To alert the security team when more than 500 files are renamed hourly on a Nutanix Files instance at a dark site, the administrator shoulddefine an anomaly rule in File Analytics. Nutanix File Analytics is a monitoring and analytics tool for Nutanix Files that provides visibility into file share activities, including file operations like renames. Anomaly rules allow administrators to detect unusual activities and configure alerts, such as email notifications, for specific thresholds.

TheNutanix Unified Storage Administration (NUSA)course states, “File Analytics enables administrators to define anomaly rules to monitor file activities, such as file renames, and set thresholds for alerts, making it ideal for detecting unusual behavior like mass file renaming.” The administrator can create an anomaly rule to track file rename operations and set a threshold of more than 500 renames per hour, triggering an email alert to the security team when this condition is met. This functionality works in a dark site environment, as File Analytics operates locally within the Nutanix cluster and does not require Internet access.

TheNutanix Certified Professional - Unified Storage (NCP-US)study guide further elaborates that “anomaly rules in File Analytics can be configured to monitor specific file operations, such as renames, with customizable thresholds and notification settings, ensuring timely alerts for potential security issues.” This makes File Analytics the best tool for the task, as it provides granular control over monitoring and alerting for file activities.

The other options are incorrect:

Set up Data Management Protection in Files Manager: Data Management Protection is not a feature of Nutanix Files; it may refer to backup or replication features, which do not address file rename monitoring.

Configure Nutanix Data Lens ransomware protection: Nutanix Data Lens focuses on data lifecycle management and tiering, not real-time monitoring of file operations like renames. While it has some ransomware detection capabilities, it is not designed for specific thresholds like 500 file renames per hour and requires Internet access, which is unavailable in a dark site.

Add MMC Snap-In for Nutanix Files: The MMC (Microsoft Management Console) Snap-In is used for managing Nutanix Files from a Windows system but does not provide monitoring or alerting capabilities for file rename operations.

The NUSA course documentation highlights that “File Analytics anomaly rules are the recommended solution for monitoring file operations like mass renames, providing customizable thresholds and alerts even in dark site environments.”