Nutanix Certified Professional – Multicloud Infrastructure v6.5 (NCP-MCI) — Question 45

An administrator is preparing to deploy a new application on an AHV cluster. Security requirements dictate that all virtual servers supporting this application must be prevented from communicating with unauthorized hosts.

Which option would achieve this goal?

Answer options

• A. Create a new subnet and assign to an existing VPC, assign the network IP prefix and gateway for the subnet, deploy servers with vNICs in the new subnet.
• B. Create a new Isolation Environment policy and apply it to the new servers and all authorized hosts.
• C. Create a new Application Security Policy restricting communication to the authorized hosts and apply it to the servers in enforce mode.
• D. Create a new VLAN, create a subnet on the cluster with the VLAN tag, deploy servers with vNICs in the new subnet.

Correct answer: C

Explanation

The correct answer is C because creating an Application Security Policy that restricts communication ensures that only authorized hosts can communicate with the servers, fulfilling the security requirements. Options A and D focus on network segmentation but do not enforce communication restrictions, while option B lacks specific enforcement measures for application communication.