pamella
1 year ago
Option B and C seem like the most secure choices here. Limiting access to the database from only the application servers in the 10.79.1.0/24 subnet is a good idea.
upvoted 0 times
...

Save Cancel