Nutanix Network & Security Certification Exam Syllabus

NCP-NS Dumps Questions, NCP-NS PDF, Network & Security Exam Questions PDF, Nutanix NCP-NS Dumps Free, Network & Security Official Cert Guide PDF, Nutanix Network & Security Dumps, Nutanix Network & Security PDFThe Nutanix NCP-NS exam preparation guide is designed to provide candidates with necessary information about the Network & Security exam. It includes exam summary, sample questions, practice test, objectives and ways to interpret the exam objectives to enable candidates to assess the types of questions-answers that may be asked during the Nutanix Certified Professional Network & Security (NCP-NS) exam.

It is recommended for all the candidates to refer the NCP-NS objectives and sample questions provided in this preparation guide. The Nutanix Network & Security certification is mainly targeted to the candidates who want to build their career in Professional Level domain and demonstrate their expertise. We suggest you to use practice exam listed in this cert guide to get used to with exam environment and identify the knowledge areas where you need more work prior to taking the actual Nutanix Certified Professional Network & Security exam.

Nutanix NCP-NS Exam Summary:

Exam Name
 Nutanix Certified Professional Network & Security
Exam Code NCP-NS
Exam Price $200 USD
Duration 120 minutes
Number of Questions 75
Passing Score 3000 on a scale of 1000-6000
Recommended Training / Books Nutanix Network and Security Administration (NNSA)
Schedule Exam Nutanix
Sample Questions Nutanix NCP-NS Sample Questions
Recommended Practice Nutanix Certified Professional Network & Security (NCP-NS) Practice Test

Nutanix Network & Security Syllabus:

Section Objectives
Configure Flow Virtual Networking - Create a VPC and Overlay Networks
  • Determine whether tenant or a transit VPC is required
  • Recognize the purpose or usage of ERP in the VPC
  • Identify the VPC Gateway nodes
  • Associate routed and private CIDRs

- Create and Manage VPC External Networks

  • Determine when overlapping ERPs is necessary
  • Associate Scale-out VPC Gateway nodes to a VPC
  • Determine when to set the default route
  • Determine routes to be set during VPC creation
  • Assign a specific Router IP/ SNAT IP to a VPC
  • Change the external network for a VPC
  • Create a Overlay External Network
  • Associate a VPC to a transit VPC Overlay External Network
  • Determine when to connect a VPC to a NAT or a No-NAT network

- Configure Connectivity Options

  • Create network load balancer with a target group of VMs
  • Analyze the status of BGP peering sessions, including advertised & received routes
  • Define a Policy Based Routing policy to redirect traffic via a security appliance for inspection
  • Assign a floating IP address to a workload for external access when using NAT external connectivity
  • Create resiliency within BGP neighbors
Configure Flow Network Security - Analyze and Document Application Flows
  • Determine when monitoring mode is appropriate for policy creation
  • Configure syslog to ship logs to an external source for analysis/enable policy logging
  • Define and/or update a policy rule set using the flow visualization/captured traffic
  • Recognize the purpose and use case for a shared services policy

- Create and Configure Security Policies

  • Determine the appropriate policy type based on business needs
  • Configure Isolation policies between two or more entities
  • Configure Application Policies with appropriate Secured Entities
  • Configure Group ID lookup for Active Directory
  • Configure VDI Policies
  • Explain the use case for the quarantine function

- Manage Policy Lifecycle and Modes

  • Create a policy in Monitor mode and identify discovered traffic
  • Enforce a policy currently applied in Monitor mode
  • Clone a policy and apply to a different Scope
  • Identify the number of entities potentially impacted by enforcing a monitored policy
  • Describe the different policy lifecycle modes
Troubleshoot Flow Virtual Networking - Troubleshoot Connectivity Issues
  • Determine why a VM inside a VPC cannot reach the Internet
  • Determine why two VMs within the same VPC cannot communicate with each other
  • Determine why a VM within a VPC cannot access the external network
  • Determine why the BGP neighbor is not receiving expected routes from the VPC
  • Identify and resolve network gateway status issues
  • Determine if a Gateway VM (VTEP, VPN, or BGP) is unhealthy
  • Verify that the subnet extension is active and in a healthy state

- Analyze Alerts and Logs to Address Virtual Networking Issues

  • Diagnose BGP state using session logs
  • Determine which user made a particular change and when
  • Analyze IPFIX exports to identify network connectivity issues
  • Interpret alerts and take corrective actions

- Analyze the Health of Infrastructure System Components

  • Describe how to check the Network Controller’s health
  • Recognize which actions can be performed (or not) when a Network Controller is unhealthy
  • Interpret network controller and Flow Network Security alerts
Troubleshoot Flow Network Security - Troubleshoot Undesired Network Communication
  • Determine if desired traffic is being prevented by a security policy
  • Verify VM membership in a policy component
  • Assess Security Policy Hitlogs to identify allowed and denied traffic
  • Identify policy priority conflicts (including prioritization of intra-tier rules vs. inbound/outbounds)
  • Determine the root cause of packet loss when service insertion is in use
  • Troubleshoot an issue where routes are present but North/South traffic is broken (MTU)

- Analyze Logs to Address Flow Network Security Issues

  • Describe how to pipe FNS Security Hit logs to external syslog server
  • Determine the status of the conntrack table through NCC healthchecks
  • Interpret FNS audit logs to diagnose an FNS issue

- Troubleshoot Identity-Based Policy Failure Related to User Group Mapping

  • Verify that AD is properly configured (URL, service account, credentials, etc.)
  • Enable ID Based Security and configure/manage referenced AD groups
  • Validate dynamic category assignment at login time
  • Validate that group memberships have been applied to a policy
Deploy and Upgrade a Flow Environment - Prepare a Cluster for Flow Network Security
  • Enable FNS from Prism Central
  • Create categories and associate to VMs
  • Confirm versions are supported and up-to-date before enablement
  • Identify the resources needed on nodes and Prism Central

- Prepare a Cluster for Flow Virtual Networking

  • Confirm that network controller is enabled and is the right version
  • Ensure all clusters compatible prior to enabling FVN
  • Set MTU on virtual switch
  • Confirm that Prism Central has adequate resources for the deployment

- Determine Order of Upgrades and Upgrade Paths

  • Identify and take actions on incompatible clusters
  • Determine if the Network Controller can be updated and identify dependencies
  • Determine if the FNS version can be upgraded and identify dependencies

- Configure Virtual Switches and MTU

  • Modify MTU size to allow subnet extension or other features to be used
  • Segregate East-West and North-South Traffic
  • Segregate UVM and Management and/or replication traffic

- Configure and Manage User Roles

  • Recognize which User roles can and cannot create a VPC
  • Create a custom Role
  • Limit Custom-Admin to specific VPCs
  • Determine the appropriate System defined FNS RBAC role for a given user
  • Create an Authorization policy for FNS
  • Create an FNS RBAC custom role with granular permissions
  • Determine the pre-configured permissions for system defined FNS RBAC roles
Rating: 5 / 5 (1 vote)