Examice

Exam NCM-MCI All QuestionsBrowse all questions from this exam

Question 4

An administrator of a Nutanix Enterprise Cloud has microsegmentation enabled and a firewall VM installed. The security team notifies the administrator that one of the VMs hosted in the environment has been exhibiting suspect network activity. The administrator wants to isolate the VM from the production network, but must still be able to access it to perform diagnostics.

What should the administrator do to meet the requirement?

Disable the vNIC on the affected VM

Quarantine the VM using the Forensic Method

Create a firewall rule that blocks VM traffic but permits diagnostic access

Create a security policy with a service chain directing that VMs traffic to the firewall

Correct Answer: C

To meet the requirement of isolating the VM from the production network while still allowing for diagnostic access, the administrator should create a firewall rule that blocks VM traffic but permits diagnostic access. This allows the administrator to restrict all unnecessary network activity while still being able to perform diagnostics on the VM, ensuring that potential security threats are mitigated without losing the ability to troubleshoot and resolve the issue.

Discussion

mogmogOption: B

Forensic. Isolates the VM from all traffic except traffic from categories specified in the built-in quarantine policy. The allowed categories contain forensic tools that enable you to perform forensics on the VM. https://portal.nutanix.com/page/documents/details?targetId=Nutanix-Flow-Guide-v5_17:mul-quarantine-rule-configuration-c.html

Cromo19

Agreed, answer is B.

TreasureOption: B

The “Forensic” option allows the limitation of inbound/outbound traffic to that which is specified from the “Add Forensic Tools” tab.

nabilloseOption: C

Quarantining the VM using the Forensic Method would also isolate the VM, but it would not allow for diagnostic access. Option: C