Free Practice Questions for Nutanix NCP-MCI-7.5 Exam

Nutanix security documentation is clear that vTPM data includes crucial encryption keys and that those keys must be protected through the Nutanix-supported mechanisms. Nutanix also states that encryption keys must be backed up, and third-party-style backup approaches do not protect vTPM device data correctly. If the required key backup material is missing during recovery, the restored environment cannot reconstruct the vTPM-backed trust context for those VMs. In practical terms, that means the VMs cannot be started successfully in the expected protected state because the vTPM keys cannot be recovered without the backup file. That makes D the best answer. ( Nutanix Portal )

This is why Nutanix treats vTPM-enabled workloads as a special class in protection and recovery planning. The issue is not that a new blank vTPM can simply be attached during restore, and it is not that the external KMS alone automatically recreates the VM’s vTPM identity. The trust chain depends on the protected key material. Without that backup information, Windows BitLocker and other vTPM-dependent security features cannot be restored to their original usable state. So even though the environment uses an external KMS for software encryption, the Nutanix-documented principle still applies: without the necessary key backup, the vTPM-enabled VMs cannot be recovered successfully, which is exactly what option D states. ( Nutanix Portal )

Nutanix documents Storage QoS as the correct mechanism to throttle VM I/O and prevent noisy-neighbor behavior. Nutanix also documents that storage policies in Prism Central apply to Categories, and that QoS settings such as throttled IOPS can be defined in the storage policy itself. That means the administrator can create one policy, set the IOPS cap, and apply it to the category assigned to Dev VMs. Current and future VMs with that category then inherit the same behavior without one-by-one configuration. That is exactly the scalable model described in option B.

The other options do not meet the requirement as cleanly. Replication factor affects resilience, not IOPS governance. Cloning one VM’s QoS is not a robust policy framework for future operations, especially when category-based automation already exists. Compression changes storage efficiency and sometimes performance characteristics, but it does not function as an enforceable per-VM IOPS cap. Because Nutanix explicitly ties QoS throttling to storage policies and category-based assignment, B is the documented and most maintainable answer.

Nutanix DR documentation for volume groups distinguishes replication types by RPO range. Nutanix documents Asynchronous Replication as the model for 1 hour or more RPO, while NearSync covers 1 minute to 15 minutes, and synchronous/Metro designs target near-zero or zero-RPO behavior with tighter latency expectations. Since the requirement here is 1 hour and the clusters are in different geographic regions, Asynchronous is the correct fit. That makes D the right answer.

The geography in the question is also a clue. Synchronous and Metro Availability are usually associated with low-latency links and more demanding network requirements, which are not implied by “different geographic regions.” NearSync is too aggressive for a 1-hour target and is documented for much shorter RPO windows. Nutanix’s own replication taxonomy places 1 hour or more squarely in the Asynchronous category, so D is the authentic answer.

Nutanix guidance for compression settings and current container behavior aligns with inline compression as the standard default, with an immediate (0-minute) delay model. Nutanix compression FAQ guidance also states that when deploying compression on a container, the recommended default delay for inline compression is 0, reinforcing the expected default posture for new storage containers. That makes A the correct answer. ( Nutanix )

This is one of those questions where older platform knowledge can cause confusion because historical versions and terminology evolved. The safest exam-oriented approach is to follow the current documented behavior and Nutanix’s own recommended default delay. Post-process compression with 60 minutes used to be a common mental model in older storage discussions, but the modern expected answer for a newly created container in Prism Central is inline compression with a 0-minute delay. Therefore A is the right choice. ( Nutanix )

This workload stores MP4 video files, which are typically large, sequential, and already compressed. For data with those characteristics, additional compression work often provides little benefit and can create unnecessary processing overhead. The best optimization is to disable compression for that workload through a storage policy so cluster resources are not wasted trying to compress data that is unlikely to shrink meaningfully. ( Nutanix Portal )

The other choices are weaker for this scenario. Capacity deduplication is generally most beneficial for repeated blocks or common-image patterns, not unique media streams. Erasure Coding is a capacity-efficiency feature, but on a small 3-node cluster and for a write-heavy recording pattern, it is not the primary performance optimization answer. Moving the data to Files changes the access method, but it does not address the specific inefficiency already identified in the storage settings. Nutanix exams often test whether the administrator can match the data service to the workload profile. Since MP4 content is already compressed, removing unnecessary compression overhead is the most targeted and sensible answer, making D correct. ( Nutanix Portal )

Nutanix documentation for Prism Central deployment states that single Prism Central VM deployments are supported in Small, Large, or X-Large sizes, and that a single-VM deployment can later be scaled out. Since X-Small is not the supported minimum deployment size in this documented model, the minimum supported size is Small. That makes A correct.

This question is really checking whether the administrator understands the starting point for a scale-out-capable Prism Central design. The existence of larger sizes does not change the minimum supported entry point. Nutanix’s documentation is explicit that a single Prism Central VM can begin at Small and later be expanded if more scale or resiliency is needed. Therefore, for a single-node Prism Central deployment with future scale-out potential, the correct answer is Small.

Nutanix documentation for Active Directory authentication in Prism Element states that the default LDAP port is 389, while port 636 is used for LDAPS, which provides encrypted LDAP traffic. Because the question explicitly says the administrator wants all traffic encrypted, the correct port is 636. That is the standard LDAPS answer and the one Nutanix documents directly.

The missing exhibit is not actually necessary to answer the question because the encryption requirement itself is enough. Ports 443 and 9440 are associated with web interfaces or management access, not LDAP directory authentication transport. Port 389 is unencrypted LDAP unless other mechanisms are layered on top. Nutanix’s own directory-authentication docs make the intended answer clear: use LDAPS on port 636. Therefore C is the authentic Nutanix answer.

Foundation Central is about deployment centralization, not backup, lifecycle upgrades, or automatic registration workflows as its main value proposition. Nutanix documentation describes Foundation Central as a tool that can manage several Foundation instances from a single pane of glass, allowing administrators to create clusters of remote nodes. That statement maps directly to option D. ( Nutanix Portal )

The subtle point here is that the question mentions Marketplace only as the method used to deploy Foundation Central, not as the capability being tested. Once deployed, Foundation Central’s job is to simplify remote cluster creation at scale. It does not replace LCM for software upgrades, nor is its primary role to perform backup and recovery of cluster configurations. Automatic cluster registration may happen as part of broader operational workflows, but it is not the core capability Nutanix emphasizes in the product description. In the context of imaging and deploying many branch-office clusters from a central team, the defining capability is centralized cluster creation and management visibility. That is why D is the right answer. ( Nutanix Portal )

Nutanix security hardening guidance explains that SSH Whitelisted Addresses control which client IPs are allowed to reach the CVM over SSH. If IP restriction is enabled and the new jump box is not on the allowlist, the SSH connection is expected to be refused. In that locked-down state, the correct recovery path is to access the CVM through a local or serial console and update the whitelist to include the new jump box IP. That makes C the correct answer. ( portal.nutanix.com , portal.nutanix.com )

Cluster Lockdown disabling password-based SSH is not the same setting as the SSH allowlist. Prism Central security views can help with visibility, but the key documented mechanism is the whitelist itself. Restarting the CVM does not reset the hardened configuration. Nutanix’s intent is that trusted-source access must be explicitly permitted, and once it is blocked, you need console-level access to make the change safely.