Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium CompTIA CV0-003 Dumps Questions Answers

Page: 1 / 34
Total 452 questions

CompTIA Cloud+ Certification Exam Questions and Answers

Question 1

A cloud administrator needs to control the connections between a group of web servers and database servers as part of the financial application security review. Which of the following would be the BEST way to achieve this objective?

Options:

A.

Create a directory security group.

B.

Create a resource group.

C.

Create separate VLANs.

D.

Create a network security group.

Buy Now
Question 2

A company with a worldwide presence wants to improve the user experience for its website. Which of the following can a systems administrator implement to improve download speeds and latency for the end users?

Options:

A.

A CDN solution

B.

An MPLS connection between data centers

C.

A DNS round robin

D.

A site-to-site VPN between data centers

Question 3

A security audit related to confidentiality controls found the following transactions occurring in the system:

GET &user=277

Which of the following solutions will solve the audit finding?

Options:

A.

Using a TLS-protected API endpoint

B.

Implementing a software firewall

C.

Deploying a HIDS on each system

D.

Implementing a Layer 4 load balancer

Question 4

A company is using an laaS environment. Which of the following licensing models would BEST suit the organization from a financial perspective to implement scaling?

Options:

A.

Subscription

B.

Volume-based

C.

per user

D.

Socket-based

Question 5

A company is deploying a public cloud solution for an existing application using lift and shift. The requirements for the applications are scalability and external access. Which of the following should the company implement? (Select TWO).

Options:

A.

A load balancer

B.

SON

C.

A firewall

D.

SR-IOV

E.

Storage replication

F.

A VPN

Question 6

A company has two primary offices, one in the United States and one in Europe. The company uses a public laaS service that has a global data center presence to host its marketing materials. The marketing team, which is primarily based in Europe, has reported latency issues when retrieving these materials. Which of the following is the BEST option to reduce the latency issues?

Options:

A.

Add an application load balancer to the applications to spread workloads.

B.

Integrate a CDN solution to distribute web content globally.

C.

Upgrade the bandwidth of the dedicated connection to the laaS provider.

D.

Migrate the applications to a region hosted in Europe.

Question 7

A piece of software applies licensing fees on a socket-based model. Which of the following is the MOST important consideration when attempting to calculate the licensing costs for this software?

Options:

A.

The amount of memory in the server

B.

The number of CPUs in the server

C.

The type of cloud in which the software is deployed

D.

The number of customers who will be using the software

Question 8

A cloud administrator needs to establish a secure connection between two different locations. Which of the following is the BEST option to implement the secure connection?

Options:

A.

HTTPS

B.

IPSec

C.

TLS

D.

SSH

Question 9

A systems administrator wants to restrict access to a set of sensitive files to a specific group of users. Which of the following will achieve the objective?

Options:

A.

Add audit rules on the server

B.

Configure data loss prevention in the environment

C.

Change tine permissions and ownership of the files

D.

Implement a HIPS solution on the host

Question 10

While investigating network traffic, a cloud administrator discovers the monthly billing has increased substantially. Upon further review, it appears the servers have been compromised, and sensitive files have been exfiltrated. Which of the following can be implemented to maintain data confidentiality?

Options:

A.

Hardening

B.

IAM

C.

Encryption

D.

IPSec

Question 11

Audit and system logs are being forwarded to a syslog solution. An administrator observes that two application servers have not generated any logs for a period of three days, while others continue to send logs normally. Which of the following BEST explains what is occurring?

Options:

A.

There is a configuration failure in the syslog solution.

B.

The application servers were migrated to the cloud as laaS instances.

C.

The application administrators have not performed any activity in those servers.

D.

There is a local firewall policy restriction on the syslog server.

Question 12

A systems administrator is troubleshooting issues with network slowness. Traffic analysis shows that uplink bandwidth on the core switch is often sustained at 125Mbps due to a

combination of production traffic from other sources. Which of the following would BEST resolve the issue?

Options:

A.

Turn off the servers that use the most bandwidth.

B.

Enable QoS to prioritize production traffic.

C.

Increase the buffer size on the core switch.

D.

Reboot the core switch.

Question 13

A company has two identical environments (X and Y) running its core business application. As part of an upgrade, the X environment is patched/upgraded and tested while the Y environment is still serving the consumer workloads. Upon successful testing of the X environment, all workload is sent to this environment, and the Y environment is then upgraded before both environments start to manage the workloads. Which of the following upgrade methods is being used?

Options:

A.

Active-passive

B.

Canary

C.

Development/production

D.

Blue-green

Question 14

A startup online gaming company is designing the optimal graphical user experience for multiplayer scenarios. However, online players have reported latency issues. Which of the following should the company configure as a remediation?

Options:

A.

Additional GPU memory

B.

Faster clock speed

C.

Additional CPU cores

D.

Dynamic allocations

Question 15

A company has hired a security firm to perform a vulnerability assessment of its environment. In the first phase, an engineer needs to scan the network services exposed by the hosts. Which of the following will help achieve this with the LEAST privileges?

Options:

A.

An agent-based scan

B.

A credentialed scan

C.

A network-based scan

D.

An application scan

Question 16

During a security incident, an laaS compute instance is detected to send traffic to a host related to cryptocurrency mining. The security analyst handling the incident determines the scope of the incident is limited to that particular instance. Which of the following should the security analyst do NEXT?

Options:

A.

Isolate the instance from the network into quarantine.

B.

Perform a memory acquisition in the affected instance.

C.

Create a snapshot of the volumes attached to the instance.

D.

Replace the instance with another from the baseline.

Question 17

A cloud engineer has deployed a virtual storage appliance into a public cloud environment. The storage appliance has a NAT to a public IP address. An administrator later notices there are some strange files on the storage appliance and a large spike in network traffic on the machine. Which of the following is the MOST likely cause?

Options:

A.

The default password is still configured on the appliance.

B.

The appliance's certificate has expired.

C.

The storage appliance has no firewall.

D.

Data encryption is enabled, and the files are hashed.

Question 18

A systems administrator is deploying a new virtualized environment. The setup is a three-server cluster with 12 VMs running on each server. While executing a vertical-scaling test of the vCPU on the VMs, the administrator gets an error. Which of the following issues is MOST likely occurring?

Options:

A.

Compute

B.

Storage

C.

Licensing

D.

Scripts

Question 19

A company is migrating workloads from on premises to the cloud and would like to establish a connection between the entire data center and the cloud environment. Which of the following VPN configurations would accomplish this task?

Options:

A.

Site-to-site

B.

Client-to-site

C.

Point-to-site

D.

Point-to-point

Question 20

An administrator needs to back up all the data from each VM daily while also saving space. Which of the following backup types will BEST fit this scenario?

Options:

A.

Differential

B.

Incremental

C.

Synthetic full

D.

Full

Question 21

After initial stress testing showed that a platform performed well with the specification of a single 32 vCPU node, which of the following will provide the desired service with the LOWEST cost and downtime?

Options:

A.

One 32 vCPU node with CDN caching

B.

Two 8 vCPU nodes with load balancing

C.

Three to six 8 vCPU nodes autoscaling group

D.

Four 8 vCPU nodes with DNS round robin

Question 22

A cloud administrator has deployed several VM instances that are running the same applications on VDI nodes. Users are reporting that a role instance is looping between STARTED, INITIALIZING, BUSY, and stop. Upon investigation, the cloud administrator can see the status changing every few minutes. Which of the following should be done to resolve the issue?

Options:

A.

Reboot the hypervisor.

B.

Review the package and configuration file.

C.

Configure service healing.

D.

Disable memory swap.

Question 23

A storage administrator is reviewing the storage consumption of a SAN appliance that is running a VDI environment. Which of the following features should the administrator implement to BEST reduce the storage consumption of the SAN?

Options:

A.

Deduplication

B.

Thick provisioning

C.

Compression

D.

SDS

Question 24

A cloud administrator is troubleshooting a highly available web application running within three containers behind a Layer 7 load balancer with a WAF inspecting all traffic. The application frequently asks the users to log in again even when the session timeout has not been reached. Which of the following should the cloud administrator configure to solve this issue?

Options:

A.

Firewall outbound rules

B.

Firewall inbound rules

C.

Load balancer certificates

D.

Load balancer stickiness

E.

WAF transaction throttling

Question 25

An organization recently deployed a private cloud on a cluster of systems that delivers compute, network, and storage resources in a single hardware, managed by an intelligent software. Which of the following BEST describes this type of deployment?

Options:

A.

High-performance computing

B.

Hyperconverged infrastructure

C.

Stand-alone computing

D.

Dynamic allocations

Question 26

A systems administrator needs to modify the replication factors of an automated application container from 3 to 5. Which of the following file types should the systems administrator modify on the master controller?

Options:

A.

.yaml

B.

. txt

C.

.conf

D.

.etcd

Question 27

A local bank has all of its infrastructure in the cloud. An update was applied to the main database server at 5:00 a.m. on Monday morning, and the database was then corrupted and unusable. It had to be restored from backup. The last backup was taken the night before at 10:00 p.m. The database was then restored successfully, but seven hours' worth of data was lost, which is deemed unacceptable. Which of the following needs to be updated in the DR plan?

Options:

A.

Recovery point objective

B.

Statement of work

C.

Service-level agreement

D.

Recovery time objective

Question 28

A systems administrator needs to deploy a solution to automate new application releases that come from the development team. The administrator is responsible for provisioning resources at the infrastructure layer without modifying any configurations in the application code. Which of the following would BEST accomplish this task?

Options:

A.

Implementing a CI/CD tool

B.

Configuring infrastructure as code

C.

Deploying an orchestration tool

D.

Employing DevOps methodology

Question 29

A technician deployed a VM with NL-SAS storage to host a critical application. Two weeks later, users have begun to report high application latency. Which of the following is the BEST action to correct the latency issue?

Options:

A.

Increase the capacity of the data storage.

B.

Migrate the data to SAS storage.

C.

Increase the CPU of the VM.

D.

Migrate the data to flash storage.

Question 30

A systems administrator is diagnosing performance issues on a web application. The web application sends thousands of extremely complex SQL queries to a database server, which has trouble retrieving the information in time. The administrator checks the database server and notes the following resource utilization:

CPU: 64%

RAM: 97%

Network throughput: 384,100Kbps.

Disk throughput: 382,700Kbps

The administrator also looks at the storage for the database server and notices it is consistently near its OPS limit. Which of the following will BEST resolve these performance issues?

Options:

A.

Increase CPU resources on the database server.

B.

Increase caching on the database server.

C.

Put the storage and the database on the same VLAN.

D.

Enable compression on storage traffic.

E.

Enable deduplication on the storage appliance.

Question 31

A company is using a method of tests and upgrades in which a small set of end users are exposed to new services before the majority of other users. Which of the following deployment methods is being used?

Options:

A.

Blue-green

B.

Canary

C.

Big bang

D.

Rolling

Question 32

A DevOps administrator is building a new application slack in a private cloud. This application will store sensitive information and be accessible from the internet. Which of the following would be MOST useful in maintaining confidentiality?

Options:

A.

NAC

B.

IDS

C.

DLP

D.

EDR

Question 33

A systems administrator must ensure confidential company information is not leaked to competitors. Which of the following services will BEST accomplish this goal?

Options:

A.

CASB

B.

IDS

C.

FIM

D.

EDR

E.

DLP

Question 34

A cloud administrator configured a local cloud-resource pool lo offer 64GB of memory, 64 cores, and 640GB of storage. Thirty-two machines with identical resource allocations are started. but one machine is unable to handle requests. Which of the following is the MOST likely cause?

Options:

A.

Insufficient guest bandwidth

B.

Overwhelmed vCPU

C.

A storage error on the guest

D.

Incorrect VLAN assignment

E.

Inadequate memory allocation

Question 35

A company is concerned about the security of its data repository that contains customer PII. A systems administrator is asked to deploy a security control that will prevent the exfiltration of such data. Which of the following should the systems administrator implement?

Options:

A.

DLP

B.

WAF

C.

FIM

D.

ADC

Question 36

A cloud administrator has deployed a new VM. The VM cannot access the Internet or the VMs on any other subnet. The administrator runs a network command and sees the following output:

The new VM can access another VM at 172.16.31.39. The administrator has verified the IP address is correct. Which of the following is the MOST likely cause of the connectivity issue?

Options:

A.

A missing static route

B.

A duplicate IP on the network

C.

Firewall issues

D.

The wrong gateway

Question 37

A cloud architect is reviewing four deployment options for a new application that will be hosted by a public cloud provider. The application must meet an SLA that allows for no more than five hours of downtime annually. The cloud architect is reviewing the SLAs for the services each option will use:

Based on the information above, which of the following minimally complies with the SLA requirements?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 38

Users of a public website that is hosted on a cloud platform are receiving a message indicating the connection is not secure when landing on the website. The administrator has found that only a single protocol is opened to the service and accessed through the URL Which of the following would MOST likely resolve the issue?

Options:

A.

Renewing the expired certificate

B.

Updating the web-server software

C.

Changing the crypto settings on the web server

D.

Upgrading the users' browser to the latest version

Question 39

To save on licensing costs, the on-premises, IaaS-hosted databases need to be migrated to a public DBaaS solution. Which of the following would be the BEST technique?

Options:

A.

Live migration

B.

Physical-to-virtual

C.

Storage-level mirroring

D.

Database replication

Question 40

A systems administrator adds servers to a round-robin, load-balanced pool, and then starts receiving reports of the website being intermittently unavailable. Which of the following is the MOST likely cause of the issue?

Options:

A.

The network is being saturated.

B.

The load balancer is being overwhelmed.

C.

New web nodes are not operational.

D.

The API version is incompatible.

E.

There are time synchronization issues.

Question 41

A software development manager is looking for a solution that will allow a team of developers to work in isolated environments that can be spun up and torn down quickly.

Which of the following is the MOST appropriate solution?

Options:

A.

Containers

B.

File subscriptions

C.

Ballooning

D.

Software-defined storage

Question 42

An administrator is securing a private cloud environment and wants to ensure only approved systems can connect to switches. Which of the following would be MOST useful to accomplish this task?

Options:

A.

VLAN

B.

NIPS

C.

WAF

D.

NAC

Question 43

An administrator recently provisioned a file server in the cloud. Based on financial considerations, the administrator has a limited amount of disk space. Which of the following will help control the amount of space that is being used?

Options:

A.

Thick provisioning

B.

Software-defined storage

C.

User quotas

D.

Network file system

Question 44

A technician needs to deploy two virtual machines in preparation for the configuration of a financial application next week. Which of the following cloud deployment models should the technician use?

Options:

A.

XaaS

B.

IaaS

C.

PaaS

D.

SaaS

Question 45

A cloud solutions architect needs to determine the best strategy to deploy an application environment in production, given the following requirements:

No downtime

Instant switch to a new version using traffic control for all users

Which of the following deployment strategies would be the BEST solution?

Options:

A.

Hot site

B.

Blue-green

C.

Canary

D.

Rolling

Question 46

A systems administrator is working in a globally distributed cloud environment. After a file server VM was moved to another region, all users began reporting slowness when saving files. Which of the following is the FIRST thing the administrator should check while troubleshooting?

Options:

A.

Network latency

B.

Network connectivity

C.

Network switch

D.

Network peering

Question 47

Which of the following definitions of serverless computing BEST explains how it is different from using VMs?

Options:

A.

Serverless computing is a cloud-hosting service that utilizes infrastructure that is fully managed by the CSP.

B.

Serverless computing uses predictable billing and offers lower costs than VM compute services.

C.

Serverless computing is a scalable, highly available cloud service that uses SDN technologies.

D.

Serverless computing allows developers to focus on writing code and organizations to focus on business.

Question 48

An organization suffered a critical failure of its primary datacenter and made the decision to switch to the DR site. After one week of using the DR site, the primary datacenter is now ready to resume operations.

Which of the following is the MOST efficient way to bring the block storage in the primary datacenter up to date with the DR site?

Options:

A.

Set up replication.

B.

Copy the data across both sites.

C.

Restore incremental backups.

D.

Restore full backups.

Question 49

An engineer is responsible for configuring a new firewall solution that will be deployed in a new public cloud environment. All traffic must pass through the firewall. The SLA for the firewall is 99.999%. Which of the following should be deployed?

Options:

A.

Two load balancers behind a single firewall

B.

Firewalls in a blue-green configuration

C.

Two firewalls in a HA configuration

D.

A web application firewall

Question 50

A systems administrator has finished installing monthly updates to servers in a cloud environment. The administrator notices certain portions of the playbooks are no longer functioning. Executing the playbook commands manually on a server does not work as well. There are no other reports of issues.

Which of the following is the MOST likely cause of this issue?

Options:

A.

Change management failure

B.

Service overload

C.

Patching failure

D.

Job validation issues

E.

Deprecated features

Question 51

A system administrator is migrating a bare-metal server to the cloud. Which of the following types of migration should the systems administrator perform to accomplish this task?

Options:

A.

V2V

B.

V2P

C.

P2P

D.

P2V

Question 52

A cloud administrator is managing an organization's infrastructure in a public cloud. All servers are currently located in a single virtual network with a single firewall that all traffic must pass through. Per security requirements, production, QA, and development servers should not be able to communicate directly with each other. Which of the following should an administrator perform to comply with the security requirement?

Options:

A.

Create separate virtual networks for production, QA, and development servers.Move the servers to the appropriate virtual network.Apply a network security group to each virtual network that denies all traffic except for the firewall.

B.

Create separate network security groups for production, QA, and development servers.Apply the network security groups on the appropriate production, QA, and development servers.Peer the networks together.

C.

Create separate virtual networks for production, QA, and development servers.Move the servers to the appropriate virtual network.Peer the networks together.

D.

Create separate network security groups for production, QA, and development servers.Peer the networks together.Create static routes for each network to the firewall.

Question 53

A development team recently completed testing changes to a company's web-based CMS in the sandbox environment. The cloud administrator deployed these CMS application changes to the staging environment as part of the next phase in the release life cycle. The deployment was successful, but after deploying the CMS application, the web page displays an error message stating the application is unavailable. After reviewing the application logs, the administrator sees an error message that the CMS is unable to connect to the database. Which of the following is the BEST action for the cloud administrator to perform to resolve the issue?

Options:

A.

Modify the deployment script to delete and recreate the database whenever the CMS application is deployed.

B.

Modify the ACL to allow the staging environment to access the database in the sandbox environment.

C.

Modify the CMS application deployment to use the previous version and redeploy the application.

D.

Modify the configuration settings of the CMS application to connect to the database in the current environment.

Question 54

A user reports a poor-quality remote VDI session. Which of the following should the help desk technician do FIRST to troubleshoot the issue?

Options:

A.

Check the FAQ section of the vendor's documentation.

B.

Ask the user if the client device or access location has changed.

C.

Reboot the user's virtual desktop.

D.

Request permission to log in to the device remotely.

Question 55

A company has an in-house-developed application. The administrator wants to utilize cloud services for additional peak usage workloads. The application has a very unique stack of dependencies.

Which of the following cloud service subscription types would BEST meet these requirements?

Options:

A.

PaaS

B.

SaaS

C.

DBaaS

D.

IaaS

Question 56

An update is being deployed to a web application, and a systems administrator notices the cloud SQL database has stopped running. The VM is responding to pings, and there were not any configuration changes scheduled for the VM. Which of the following should the administrator check NEXT?

Options:

A.

Logs on the VM

B.

Firewall on the VM

C.

Memory on the VM

D.

vGPU performance on the VM

Question 57

A resource pool in a cloud tenant has 90 GB of memory and 120 cores. The cloud administrator needs to maintain a 30% buffer for resources for optimal performance of the hypervisor. Which of the following would all ow for the maximum number of two-core machines with equal memory?

Options:

A.

30 VMs, 3GB of memory

B.

40 VMs, 1,5GB of memory

C.

45 VMs, 2 GB of memory

D.

60 VMs, 1 GB of memory

Question 58

A technician just received the lessons learned from some recent data that was lost due to an on-premises file-server crash. The action point is to change the backup strategy to minimize manual intervention. Which of the following is the BEST approach for the technician to implement?

Options:

A.

Backup as a service

B.

RAID 1

C.

Long-term storage

D.

New backup devices

Question 59

A company recently experienced a power outage that lasted 30 minutes. During this time, a whole rack of servers was inaccessible, even though the servers did not lose power.

Which of the following should be investigated FIRST?

Options:

A.

Server power

B.

Rack power

C.

Switch power

D.

SAN power

Question 60

After a hardware upgrade on a private cloud system, the systems administrator notices a considerable drop in network performance. Which of the following is MOST likely the cause?

Options:

A.

The driver

B.

The memory

C.

The cluster placement

D.

The CPU

Question 61

A system administrator has provisioned a new web server. Which of the following, in combination, form the best practice to secure the server's OS? (Choose three.)

Options:

A.

Install TLS certificates on the server.

B.

Forward port 80 traffic to port 443.

C.

Disable TLS 1.0/1.1 and SSL.

D.

Disable password authentication.

E.

Enable SSH key access only.

F.

Provision the server in a separate VPC.

G.

Disable the superuser/administrator account.

Question 62

A systems administrator is trying to reduce storage consumption. Which of the following file types would benefit the MOST from compression?

Options:

A.

System files

B.

User backups

C.

Relational database

D.

Mail database

Question 63

A cloud administrator would like to deploy a cloud solution to its provider using automation techniques. Which of the following must be used? (Choose two.)

Options:

A.

Auto-scaling

B.

Tagging

C.

Playbook

D.

Templates

E.

Containers

F.

Serverless

Question 64

A disaster situation has occurred, and the entire team needs to be informed about the situation. Which of the following documents will help the administrator find the details of the relevant team members for escalation?

Options:

A.

Chain of custody

B.

Root cause analysis

C.

Playbook

D.

Call tree

Question 65

A cloud administrator is building a new VM for machine-learning training. The developer requesting the VM has stated that the machine will need a full GPU dedicated to it.

Which of the following configuration options would BEST meet this requirement?

Options:

A.

Virtual GPU

B.

External GPU

C.

Passthrough GPU

D.

Shared GPU

Question 66

A cloud administrator wants to have a central repository for all the logs in the company’s private cloud. Which of the following should be implemented to BEST meet this requirement?

Options:

A.

SNMP

B.

Log scrubbing

C.

CMDB

D.

A syslog server

Question 67

A Chief Information Security Officer (CISO) is evaluating the company’s security management program. The CISO needs to locate all the assets with identified deviations and mitigation measures. Which of the following would help the CISO with these requirements?

Options:

A.

An SLA document

B.

ADR plan

C.

SOC procedures

D.

A risk register

Question 68

A cloud administrator is assigned to establish a connection between the on-premises data center and the new CSP infrastructure. The connection between the two locations must be secure at all times and provide service for all users inside the organization. Low latency is also required to improve performance during data transfer operations. Which of the following would BEST meet these requirements?

Options:

A.

A VPC peering configuration

B.

An IPSec tunnel

C.

An MPLS connection

D.

A point-to-site VPN

Question 69

An organization hosts an ERP database in on-premises infrastructure. A recommendation has been made to migrate the ERP solution to reduce operational overhead in the maintenance of the data center. Which of the following should be considered when migrating this on-premises database to DBaaS?

    • Database application version compatibility

• Database IOPS values

• Database storage utilization

    • Physical database server CPU cache value

• Physical database server DAS type

• Physical database server network I/O

    • Database total user count

• Database total number of tables

• Database total number of storage procedures

• Physical database server memory configuration

• Physical database server CPU frequency

Options:

A.

• Physical database server operating system

Question 70

A cloud security analyst needs to ensure the web servers in the public subnet allow only secure communications and must remediate any possible issue. The stateful configuration for the public web servers is as follows:

Which Of the following actions Should the analyst take to accomplish the Objective?

Options:

A.

Remove rules I, 2. and 5.

B.

Remove rules I, 3, and 4.

C.

Remove rules 2.3. and 4.

D.

Remove rules 3.4. and 5.

Question 71

A cloud administrator needs to implement a new system within the current CSR The system requires a storage service to allocate a large number of digital files and images. The storage service must keep files for distributed access and serve images directly to the user's browser. Which of the following solutions would best meet these requirements?

Options:

A.

NAS storage

B.

Object storage

C.

File storage

D.

Block storage

Question 72

A corporation is evaluating an offer from a CSP to take advantage of volume discounts on a shared platform. The finance department is concerned about cost allocation transparency, as the current structure splits projects into dedicated billing accounts. Which of the following can be used to address this concern?

Options:

A.

Implementing resource tagging

B.

Defining a cost baseline

C.

Consolidating the billing accounts

D.

Using a third-party accounting tool

Question 73

A systems administrator has been notified of possible illegal activities taking place on the network and has been directed to ensure any relevant emails are preserved for court use.

Which of the following is this MOST likely an example of?

Options:

A.

Email archiving

B.

Version control

C.

Legal hold

D.

File integrity monitoring

Question 74

A systems administrator wants to be notified every time an application's configuration files are updated. Which of the following should the administrator implement to achieve the objective?

Options:

A.

ZFS

B.

FIM

C.

MAC

D.

DLP

Question 75

A Cloud administrator needs to reduce storage costs. Which of the following would BEST help the administrator reach that goal?

Options:

A.

Enabling compression

B.

Implementing deduplication

C.

Using containers

D.

Rightsizing the VMS

Question 76

A cloud engineer is troubleshooting a performance issue for a high-traffic, cloud-based application that provides static content to its geographically distributed users. The engineer needs to:

    Improve the performance of an application.

    Implement a static content caching mechanism.

    Protect against DDoS attacks.

    Maintain low cost.

Which of the following strategies would best accomplish this task?

Options:

A.

Implementing a site-to-site VPN tunnel between multiple availability zones of a cloud provider by intelligently routing network traffic through global networks and edge locations

B.

Implementing a server-based caching mechanism to store and provide faster delivery of static content across multiple availability zones within the cloud network close to the end-user locations

C.

Implementing a CDN that allows caching and quick transfer of an application's assets needed to load on a browser of the end-user based on the location

D.

Implementing a cross-region, DNS-based load balancing and caching mechanism in the cloud DNS system that can provide faster delivery of static content based on end-user locations

Question 77

A security analyst is investigating a recurring alert. The alert is reporting an insecure firewall configuration state after every cloud application deployment. The process of identifying the issue, requesting a fix, and waiting for the developers to manually patch the environment is being repeated multiple times. In an effort to identify the root issue, the following logs were collected:

Deploying template app prod. •yaml

Instance DB successfully created

DB keys successfully stored on vault

Instance WebApp successfully created

Access rules successfully applied

Access—keys successfully created

Which of the following options will provide a permanent fix for the issue?

Options:

A.

Validate the Iac code used during the deployment.

B.

Avoid the use of a vault to store database passwords.

C.

Rotate the access keys that were created during deployment.

D.

Recommend that the developers do not create multiple resources at once.

Question 78

A company's web servers are scheduled for patching and quarterly updates. A cloud administrator must prevent the monitoring systems from logging outage alerts and negatively impacting company SLA targets. Which of the following is the best action for the administrator to take?

Options:

A.

Automatically clear all alerts that are generated in the incident management system.

B.

Shut off the monitoring agents hosted on the target servers.

C.

Change the severity for outage alerts to informational level.

D.

Mark the systems in maintenance mode in the monitoring system.

Question 79

A cloud administrator needs to deploy a security virtual appliance in a private cloud environment, but this appliance will not be part of the standard catalog of items for other users to request. Which of the following is the BEST way to accomplish this task?

Options:

A.

Create an empty VM. import the hard disk of the virtual appliance. and configure the CPU and memory.

B.

Acquire the build scripts from the vendor and recreate the appliance using the baseline templates

C.

Import the virtual appliance into the environment and deploy it as a VM

D.

Convert the virtual appliance to a template and deploy a new VM using the template.

Question 80

Developers report that the time needed in the current build process to deploy a VM, install an OS, and configure an application is too long. The developers want a more optimized solution that allows portability of the application across environments and can be deployed more quickly and efficiently. Which of the following should be used to optimize the environment?

Options:

A.

Containers.

B.

Orchestration.

C.

Automation.

D.

VM templates.

Question 81

A company is using a hybrid cloud environment. The private cloud is hosting the business applications, and the cloud services are being used to replicate for availability purposes.

The cloud services are also being used to accommodate the additional resource requirements to provide continued services. Which of the following scalability models is the company utilizing?

Options:

A.

Vertical scaling

B.

Autoscaling

C.

Cloud bursting

D.

Horizontal scaling

Question 82

A cloud security engineer needs to design an IDS/IPS solution for a web application in a single virtual private network. The engineer is considering implementing IPS protection for traffic coming from the internet. Which of the following should the engineer consider to meet this requirement?

Options:

A.

Configuring a web proxy server

B.

Implementing load balancing using SSI- in front of web applications

C.

Implementing IDS/IPS agents on each instance running in that virtual private network

D.

Implementing dynamic routing

Question 83

Which of the following lists includes examples of predeveloped AI/ML solutions?

Options:

A.

Natural language processing, forecasting, and VoIP

B.

Serverless application, image recognition, and speech recognition

C.

Code review, anomaly detection, and elasticity

D.

Image recognition, video analysis, and natural language processing

Question 84

An organization is deploying development, quality assurance, and production environments with equal numbers of IP addresses to the cloud. The IP address range provided is 10.168.0.0/24, and it needs to be terminated on a firewall. Which of the following IP subnets and firewall IPS should be used for one of the environments?

Options:

A.

10.168.0.0/26 and 10.168.0.63

B.

10.168.0.64/26 and 10.168.0.64

C.

10.168.0.128/26 and 10.168.0.190

D.

10.168.0.128/26 and 10.168.0.194

E.

10.168.0.192/26 and 10.168.0.191

Question 85

A company plans to publish a new application and must conform with security standards. Which of the following types of testing are most important for the systems administrator to run to assure the security and compliance of the application before publishing? (Select two).

Options:

A.

Regression testing

B.

Vulnerability testing

C.

Usability testing

D.

Functional testing

E.

Penetration testing

F.

Load testing

Question 86

One of the web applications in a public subnet is vulnerable to a newly discovered zero-day vulnerability. Which of the following actions can a security engineer perform to reduce the risk of exploitation and application downtime?

Options:

A.

Stop the web server in the affected host.

B.

Insert a deny rule in the host firewall.

C.

Add a new signature in the network IDS.

D.

Implement a virtual patch in the WAF.

Question 87

A systems administrator automates a series of tasks in a playbook and receives the following error during testing:

"Unable to find any of pip2, pip to use. pip needs to be installed."

The administrator verifies that pip is installed correctly. Which of the following actions will most likely resolve this issue?

Options:

A.

Ensure pip is up to date.

B.

Create a firewall rule to allow pip.

C.

Refactor the automation code.

D.

Update the system path.

Question 88

An IT administrator is implementing security controls on an OS. Which of the following will provide the best protection against a brute-force attack? (Select two).

Options:

A.

Implementing MFA

B.

Enforcing strong passwords

C.

Configuring user passwords to change every 30 days

D.

Limiting failed log-in requests

E.

Using API keys

F.

Implementing SSH keys

Question 89

A systems administrator is configuring a cloud solution for a vulnerability assessment to test the company's resources that are hosted in a public cloud. The solution must test the company's resources from an external user's perspective. Which of the following should the systems administrator configure?

Options:

A.

An agent-based scan

B.

A network-based scan

C.

A port scan

D.

A credentialed scan

Question 90

A cloud engineer is configuring automated backups for a database. The engineer wants to ensure that backups can be restored quickly and consistently to meet the SLA. Which of the following backup methods would be the most appropriate?

Options:

A.

Incremental.

B.

Differential.

C.

Full.

D.

Synthetic full.

Question 91

A cloud architect is receiving complaints from VDI users overseas about slowness, even though the remote office has Gigabit internet. Which of the following will most likely solve the issue?

Options:

A.

Increasing bandwidth.

B.

Enabling compression.

C.

Lowering latency.

D.

Adding redundancy.

Question 92

A cloud administrator must ensure all servers are in compliance with the company's security policy Which of the following should the administrator check FIRST?

Options:

A.

The application version

B.

The OS version

C.

Hardened baselines

D.

Password policies

Question 93

A cloud engineer is troubleshooting RSA key-based authentication from a local computer to a cloud-based server, which is running SSH service on a default port. The following file

permissions are set on the authorized keys file:

-rw-rw-rw-1 ubuntu ubuntu 391 Mar S 01:36 authorized _ keys

Which Of the following security practices are the required actions the engineer Should take to gain access to the server? (Select TWO).

Options:

A.

Fix the file permissions with execute permissions to the owner of the file.

B.

Open port 21 access for the computer's public IP address.

C.

Fix the file permissions with read-only access to the owner Of the file.

D.

Open port 22 access for the computer's public IP address.

E.

Open port 21 access for 0.0.0.0/0 CIDR.

F.

open port 22 access for 0.0.0.0/0 CIDR.

Question 94

A cloud administrator is looking at the company's cloud services bill for the previous month. The administrator notices on the billing dashboard that certain resources are not being billed to any particular department. Which of the following actions will help correct this billing issue?

Options:

A.

Check the utilization of the resources.

B.

Modify the chargeback details of the consumer.

C.

Add the resources to the consumer monitoring group.

D.

Modify the tags for all the unmapped resources.

Question 95

A DevOps engineer needs to make application deployments more efficient. The current process to deploy and scale the application is very manual, with hours spent configuring servers from scratch each time. The application has many platform-based dependencies but is highly portable and can run on multiple platforms. Which of the following is most likely to reduce deployment time and improve efficiencies?

Options:

A.

Deploying the application using persistent storage.

B.

Leveraging IaC templates.

C.

Creating a runbook.

D.

Using serverless technology to minimize overheads.

Question 96

A business is looking at extending the platform for an internally developed application using microservices from various cloud vendors. The cloud architect is responsible for reviewing the proposed solution design, which covers critical requirements for the business to fulfill its requirements. Which of the following is the most likely requirement the cloud architect needs to fulfill?

Options:

A.

Software

B.

Budgetary

C.

Security

D.

Integration

Question 97

A systems administrator is diagnosing performance issues on a web application. The web application sends thousands of extremely complex SQL queries to a database server, which has trouble retrieving the information in time. The administrator checks the database server and notes the following resource utilization:

    CPU: 64%

    RAM: 97%

    Network throughput: 384/1000 Kbps

    Disk throughput: 382,700 Kbps

The administrator also notices that the storage for the database server is consistently near its IOPS limit. Which of the following will best resolve these performance issues?

Options:

A.

Increase CPU resources on the database server.

B.

Increase caching on the database server.

C.

Put the storage and the database on the same VLAN.

D.

Enable compression on storage traffic.

E.

Enable deduplication on the storage appliance.

Question 98

A systems administrator needs to implement a way for users to verify software integrity. Which of the following tools would BEST meet the administrator's needs?

Options:

A.

TLS 1.3

B.

CRC32

C.

AES-256

D.

SHA-512

Question 99

A DevOps team needs to provide a solution that offers isolation, portability, and scalability Which of the following would BEST meet these requirements?

Options:

A.

Virtual machines

B.

Containers

C.

Appliances

D.

Clusters

Question 100

A cloud administrator is having difficulty correlating logs for multiple servers. Upon inspection, the administrator finds that the time-zone settings are mismatched throughout the deployment. Which of the following solutions can help maintain time synchronization between all the resources?

Options:

A.

DNS

B.

IPAM

C.

NTP

D.

SNMP

Question 101

A cloud engineer receives an alert that a newly provisioned server is running a non-supported Linux version. The automation scripts are performing as expected on the server. Which of the following should the engineer check first?

Options:

A.

Provisioning script indentation

B.

Template selection

C.

API version

D.

Script account

Question 102

A company is concerned it will run out of VLANs on its private cloud platform in the next couple months, and the product currently offered to customers requires the company to allocate three dedicated, segmented tiers. Which of the following can the company implement to continue adding new customers and to maintain the required level of isolation from other tenants?

Options:

A.

GRE

B.

SR-IOV

C.

VXLAN

D.

IPSec

Question 103

A systems administrator is creating a playbook to run tasks against a server on a set schedule.

Which of the following authentication techniques should the systems administrator use within the playbook?

Options:

A.

Use the server’s root credentials

B.

Hard-code the password within the playbook

C.

Create a service account on the server

D.

Use the administrator’s SSO credentials

Question 104

In an existing IaaS instance, it is required to deploy a single application that has different versions.

Which of the following should be recommended to meet this requirement?

Options:

A.

Deploy using containers

B.

Install a Type 2 hypervisor

C.

Enable SR-IOV on the host

D.

Create snapshots

Question 105

A company developed a product using a cloud provider’s PaaS platform and many of the platform-based components within the application environment.

Which of the following would the company MOST likely be concerned about when utilizing a multicloud strategy or migrating to another cloud provider?

Options:

A.

Licensing

B.

Authentication providers

C.

Service-level agreement

D.

Vendor lock-in

Question 106

A systems administrator is troubleshooting performance issues with a Windows VDI environment. Users have reported that VDI performance has been slow since the images were upgraded from Windows 7 to Windows 10.

This VDI environment is used to run simple tasks, such as Microsoft Office. The administrator investigates the virtual machines and finds the following settings:

    4 vCPU

    16GB RAM

    10Gb networking

    256MB frame buffer

Which of the following MOST likely needs to be upgraded?

Options:

A.

vRAM

B.

vCPU

C.

vGPU

D.

vNIC

Question 107

A cloud administrator has built a new private cloud environment and needs to monitor all computer, storage, and network components of the environment.

Which of the following protocols would be MOST useful for this task?

Options:

A.

SMTP

B.

SCP

C.

SNMP

D.

SFTP

Question 108

A systems administrator is reviewing two CPU models for a cloud deployment. Both CPUs have the same number of cores/threads and run at the same clock speed.

Which of the following will BEST identify the CPU with more computational power?

Options:

A.

Simultaneous multithreading

B.

Bus speed

C.

L3 cache

D.

Instructions per cycle

Question 109

Company A has acquired Company B and is in the process of integrating their cloud resources. Company B needs access to Company A’s cloud resources while retaining its IAM solution.

Which of the following should be implemented?

Options:

A.

Multifactor authentication

B.

Single sign-on

C.

Identity federation

D.

Directory service

Question 110

A web server has been deployed in a public IaaS provider and has been assigned the public IP address of 72.135.10.100. Users are now reporting that when they browse to the website, they receive a message indicating the service is unavailable. The cloud administrator logs into the server, runs a netstat command,

and notices the following relevant output:

Which of the following actions should the cloud administrator take to resolve the issue?

Options:

A.

Assign a new IP address of 192.168.100.10 to the web server

B.

Modify the firewall on 72.135.10.100 to allow only UDP

C.

Configure the WAF to filter requests from 17.3.130.3

D.

Update the gateway on the web server to use 72.135.10.1

Question 111

A systems administrator recently upgraded the processors in a web application host. Upon the next login, the administrator sees a new alert regarding the license being out of compliance.

Which of the following licensing models is the application MOST likely using?

Options:

A.

Per device

B.

Per user

C.

Core-based

D.

Volume-based

Question 112

An organization is implementing a new requirement to facilitate users with faster downloads of corporate application content. At the same time, the organization is also expanding cloud regions.

Which of the following would be suitable to optimize the network for this requirement?

Options:

A.

Implement CDN for overall cloud application

B.

Implement auto-scaling of the compute resources

C.

Implement SR-IOV on the server instances

D.

Implement an application container solution

Question 113

Which of the following strategies will mitigate the risk of a zero-day vulnerability MOST efficiently?

Options:

A.

Using only open-source technologies

B.

Keeping all resources up to date

C.

Creating a standby environment with a different cloud provider

D.

Having a detailed incident response plan

Question 114

A storage array that is used exclusively for datastores is being decommissioned, and a new array has been installed. Now the private cloud administrator needs to migrate the data.

Which of the following migration methods would be the BEST to use?

Options:

A.

Conduct a V2V migration

B.

Perform a storage live migration

C.

Rsync the data between arrays

D.

Use a storage vendor migration appliance

Question 115

A global web-hosting company is concerned about the availability of its platform during an upcoming event. Web traffic is forecasted to increase substantially during the next week. The site contains mainly static content.

Which of the following solutions will assist with the increased workload?

Options:

A.

DoH

B.

WAF

C.

IPS

D.

CDN

Question 116

Which of the following is relevant to capacity planning in a SaaS environment?

Options:

A.

Licensing

B.

A hypervisor

C.

Clustering

D.

Scalability

Question 117

A systems administrator notices that a piece of networking equipment is about to reach its end of support.

Which of the following actions should the administrator recommend?

Options:

A.

Update the firmware

B.

Migrate the equipment to the cloud

C.

Update the OS

D.

Replace the equipment

Question 118

A systems administrator disabled TLS 1.0 and 1.1, as well as RC4, 3DES, and AES-128 ciphers for TLS 1.2, on a web server. A client now reports being unable to access the web server, but the administrator verifies that the server is online, the web service is running, and other users can reach the server as well.

Which of the following should the administrator recommend the user do FIRST?

Options:

A.

Disable antivirus/anti-malware software

B.

Turn off the software firewall

C.

Establish a VPN tunnel between the computer and the web server

D.

Update the web browser to the latest version

Question 119

An organization is hosting a cloud-based web server infrastructure that provides web-hosting solutions. Sudden continuous bursts of traffic have caused the web servers to saturate CPU and network utilizations.

Which of the following should be implemented to prevent such disruptive traffic from reaching the web servers?

Options:

A.

Solutions to perform NAC and DLP

B.

DDoS protection

C.

QoS on the network

D.

A solution to achieve microsegmentation

Question 120

An IaaS provider has numerous devices and services that are commissioned and decommissioned automatically on an ongoing basis. The cloud administrator needs to implement a solution that will help reduce administrative overhead.

Which of the following will accomplish this task?

Options:

A.

IPAM

B.

NAC

C.

NTP

D.

DNS

Question 121

A technician is working with an American company that is using cloud services to provide video-based training for its customers. Recently, due to a surge in demand, customers in Europe are experiencing latency.

Which of the following services should the technician deploy to eliminate the latency issue?

Options:

A.

Auto-scaling

B.

Cloud bursting

C.

A content delivery network

D.

A new cloud provider

Question 122

A systems administrator has migrated an internal application to a public cloud. The new web server is running under a TLS connection and has the same TLS certificate as the internal application that is deployed. However, the IT department reports that only internal users who are using new versions of the OSs are able to load the application home page.

Which of the following is the MOST likely cause of the issue?

Options:

A.

The local firewall from older OSs is not allowing outbound connections

B.

The local firewall from older OSs is not allowing inbound connections

C.

The cloud web server is using a self-signed certificate that is not supported by older browsers

D.

The cloud web server is using strong ciphers that are not supported by older browsers

Question 123

A systems administrator needs to convert ten physical servers to virtual.

Which of the following would be the MOST efficient conversion method for the administrator to use?

Options:

A.

Rebuild the servers from scratch

B.

Use the vendor’s conversion tool

C.

Clone the hard drive

D.

Restore from backup

Question 124

A cloud administrator is reviewing the authentication and authorization mechanism implemented within the cloud environment. Upon review, the administrator discovers the sales group is part of the finance group, and the sales team members can access the financial application. Single sign-on is also implemented, which makes access much easier.

Which of the following access control rules should be changed?

Options:

A.

Discretionary-based

B.

Attribute-based

C.

Mandatory-based

D.

Role-based

Question 125

A systems administrator is configuring a storage array.

Which of the following should the administrator configure to set up mirroring on this array?

Options:

A.

RAID 0

B.

RAID 1

C.

RAID 5

D.

RAID 6

Question 126

A systems administrator is deploying a GPU-accelerated VDI solution. Upon requests from several users, the administrator installs an older version of the OS on their virtual workstations. The majority of the VMs run the latest LTS version of the OS.

Which of the following types of drivers will MOST likely ensure compatibility will all virtual workstations?

Options:

A.

Alternative community drivers

B.

Legacy drivers

C.

The latest drivers from the vendor’s website

D.

The drivers from the OS repository

Question 127

A DevOps administrator is automating an existing software development workflow. The administrator wants to ensure that prior to any new code going into production, tests confirm the new code does not negatively impact existing automation activities.

Which of the following testing techniques would be BEST to use?

Options:

A.

Usability testing

B.

Regression testing

C.

Vulnerability testing

D.

Penetration testing

Question 128

A cloud administrator is reviewing a new application implementation document. The administrator needs to make sure all the known bugs and fixes are applied, and unwanted ports and services are disabled.

Which of the following techniques would BEST help the administrator assess these business requirements?

Options:

A.

Performance testing

B.

Usability testing

C.

Vulnerability testing

D.

Regression testing

Question 129

An organization’s web server farm, which is hosted in the cloud with DNS load balancing, is experiencing a spike in network traffic. This has caused an outage of the organization’s web server infrastructure.

Which of the following should be implemented to prevent this in the future as a mitigation method?

Options:

A.

Enable DLP

B.

Configure microsegmentation

C.

Enable DNSSEC

D.

Deploy a vADC appliance

Question 130

An organization has two businesses that are developing different software products. They are using a single cloud provider with multiple IaaS instances. The organization identifies that the tracking of costs for each

business are inaccurate.

Which of the following is the BEST method for resolving this issue?

Options:

A.

Perform segregation of the VLAN and capture egress and ingress values of each network interface

B.

Tag each server with a dedicated cost and sum them based on the businesses

C.

Split the total monthly invoice equally between the businesses

D.

Create a dedicated subscription for the businesses to manage the costs

Question 131

A systems administrator is provisioning VMs in a cloud environment and has been told to select an OS build with the furthest end-of-life date.

Which of the following OS builds would be BEST for the systems administrator to use?

Options:

A.

Open-source

B.

LTS

C.

Canary

D.

Beta

E.

Stable

Question 132

A media company has made the decision to migrate a physical, internal file server to the cloud and use a web- based interface to access and manage the files. The users must be able to use their current corporate logins.

Which of the following is the MOST efficient way to achieve this goal?

Options:

A.

Deploy a VM in a cloud, attach storage, and copy the files across

B.

Use a SaaS service with a directory service federation

C.

Deploy a fileshare in a public cloud and copy the files across

D.

Copy the files to the object storage location in a public cloud

Question 133

A systems administrator is informed that a database server containing PHI and PII is unencrypted. The environment does not support VM encryption, nor does it have a key management system. The server needs to be able to be rebooted for patching without manual intervention.

Which of the following will BEST resolve this issue?

Options:

A.

Ensure all database queries are encrypted

B.

Create an IPSec tunnel between the database server and its clients

C.

Enable protocol encryption between the storage and the hypervisor

D.

Enable volume encryption on the storage

E.

Enable OS encryption

Question 134

A cloud administrator needs to implement a mechanism to monitor the expense of the company’s cloud resources.

Which of the following is the BEST option to execute this task with minimal effort?

Options:

A.

Ask the cloud provider to send a daily expense report

B.

Set custom notifications for exceeding budget thresholds

C.

Use the API to collect expense information from cloud resources

D.

Implement a financial tool to monitor cloud resource expenses

Question 135

An IaaS application has a two-hour RTO and a four-hour RPO. The application takes one hour to back up its data or restore from a local backup file. A systems administrator is tasked with configuring the backup policy.

Which of the following should the administrator configure to achieve the application requirements with the LEAST cost?

Options:

A.

Back up to long-term storage every night

B.

Back up to object storage every three hours

C.

Back up to long-term storage every four hours

D.

Back up to object storage every hour

Page: 1 / 34
Total 452 questions