Black Friday Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exams65

ExamsBrite Dumps

CompTIA Cloud+ Certification Exam Question and Answers

CompTIA Cloud+ Certification Exam

Last Update Dec 3, 2024
Total Questions : 419

We are offering FREE CV0-003 CompTIA exam questions. All you do is to just go and sign up. Give your details, prepare CV0-003 free exam questions and then go for complete pool of CompTIA Cloud+ Certification Exam test questions that will help you more.

CV0-003 pdf

CV0-003 PDF

$36.75  $104.99
CV0-003 Engine

CV0-003 Testing Engine

$43.75  $124.99
CV0-003 PDF + Engine

CV0-003 PDF + Testing Engine

$57.75  $164.99
Questions 1

An environment has a dual-stack infrastructure in an active-active configuration in two separate data centers. Which of the following best describes replication between the two sites?

Options:

A.  

Data is moved constantly from the hot site to the warm site.

B.  

Data is replicated every 15 minutes from one site to the other.

C.  

Data is moved from one site to the other once per day.

D.  

Data is synchronized in real time across the sites.

E.  

Data is moved twice a day from Site A to Site B, and then from Site B to Site A.

Discussion 0
Questions 2

Based on the shared responsibility model, which of the following solutions passes the responsibility of patching the OS to the customer?

Options:

A.  

PaaS

B.  

DBaaS

C.  

laaS

D.  

SaaS

Discussion 0
Questions 3

A company has a web application running in an on-premises environment that needs to be migrated to the cloud. The company wants to implement a solution that maximizes scalability, availability, and security, while requiring no infrastructure administration. Which of the following services would be BEST to meet this goal?

Options:

A.  

A PaaS solution

B.  

A hybrid solution

C.  

An laaS solution

D.  

A SaaS solution

Discussion 0
Questions 4

An application deployment team has observed delays in deployments and has asked the cloud administrator to evaluate the issue. Below is the result of a latency test that was conducted by the cloud administrator from offices located in the following regions:

• Asia-Pacific (APAC)

• Europe, the Middle East, and Africa (EMEA)

• Americas

Tests were conducted from each location, and the results are shown below:

Which of the following locations needs to be investigated further?

Options:

A.  

• Connectivity from APAC to APAC regions

• Connectivity from APAC to EMEA and US - North

B.  

• Connectivity from APAC to all regions

• Connectivity from Americas to all regions

C.  

• Connectivity from EMEA to all regions

• Connectivity from APAC to APAC and EMEA regions

D.  

• Connectivity from APAC to EMEA and Americas regions

• Connectivity from EMEA to all regions

Discussion 0
Questions 5

A cloud administrator is supporting an application that has several reliability issues. The administrator needs visibility into the performance characteristics of the application. Which of the following will MOST likely be used in a reporting dashboard?

Options:

A.  

Data from files containing error messages from the application

B.  

Results from the last performance and workload testing

C.  

Detail log data from syslog files of the application

D.  

Metrics and time-series data measuring key performance indicators

Discussion 0
Questions 6

A cloud administrator who is troubleshooting DNS issues discovers zone transfers are not occurring between the primary and secondary name servers due to an error in the serial numbers. Which of the following records should the administrator query for the serial number?

Options:

A.  

PTR

B.  

TXT

C.  

SOA

D.  

SRV

Discussion 0
Questions 7

A cloud administrator set up a link between the private and public cloud through a VPN tunnel. As part of the migration, a large set of files will be copied. Which of the following network ports are required from a security perspective?

Options:

A.  

22, 53, 445

B.  

22, 443, 445

C.  

25, 123, 443

D.  

137, 139, 445

Discussion 0
Questions 8

A cloud administrator needs to implement a mechanism to monitor the expense of the company’s cloud resources.

Which of the following is the BEST option to execute this task with minimal effort?

Options:

A.  

Ask the cloud provider to send a daily expense report

B.  

Set custom notifications for exceeding budget thresholds

C.  

Use the API to collect expense information from cloud resources

D.  

Implement a financial tool to monitor cloud resource expenses

Discussion 0
Questions 9

A cloud administrator is switching hosting companies and using the same script that was previously used to deploy VMs in the new cloud. The script is returning errors that the command was not found.

Which of the following is the MOST likely cause of the script failure?

Options:

A.  

Account mismatches

B.  

IP address changes

C.  

API version incompatibility

D.  

Server name changes

Discussion 0
Questions 10

A systems administrator in a large enterprise needs to alter the configuration of one of the finance department’s database servers.

Which of the following should the administrator perform FIRST?

Options:

A.  

Capacity planning

B.  

Change management

C.  

Backups

D.  

Patching

Discussion 0
Questions 11

An IaaS provider has numerous devices and services that are commissioned and decommissioned automatically on an ongoing basis. The cloud administrator needs to implement a solution that will help reduce administrative overhead.

Which of the following will accomplish this task?

Options:

A.  

IPAM

B.  

NAC

C.  

NTP

D.  

DNS

Discussion 0
Questions 12

A web server has been deployed in a public IaaS provider and has been assigned the public IP address of 72.135.10.100. Users are now reporting that when they browse to the website, they receive a message indicating the service is unavailable. The cloud administrator logs into the server, runs a netstat command,

and notices the following relevant output:

Which of the following actions should the cloud administrator take to resolve the issue?

Options:

A.  

Assign a new IP address of 192.168.100.10 to the web server

B.  

Modify the firewall on 72.135.10.100 to allow only UDP

C.  

Configure the WAF to filter requests from 17.3.130.3

D.  

Update the gateway on the web server to use 72.135.10.1

Discussion 0
Questions 13

A cloud architect wants to minimize the risk of having systems administrators in an IaaS compute instance perform application code changes. The development group should be the only group allowed to modify files in the directory.

Which of the following will accomplish the desired objective?

Options:

A.  

Remove the file write permissions for the application service account.

B.  

Restrict the file write permissions to the development group only.

C.  

Add access to the fileshare for the systems administrator’s group.

D.  

Deny access to all development user accounts

Discussion 0
Questions 14

After analyzing a web server’s logs, a systems administrator sees that users are connecting to the company’s application through HTTP instead of HTTPS. The administrator then configures a redirect from HTTP to HTTPS on the web server, and the application responds with a connection time-out message.

Which of the following should the administrator verify NEXT?

Options:

A.  

The TLS certificate

B.  

The firewall rules

C.  

The concurrent connection limit

D.  

The folder permissions

Discussion 0
Questions 15

A company has two identical environments (X and Y) running its core business application. As part of an upgrade, the X environment is patched/upgraded and tested while the Y environment is still serving the consumer workloads. Upon successful testing of the X environment, all workload is sent to this environment, and the Y environment is then upgraded before both environments start to manage the workloads. Which of the following upgrade methods is being used?

Options:

A.  

Active-passive

B.  

Canary

C.  

Development/production

D.  

Blue-green

Discussion 0
Questions 16

A systems administrator has migrated an internal application to a public cloud. The new web server is running under a TLS connection and has the same TLS certificate as the internal application that is deployed. However, the IT department reports that only internal users who are using new versions of the OSs are able to load the application home page.

Which of the following is the MOST likely cause of the issue?

Options:

A.  

The local firewall from older OSs is not allowing outbound connections

B.  

The local firewall from older OSs is not allowing inbound connections

C.  

The cloud web server is using a self-signed certificate that is not supported by older browsers

D.  

The cloud web server is using strong ciphers that are not supported by older browsers

Discussion 0
Questions 17

A company that utilizes an IaaS service provider has contracted with a vendor to perform a penetration test on its environment. The vendor is able to exploit the virtualization layer and obtain access to other instances within the cloud provider’s environment that do not belong to the company.

Which of the following BEST describes this attack?

Options:

A.  

VM escape

B.  

Directory traversal

C.  

Buffer overflow

D.  

Heap spraying

Discussion 0
Questions 18

An enterprise is considering a cost model for a DBaaS. Which of the following is BEST for a cloud solution?

Options:

A.  

per gigabyte

B.  

per seat

C.  

Per user

D.  

Per device

Discussion 0
Questions 19

A systems administrator is troubleshooting issues with audio lag during phone conferences. When looking at the core switch, the administrator notices its buffers are consistently full, and packets are being dropped due to the large number being sent and received. There is no room in the budget for new hardware, but it is critical that the audio lag be fixed immediately. Which of the following will most likely resolve the issue?

Options:

A.  

Enable compression of audio traffic.

B.  

Configure QoS rules for VolP traffic.

C.  

Verify that the gateway uplink is not saturated.

D.  

Add an exception to IPS for voice traffic.

Discussion 0
Questions 20

An organization's two-node, hybrid container cluster is experiencing failures during horizontal scaling to the cloud cluster instance. The on-premises IP range is 192.168.0.0/16, and the cloud environment is 10.168.0.0/16. Overlapping or stretched VLANs are not permitted, and a node is deployed in each location. The cloud monitoring agent reports a healthy status for the second instance, but when pinging the clusters from on premises, the following output is received:

pinging cluster1. comptia. containers.com C192.168.100 reply

pinging cluster2. comptia. containers.com [192.16B .100 .128] request timed out

Which of the following is the most likely reason for the scaling failure?

Options:

A.  

Incorrect DNS entry

B.  

Offline cluster node

C.  

Incorrect proxy entry

D.  

Incorrect cluster IP

E.  

Incorrect IP route

Discussion 0
Questions 21

A systems administrator is reviewing the logs from a company's IDS and notices a large amount of outgoing traffic from a particular server. The administrator then runs a scan on the server, which detects malware that cannot be removed. Which of the following should the administrator do first?

Options:

A.  

Determine the root cause.

B.  

Disconnect the server from the network.

C.  

Perform a more intrusive scan.

D.  

Restore the server from a backup.

Discussion 0
Questions 22

A systems administrator notices the host filesystem is running out of storage space. Which of the following will best reduce the storage space on the system?

Options:

A.  

Deduplication

B.  

Compression

C.  

Adaptive optimization

D.  

Thin provisioning

Discussion 0
Questions 23

A company that performs passive vulnerability scanning at its transit VPC has detected a vulnerability related to outdated web-server software on one of its public subnets. Which of the following can the company use to verify if this is a true positive with the least effort and cost? (Select two).

Options:

A.  

A network-based scan

B.  

An agent-based scan

C.  

A port scan

D.  

A red-team exercise

E.  

A credentialed scan

F.  

A blue-team exercise

G.  

Unknown environment penetration testing

Discussion 0
Questions 24

A systems administrator is selecting the appropriate RAID level to support a private cloud with the following requirements:

. The storage array must withstand the failure of up to two drives.

. The storage array must maximize the storage capacity of its drives.

Which of the following RAID levels should the administrator implement?

Options:

A.  

RAID 0

B.  

RAID 1

C.  

RAID 5

D.  

RAID 6

E.  

RAID 10

Discussion 0
Questions 25

A media company has made the decision to migrate a physical, internal file server to the cloud and use a web- based interface to access and manage the files. The users must be able to use their current corporate logins.

Which of the following is the MOST efficient way to achieve this goal?

Options:

A.  

Deploy a VM in a cloud, attach storage, and copy the files across

B.  

Use a SaaS service with a directory service federation

C.  

Deploy a fileshare in a public cloud and copy the files across

D.  

Copy the files to the object storage location in a public cloud

Discussion 0
Questions 26

A company has deployed a new cloud solution and is required to meet security compliance.

Which of the following will MOST likely be executed in the cloud solution to meet security requirements?

Options:

A.  

Performance testing

B.  

Regression testing

C.  

Vulnerability testing

D.  

Usability testing

Discussion 0
Questions 27

A company wants to implement business continuity, and the cloud solution architect needs to design the correct solution.

Which of the following will provide the data to measure business continuity? (Choose two.)

Options:

A.  

A service-level agreement

B.  

Automation scripts

C.  

Playbooks

D.  

A network diagram

E.  

A backup and restore

F.  

A recovery time objective

Discussion 0
Questions 28

A cloud administrator is setting up a DR site on a different zone of the same CSP. The application servers are replicated using the VM replication, and the database replication is set up using log shipping. Upon testing the DR site, the application servers are unable to access the database servers. The administrator has verified the systems are running and are accessible from the CSP portal.

Which of the following should the administrator do to fix this issue?

Options:

A.  

Change the database application IP

B.  

Create a database cluster between the primary site and the DR site

C.  

Update the connection string

D.  

Edit the DNS record at the DR site for the application servers

Discussion 0
Questions 29

A systems administrator needs to configure a set of policies to protect the data to comply with mandatory regulations.

Which of the following should the administrator implement to ensure DLP efficiently prevents the exposure of sensitive data in a cloud environment?

Options:

A.  

Integrity

B.  

Versioning

C.  

Classification

D.  

Segmentation

Discussion 0
Questions 30

A company just successfully completed a DR test and is ready to shut down its DR site and resume normal operations.

Which of the following actions should the cloud administrator take FIRST?

Options:

A.  

Initiate a failover

B.  

Restore backups

C.  

Configure the network

D.  

Perform a failback

Discussion 0
Questions 31

A systems administrator is building a new virtualization cluster. The cluster consists of five virtual hosts, which each have flash and spinning disks. This storage is shared among all the virtual hosts, where a virtual machine running on one host may store data on another host.

This is an example of:

Options:

A.  

a storage area network

B.  

a network file system

C.  

hyperconverged storage

D.  

thick-provisioned disks

Discussion 0
Questions 32

A cloud architect is designing the VPCs for a new hybrid cloud deployment. The business requires the following:

  • High availability
  • Horizontal auto-scaling
  • 60 nodes peak capacity per region
  • Five reserved network IP addresses per subnet
  • /24 range

Which of the following would BEST meet the above requirements?

Options:

A.  

Create two /25 subnets in different regions

B.  

Create three /25 subnets in different regions

C.  

Create two /26 subnets in different regions

D.  

Create three /26 subnets in different regions

E.  

Create two /27 subnets in different regions

F.  

Create three /27 subnets in different regions

Discussion 0
Questions 33

An organization is hosting a cloud-based web server infrastructure that provides web-hosting solutions. Sudden continuous bursts of traffic have caused the web servers to saturate CPU and network utilizations.

Which of the following should be implemented to prevent such disruptive traffic from reaching the web servers?

Options:

A.  

Solutions to perform NAC and DLP

B.  

DDoS protection

C.  

QoS on the network

D.  

A solution to achieve microsegmentation

Discussion 0
Questions 34

The human resources department was charged for a cloud service that belongs to another department. All other cloud costs seem to be correct.

Which of the following is the MOST likely cause for this error?

Options:

A.  

Misconfigured templates

B.  

Misconfigured chargeback

C.  

Incorrect security groups

D.  

Misconfigured tags

Discussion 0
Questions 35

Options:

Discussion 0
Questions 36

A cloud solutions architect has an environment that must only be accessed during work hours. Which of the following processes should be automated to best reduce cost?

Options:

A.  

Scaling of the environment after work hours

B.  

Implementing access control after work hours

C.  

Shutting down the environment after work hours

D.  

Blocking external access to the environment after work hours

Discussion 0
Questions 37

A VDI administrator is enhancing the existing environment with a feature to allow users to connect devices to virtual workstations. Which of the following types of devices are most likely to be allowed in the upgrade? (Select two).

Options:

A.  

Display monitors

B.  

USB devices

C.  

SATA devices

D.  

PCIe devices

E.  

PCI devices

F.  

Printers

Discussion 0
Questions 38

A company has a large environment with multiple VPCs across three regions in a public cloud. The company is concerned about connectivity within the regions. Which of the following should the cloud administrator implement?

Options:

A.  

Peering

B.  

A firewall

C.  

Network access control

D.  

A load balancer

Discussion 0
Questions 39

A VDI provider suspects users are installing prohibited software on the instances. Which of the following must be implemented to prevent the issue?

Options:

A.  

Log monitoring

B.  

Patch management

C.  

Vulnerability scanning

D.  

System hardening

Discussion 0
Questions 40

A cloud administrator has received a physical disk that was analyzed by the incident response team. Which of the following documents should the cloud administrator update?

Options:

A.  

Chain of custody

B.  

Incident taxonomy

C.  

Risk register

D.  

Incident playbook

Discussion 0
Questions 41

A company plans to publish a new application and must conform with security standards. Which of the following types of testing are most important for the systems administrator to run to assure the security and compliance of the application before publishing? (Select two).

Options:

A.  

Regression testing

B.  

Vulnerability testing

C.  

Usability testing

D.  

Functional testing

E.  

Penetration testing

F.  

Load testing

Discussion 0
Questions 42

A cloud engineer needs to perform a database migration. The database has a restricted SLA and cannot be offline for more than ten minutes per month. The database stores 800GB of data, and the network bandwidth to the CSP is 100MBps Which of the following is the best option to perform the migration?

Options:

A.  

Copy the database to an external device and ship the device to the CSP.

B.  

Create a replica database, synchronize the data, and switch to the new instance.

C.  

Utilize a third-party tool to back up and restore the data to the new database.

D.  

Use the database import/export method and copy the exported file.

Discussion 0
Questions 43

A systems administrator is planning to migrate to a cloud solution with volume-based licensing. Which of the following is most important when considering licensing costs?

Options:

A.  

The number of cores

B.  

The number of threads

C.  

The number of machines

D.  

The number of sockets

Discussion 0
Questions 44

A systems administrator is implementing a new file storage service that has been deployed in the company's private cloud instance. The key requirement is fast read/write times for the targeted users, and the budget for this project is not a concern. Which of the following storage types should the administrator deploy?

Options:

A.  

Spinning disks

B.  

NVMe

C.  

SSD

D.  

Hybrid

Discussion 0
Questions 45

A systems administrator is responsible for upgrading operating systems on VMs that are hosted in a cloud environment. The systems administrator wants to ensure the VMs receive updates for as long as possible. Which of the following should the systems administrator choose?

Options:

A.  

Stable

B.  

Nightly

C.  

LTS

D.  

Canary

E.  

EDR

Discussion 0
Questions 46

A systems administrator is provisioning VMs in a cloud environment and has been told to select an OS build with the furthest end-of-life date.

Which of the following OS builds would be BEST for the systems administrator to use?

Options:

A.  

Open-source

B.  

LTS

C.  

Canary

D.  

Beta

E.  

Stable

Discussion 0
Questions 47

A systems administrator recently upgraded the processors in a web application host. Upon the next login, the administrator sees a new alert regarding the license being out of compliance.

Which of the following licensing models is the application MOST likely using?

Options:

A.  

Per device

B.  

Per user

C.  

Core-based

D.  

Volume-based

Discussion 0
Questions 48

A security team is conducting an audit of the security group configurations for the Linux servers that are hosted in a public laaS. The team identifies the following rule as a potential

A cloud administrator, who is working remotely, logs in to the cloud management console and modifies the rule to set the source to "My IR" Shortly after deploying the rule, an internal developer receives the following error message when attempting to log in to the server using SSH: Network error: connection timed out. However, the administrator is able to connect successfully to the same server using SSH. Which of the following is the BEST option for both the developer and the administrator to access the

server from their locations?

Options:

A.  

Modify the outbound rule to allow the company's external IP address as a source.

B.  

Add an inbound rule to use the IP address for the company's main office as a source.

C.  

Modify the inbound rule to allow the company's external IP address as a source.

D.  

Delete the inbound rule to allow the company's external IP address as a source.

Discussion 0
Questions 49

A company needs to rehost its ERP system to complete a datacenter migration to the public cloud. The company has already migrated other systems and configured VPN connections.

Which of the following MOST likely needs to be analyzed before rehosting the ERP?

Options:

A.  

Software

B.  

Licensing

C.  

Right-sizing

D.  

The network

Discussion 0
Questions 50

A cloud administrator would like to maintain file integrity checks through hashing on a cloud object store. Which of the following is MOST suitable from a performance perspective?

Options:

A.  

SHA-256

B.  

SHA-512

C.  

MD5

D.  

AES

Discussion 0
Questions 51

A systems administrator is securing a new email system for a large corporation. The administrator wants to ensure private corporate information is not emailed to external users. Which of the following would be MOST useful to accomplish this task?

Options:

A.  

DLP

B.  

EDR

C.  

DNSSEC

D.  

SPF

Discussion 0
Questions 52

A cloud administrator has created a new asynchronous workflow lo deploy VMs to the cloud in bulk. When the workflow is tested for a single VM, it completes successfully. However, if the workflow is used to create 50 VMs at once, the job fails. Which of the following is the MOST likely cause of the issue? (Choose two.)

Options:

A.  

Incorrect permissions

B.  

Insufficient storage

C.  

Billing issues with the cloud provider

D.  

No connectivity to the public cloud

E.  

Expired API token

F.  

Disabled autoscaling

Discussion 0
Questions 53

A systems administrator is planning a penetration test for company resources that are hosted in a public cloud. Which of the following must the systems administrator do FIRST?

Options:

A.  

Consult the law for the country where the company’s headquarters is located

B.  

Consult the regulatory requirements for the company’s industry

C.  

Consult the law for the country where the cloud services provider is located

D.  

Consult the cloud services provider's policies and guidelines

Discussion 0
Questions 54

A cloud solutions architect has received guidance to migrate an application from on premises to a public cloud. Which of the following requirements will help predict the operational expenditures in the cloud?

Options:

A.  

Average resource consumption

B.  

Maximum resource consumption

C.  

Minimum resource consumption

D.  

Actual hardware configuration

Discussion 0
Questions 55

A systems administrator needs to migrate email services to the cloud model that requires the least amount of administrative effort. Which of the following should the administrator select?

Options:

A.  

DBaaS

B.  

SaaS

C.  

IaaS

D.  

PaaS

Discussion 0
Questions 56

A systems administrator is concerned about having two virtual database servers on the same host. Which of the following should be configured?

Options:

A.  

Regions

B.  

Anti-affinity

C.  

Oversubscription

D.  

Container

Discussion 0
Questions 57

A cloud administrator is reviewing the annual contracts for all hosted solutions. Upon review of the contract for the hosted mail solution, the administrator notes the monthly subscription rate has increased every year. The provider has been in place for ten years, and there is a large amount of data being hosted. Which of the following is a barrier to switching providers?

Options:

A.  

Service_level agreement

B.  

Vendor lock-in

C.  

Memorandum of understanding

D.  

Encrypted data

Discussion 0
Questions 58

A cloud administrator has deployed several VM instances that are running the same applications on VDI nodes. Users are reporting that a role instance is looping between STARTED, INITIALIZING, BUSY, and stop. Upon investigation, the cloud administrator can see the status changing every few minutes. Which of the following should be done to resolve the issue?

Options:

A.  

Reboot the hypervisor.

B.  

Review the package and configuration file.

C.  

Configure service healing.

D.  

Disable memory swap.

Discussion 0
Questions 59

A cloud engineer is responsible for managing two cloud environments from different MSPs. The security department would like to inspect all traffic from the two cloud environments.

Which of the following network topology solutions should the cloud engineer implement to reduce long-term maintenance?

Options:

A.  

Chain

B.  

Star

C.  

Mesh

D.  

Hub and spoke

Discussion 0
Questions 60

An OS administrator is reporting slow storage throughput on a few VMs in a private IaaS cloud. Performance graphs on the host show no increase in CPU or memory. However, performance graphs on the storage show a decrease of throughput in both IOPS and MBps but not much increase in latency. There is no increase in workload, and latency is stable on the NFS storage arrays that are used by those VMs.

Which of the following should be verified NEXT?

Options:

A.  

Application

B.  

SAN

C.  

VM GPU settings

D.  

Network

Discussion 0
Questions 61

A systems administrator is deploying a new storage array for backups. The array provides 1PB of raw disk space and uses 14TB nearline SAS drives. The solution must tolerate at least two failed drives in a single RAID set.

Which of the following RAID levels satisfies this requirement?

Options:

A.  

RAID 0

B.  

RAID 1

C.  

RAID 5

D.  

RAID 6

E.  

RAID 10

Discussion 0
Questions 62

A SaaS provider wants to maintain maximum availability for its service.

Which of the following should be implemented to attain the maximum SLA?

Options:

A.  

A hot site

B.  

An active-active site

C.  

A warm site

D.  

A cold site

Discussion 0
Questions 63

A storage array that is used exclusively for datastores is being decommissioned, and a new array has been installed. Now the private cloud administrator needs to migrate the data.

Which of the following migration methods would be the BEST to use?

Options:

A.  

Conduct a V2V migration

B.  

Perform a storage live migration

C.  

Rsync the data between arrays

D.  

Use a storage vendor migration appliance

Discussion 0
Questions 64

An organization has two businesses that are developing different software products. They are using a single cloud provider with multiple IaaS instances. The organization identifies that the tracking of costs for each

business are inaccurate.

Which of the following is the BEST method for resolving this issue?

Options:

A.  

Perform segregation of the VLAN and capture egress and ingress values of each network interface

B.  

Tag each server with a dedicated cost and sum them based on the businesses

C.  

Split the total monthly invoice equally between the businesses

D.  

Create a dedicated subscription for the businesses to manage the costs

Discussion 0
Questions 65

A systems administrator is working on the backup schedule for a critical business application that is running in a private cloud. Which of the following would help the administrator schedule the frequency of the backup job?

Options:

A.  

RPO

B.  

MTTR

C.  

SLA

D.  

RTO

Discussion 0
Questions 66

A systems administrator is using VMs to deploy a new solution that contains a number of application VMs.

Which of the following would provide high availability to the application environment in case of hypervisor failure?

Options:

A.  

Anti-affinity rules

B.  

Cold migration

C.  

Live migration

D.  

Affinity rules

Discussion 0
Questions 67

A systems administrator would like to reduce the network delay between two servers.

Which of the following will reduce the network delay without taxing other system resources?

Options:

A.  

Decrease the MTU size on both servers

B.  

Adjust the CPU resources on both servers

C.  

Enable compression between the servers

D.  

Configure a VPN tunnel between the servers

Discussion 0
Questions 68

A systems administrator is troubleshooting network throughput issues following a deployment. The network is currently being overwhelmed by the amount of traffic between the database and the web servers in the environment.

Which of the following should the administrator do to resolve this issue?

Options:

A.  

Set up affinity rules to keep web and database servers on the same hypervisor

B.  

Enable jumbo frames on the gateway

C.  

Move the web and database servers onto the same VXLAN

D.  

Move the servers onto thick-provisioned storage

Discussion 0
Questions 69

A company has hired a security firm to perform a vulnerability assessment of its environment. In the first phase, an engineer needs to scan the network services exposed by the hosts. Which of the following will help achieve this with the LEAST privileges?

Options:

A.  

An agent-based scan

B.  

A credentialed scan

C.  

A network-based scan

D.  

An application scan

Discussion 0
Questions 70

A cloud administrator is troubleshooting a highly available web application running within three containers behind a Layer 7 load balancer with a WAF inspecting all traffic. The application frequently asks the users to log in again even when the session timeout has not been reached. Which of the following should the cloud administrator configure to solve this issue?

Options:

A.  

Firewall outbound rules

B.  

Firewall inbound rules

C.  

Load balancer certificates

D.  

Load balancer stickiness

E.  

WAF transaction throttling

Discussion 0
Questions 71

A systems administrator is responding to an outage in a cloud environment that was caused by a network-based flooding attack. Which of the following should the administrator configure to mitigate the attack?

Options:

A.  

NIPS

B.  

Network overlay using GENEVE

C.  

DDoS protection

D.  

DoH

Discussion 0
Questions 72

A company is deploying a public cloud solution for an existing application using lift and shift. The requirements for the applications are scalability and external access. Which of the following should the company implement? (Select TWO).

Options:

A.  

A load balancer

B.  

SON

C.  

A firewall

D.  

SR-IOV

E.  

Storage replication

F.  

A VPN

Discussion 0
Questions 73

A systems administrator needs to modify the replication factors of an automated application container from 3 to 5. Which of the following file types should the systems administrator modify on the master controller?

Options:

A.  

.yaml

B.  

. txt

C.  

.conf

D.  

.etcd

Discussion 0
Questions 74

A systems administrator must ensure confidential company information is not leaked to competitors. Which of the following services will BEST accomplish this goal?

Options:

A.  

CASB

B.  

IDS

C.  

FIM

D.  

EDR

E.  

DLP

Discussion 0
Questions 75

A cloud engineer, who manages workloads in a public cloud environment, uses autoscaling to maintain availability of a critical application. During a recent burst in demands, the engineer received the following error alert:

LimitedlnstanceCapacity

Which of the following is MOST likely cause of the error?

Options:

A.  

The cloud account has a misconfigured security group.

B.  

The cloud account has exhausted the number of instances quota.

C.  

The cloud account has had rights revoked to create instances.

D.  

The autoscaling feature does not have permissions to create instances.

Discussion 0
Questions 76

A systems administrator is configuring a storage system for maximum performance and redundancy. Which of the following storage technologies should the administrator use to achieve this?

Options:

A.  

RAID 5

B.  

RAID 6

C.  

RAID 10

D.  

RAID 50

Discussion 0
Questions 77

A systems administrator is responding to an outage in a cloud environment that was caused by a network-based flooding attack. Which of the following should the administrator configure to mitigate the attack?

Options:

A.  

NIPS

B.  

Network overlay using GENEVE

C.  

DDoS protection

D.  

DoH

Discussion 0
Questions 78

A systems administrator wants to restrict access to a set of sensitive files to a specific group of users. Which of the following will achieve the objective?

Options:

A.  

Add audit rules on the server

B.  

Configure data loss prevention in the environment

C.  

Change tine permissions and ownership of the files

D.  

Implement a HIPS solution on the host

Discussion 0
Questions 79

A local bank has all of its infrastructure in the cloud. An update was applied to the main database server at 5:00 a.m. on Monday morning, and the database was then corrupted and unusable. It had to be restored from backup. The last backup was taken the night before at 10:00 p.m. The database was then restored successfully, but seven hours' worth of data was lost, which is deemed unacceptable. Which of the following needs to be updated in the DR plan?

Options:

A.  

Recovery point objective

B.  

Statement of work

C.  

Service-level agreement

D.  

Recovery time objective

Discussion 0
Questions 80

A systems administrator is helping to develop a disaster recovery solution. The solution must ensure all production capabilities are available within two hours. Which of the following will BEST meet this requirement?

Options:

A.  

A hot site

B.  

A warm site

C.  

A backup site

D.  

A cold site

Discussion 0
Questions 81

A company is migrating workloads from on premises to the cloud and would like to establish a connection between the entire data center and the cloud environment. Which of the following VPN configurations would accomplish this task?

Options:

A.  

Site-to-site

B.  

Client-to-site

C.  

Point-to-site

D.  

Point-to-point

Discussion 0
Questions 82

A company with a worldwide presence wants to improve the user experience for its website. Which of the following can a systems administrator implement to improve download speeds and latency for the end users?

Options:

A.  

A CDN solution

B.  

An MPLS connection between data centers

C.  

A DNS round robin

D.  

A site-to-site VPN between data centers

Discussion 0
Questions 83

A cloud administrator implemented SSO and received a business requirement to increase security when users access the cloud environment. Which of the following should be implemented NEXT to improve the company's security posture?

Options:

A.  

SSH

B.  

MFA

C.  

Certificates

D.  

Federation

Discussion 0
Questions 84

A cloud administrator is configuring several security appliances hosted in the private laaS environment to forward the logs to a central log aggregation solution using syslog. Which of the following firewall rules should the administrator add to allow the web servers to connect to the central log collector?

Options:

A.  

Allow UDP 161 outbound from the web servers to the log collector .

B.  

Allow TCP 514 outbound from the web servers to the log collector.

C.  

Allow UDP 161 inbound from the log collector to the web servers .

D.  

Allow TCP 514 inbound from the log collector to the web servers .

Discussion 0
Questions 85

A company is performing a DR drill and is looking to validate its documentation. Which of the following metrics will determine the service recovery duration?

Options:

A.  

MTTF

B.  

SLA

C.  

RTO

D.  

RPO

Discussion 0
Questions 86

A systems administrator needs to implement a service to protect a web application from external attacks. The administrator must have session-based granular control of all HTTP traffic. Which of the following should the administrator configure?

Options:

A.  

IDS

B.  

WAF

C.  

DLP

D.  

NAC

Discussion 0
Questions 87

A database analyst reports it takes two hours to perform a scheduled job after onboarding 10,000 new users to the system. The analyst made no changes to the scheduled job before or after onboarding the users. The database is hosted in an IaaS instance on a cloud provider. Which of the following should the cloud administrator evaluate to troubleshoot the performance of the job?

Options:

A.  

The laaS compute configurations, the capacity trend analysis reports, and the storage IOPS

B.  

The hypervisor logs, the memory utilization of the hypervisor host, and the network throughput of the hypervisor

C.  

The scheduled job logs for successes and failures, the time taken to execute the job, and the job schedule

D.  

Migrating from laaS to on premises, the network traffic between on-premises users and the laaS instance, and the CPU utilization of the hypervisor host

Discussion 0
Questions 88

A systems administrator is deploying a new virtualized environment. The setup is a three-server cluster with 12 VMs running on each server. While executing a vertical-scaling test of the vCPU on the VMs, the administrator gets an error. Which of the following issues is MOST likely occurring?

Options:

A.  

Compute

B.  

Storage

C.  

Licensing

D.  

Scripts

Discussion 0
Questions 89

A cloud administrator is responsible for managing a VDI environment that provides end users with access to limited applications. Which of the following should the administrator make changes to when a new application needs to be provided?

Options:

A.  

Application security policy

B.  

Application whitelisting policy

C.  

Application hardening policy

D.  

Application testing policy

Discussion 0
Questions 90

Which of the following should be considered for capacity planning?

Options:

A.  

Requirements, licensing, and trend analysis

B.  

Laws and regulations

C.  

Regions, clusters, and containers

D.  

Hypervisors and scalability

Discussion 0
Questions 91

A cloud administrator is upgrading a cloud environment and needs to update the automation script to use a new feature from the cloud provider. After executing the script, the deployment fails. Which of the following is the MOST likely cause?

Options:

A.  

API incompatibility

B.  

Location changes

C.  

Account permissions

D.  

Network failure

Discussion 0
Questions 92

A company has an in-house-developed application. The administrator wants to utilize cloud services for additional peak usage workloads. The application has a very unique stack of dependencies.

Which of the following cloud service subscription types would BEST meet these requirements?

Options:

A.  

PaaS

B.  

SaaS

C.  

DBaaS

D.  

IaaS

Discussion 0
Questions 93

A cloud architect is reviewing four deployment options for a new application that will be hosted by a public cloud provider. The application must meet an SLA that allows for no more than five hours of downtime annually. The cloud architect is reviewing the SLAs for the services each option will use:

Based on the information above, which of the following minimally complies with the SLA requirements?

Options:

A.  

Option A

B.  

Option B

C.  

Option C

D.  

Option D

Discussion 0
Questions 94

A systems administrator is deploying a solution that includes multiple network I/O-intensive VMs. The solution design requires that vNICs of the VMs provide low-latency, near-native performance of a physical NIC and data protection between the VMs. Which of the following would BEST satisfy these requirements?

Options:

A.  

SR-IOV

B.  

GENEVE

C.  

SDN

D.  

VLAN

Discussion 0
Questions 95

A systems administrator has finished installing monthly updates to servers in a cloud environment. The administrator notices certain portions of the playbooks are no longer functioning. Executing the playbook commands manually on a server does not work as well. There are no other reports of issues.

Which of the following is the MOST likely cause of this issue?

Options:

A.  

Change management failure

B.  

Service overload

C.  

Patching failure

D.  

Job validation issues

E.  

Deprecated features

Discussion 0
Questions 96

A systems administrator is about to deploy a new VM to a cloud environment. Which of the following will the administrator MOST likely use to select an address for the VM?

Options:

A.  

CDN

B.  

DNS

C.  

NTP

D.  

IPAM

Discussion 0
Questions 97

A systems administrator wants to ensure two VMs remain together on the same host. Which of the following must be set up to enable this functionality?

Options:

A.  

Affinity

B.  

Zones

C.  

Regions

D.  

A cluster

Discussion 0
Questions 98

A systems administrator is examining a managed hosting agreement and wants to determine how much data would be lost if a server had to be restored from backups. To which of the following metrics should the administrator refer?

Options:

A.  

RTO

B.  

MTBF

C.  

RPO

D.  

MTTR

Discussion 0
Questions 99

A company needs to migrate the storage system and batch jobs from the local storage system to a public cloud provider. Which of the following accounts will MOST likely be created to run the batch processes?

Options:

A.  

User

B.  

LDAP

C.  

Role-based

D.  

Service

Discussion 0
Questions 100

A cloud administrator would like to deploy a cloud solution to its provider using automation techniques. Which of the following must be used? (Choose two.)

Options:

A.  

Auto-scaling

B.  

Tagging

C.  

Playbook

D.  

Templates

E.  

Containers

F.  

Serverless

Discussion 0
Questions 101

A Chief Information Security Officer (CISO) is evaluating the company’s security management program. The CISO needs to locate all the assets with identified deviations and mitigation measures. Which of the following would help the CISO with these requirements?

Options:

A.  

An SLA document

B.  

ADR plan

C.  

SOC procedures

D.  

A risk register

Discussion 0
Questions 102

A technician needs to deploy two virtual machines in preparation for the configuration of a financial application next week. Which of the following cloud deployment models should the technician use?

Options:

A.  

XaaS

B.  

IaaS

C.  

PaaS

D.  

SaaS

Discussion 0
Questions 103

A systems administrator is deploying a new cloud application and needs to provision cloud services with minimal effort. The administrator wants to reduce the tasks required for maintenance, such as OS patching, VM and volume provisioning, and autoscaling configurations. Which of the following would be the BEST option to deploy the new application?

Options:

A.  

A VM cluster

B.  

Containers

C.  

OS templates

D.  

Serverless

Discussion 0
Questions 104

A company is currently running a website on site. However, because of a business requirement to reduce current RTO from 12 hours to one hour, and the RPO from one day to eight hours, the company is considering operating in a hybrid environment. The website uses mostly static files and a small relational database. Which of the following should the cloud architect implement to achieve the objective at the LOWEST cost possible?

Options:

A.  

Implement a load-balanced environment in the cloud that is equivalent to the current on-premises setup and use DNS to shift the load from on premises to cloud.

B.  

Implement backups to cloud storage and infrastructure as code to provision the environment automatically when the on-premises site is down. Restore the data from the backups.

C.  

Implement a website replica in the cloud with auto-scaling using the smallest possible footprint. Use DNS to shift the load from on premises to the cloud.

D.  

Implement a CDN that caches all requests with a higher TTL and deploy the laaS instances manually in case of disaster. Upload the backup on demand to the cloud to restore on the new instances.

Discussion 0
Questions 105

A company is switching from one cloud provider to another and needs to complete the migration as quickly as possible.

Which of the following is the MOST important consideration to ensure a seamless migration?

Options:

A.  

The cost of the environment

B.  

The I/O of the storage

C.  

Feature compatibility

D.  

Network utilization

Discussion 0
Questions 106

All of a company's servers are currently hosted in one cloud MSP. The company created a new cloud environment with a different MSP. A cloud engineer is now tasked with preparing for server migrations and establishing connectivity between clouds. Which of the following should the engineer perform FIRST?

Options:

A.  

Peer all the networks from each cloud environment.

B.  

Migrate the servers.

C.  

Create a VPN tunnel.

D.  

Configure network access control lists.

Discussion 0
Questions 107

Which of the following will provide a systems administrator with the MOST information about potential attacks on a cloud IaaS instance?

Options:

A.  

Network flows

B.  

FIM

C.  

Software firewall

D.  

HIDS

Discussion 0
Questions 108

After announcing a big sales promotion, an e-commerce company starts to experience a slow response on its platform that is hosted in a public cloud. When checking the resources involved, the systems administrator sees the following consumption:

Considering all VMs were built from the same templates, which of the following actions should the administrator perform FIRST to speed up the response of the e-commerce platform?

Options:

A.  

Spin up a new web server

B.  

Spin up a new application server

C.  

Add more memory to the web server

D.  

Spin up a new database server

Discussion 0
Questions 109

An administrator recently provisioned a file server in the cloud. Based on financial considerations, the administrator has a limited amount of disk space. Which of the following will help control the amount of space that is being used?

Options:

A.  

Thick provisioning

B.  

Software-defined storage

C.  

User quotas

D.  

Network file system

Discussion 0
Questions 110

An organization suffered a critical failure of its primary datacenter and made the decision to switch to the DR site. After one week of using the DR site, the primary datacenter is now ready to resume operations.

Which of the following is the MOST efficient way to bring the block storage in the primary datacenter up to date with the DR site?

Options:

A.  

Set up replication.

B.  

Copy the data across both sites.

C.  

Restore incremental backups.

D.  

Restore full backups.

Discussion 0
Questions 111

An organization is using multiple SaaS-based business applications, and the systems administrator is unable to monitor and control the use of these subscriptions. The administrator needs to implement a solution that will help the organization apply security policies and monitor each individual SaaS subscription. Which of the following should be deployed to achieve these requirements?

Options:

A.  

DLP

B.  

CASB

C.  

IPS

D.  

HIDS

Discussion 0
Questions 112

Users of an enterprise application, which is configured to use SSO, are experiencing slow connection times. Which of the following should be done to troubleshoot the issue?

Options:

A.  

Perform a memory dump of the OS.

Analyze the memory dump.

Upgrade the host CPU to a higher clock speed CPU.

B.  

Perform a packet capture during authentication.

Validate the load-balancing configuration.

Analyze the network throughput of the load balancer.

C.  

Analyze the storage system IOPS.

Increase the storage system capacity.

Replace the storage system disks to SSD.

D.  

Evaluate the OS ACLs.

Upgrade the router firmware.

Increase the memory of the router.

Discussion 0
Questions 113

A cloud security analyst needs to ensure the web servers in the public subnet allow only secure communications and must remediate any possible issue. The stateful configuration for the public web servers is as follows:

Which of the following actions should the analyst take to accomplish the objective?

Options:

A.  

Remove rules 1, 2, and 5.

B.  

Remove rules 1, 3, and 4.

C.  

Remove rules 2, 3, and 4.

D.  

Remove rules 3, 4, and 5.

Discussion 0
Questions 114

A company wants to move its environment from on premises to the cloud without vendor lock-in. Which of the following would BEST meet this requirement?

Options:

A.  

DBaaS

B.  

SaaS

C.  

IaaS

D.  

PaaS

Discussion 0
Questions 115

A cloud administrator is responsible for managing a cloud-based content management solution. According to the security policy, any data that is hosted in the cloud must be protected against data exfiltration. Which of the following solutions should the administrator implement?

Options:

A.  

HIDS

B.  

FIM

C.  

DLP

D.  

WAF

Discussion 0
Questions 116

A company needs a solution to find content in images. Which of the following technologies, when used in conjunction with cloud services, would facilitate the BEST solution?

Options:

A.  

Internet of Things

B.  

Digital transformation

C.  

Artificial intelligence

D.  

DNS over TLS

Discussion 0
Questions 117

A systems administrator wants to verify the word "qwerty" has not been used as a password on any of the administrative web consoles in a network. Which of the following will achieve this goal?

Options:

A.  

A service availability scan

B.  

An agent-based vulnerability scan

C.  

A default and common credentialed scan

D.  

A network port scan

Discussion 0
Questions 118

A systems administrator adds servers to a round-robin, load-balanced pool, and then starts receiving reports of the website being intermittently unavailable. Which of the following is the MOST likely cause of the issue?

Options:

A.  

The network is being saturated.

B.  

The load balancer is being overwhelmed.

C.  

New web nodes are not operational.

D.  

The API version is incompatible.

E.  

There are time synchronization issues.

Discussion 0
Questions 119

A company is considering consolidating a number of physical machines into a virtual infrastructure that will be located at its main office. The company has the following requirements:

High-performance VMs

More secure

Has system independence

Which of the following is the BEST platform for the company to use?

Options:

A.  

Type 1 hypervisor

B.  

Type 2 hypervisor

C.  

Software application virtualization

D.  

Remote dedicated hosting

Discussion 0
Questions 120

A resource pool in a cloud tenant has 90 GB of memory and 120 cores. The cloud administrator needs to maintain a 30% buffer for resources for optimal performance of the hypervisor. Which of the following would all ow for the maximum number of two-core machines with equal memory?

Options:

A.  

30 VMs, 3GB of memory

B.  

40 VMs, 1,5GB of memory

C.  

45 VMs, 2 GB of memory

D.  

60 VMs, 1 GB of memory

Discussion 0
Questions 121

An IT professional is selecting the appropriate cloud storage solution for an application that has the following requirements:

. The owner of the objects should be the object writer.

· The storage system must enforce TLS encryption.

Which of the following should the IT professional configure?

Options:

A.  

A bucket

B.  

A CIFS endpoint

C.  

A SAN

D.  

An NFS mount

Discussion 0
Questions 122

An organization deployed an application using a cloud provider's internal managed certificates. Developers are unable to retrieve data when calling the API from any machine.

The following error message is in the log:

12-04-2023-10:05:25, SSL Negotiation Error

12-04-2023-10:05:28,Invalid Certificate

12-04-2023-10:05:29, TLS Handshake Failed

12-04-2023-10:05:30,Connection Closed

Which of the following is the most likely cause of the error?

Options:

A.  

TLS version

B.  

Insecure cipher

C.  

Self-signed certificate

D.  

Root trust

Discussion 0
Questions 123

A systems administrator wants to be notified every time an application's configuration files are updated. Which of the following should the administrator implement to achieve the objective?

Options:

A.  

ZFS

B.  

FIM

C.  

MAC

D.  

DLP

Discussion 0
Questions 124

A technician deployed a VM with NL-SAS storage to host a critical application. Two weeks later, users have begun to report high application latency. Which of the following is the best action to correct the latency issue?

Options:

A.  

Increase the capacity of the data storage.

B.  

Migrate the data to SAS storage.

C.  

Increase the CPU of the VM.

D.  

Migrate the data to flash storage.

Discussion 0
Questions 125

After an infrastructure-as-code cloud migration to an laaS environment, the cloud engineer discovers that configurations on DB servers have drifted from the corporate standard baselines. Which of the following should the cloud engineer do to best ensure configurations are restored to the baselines?

Options:

A.  

Utilize a template to automate and update the DB configuration.

B.  

Create an image of the DB, delete the previous DB server, and restore from the image.

C.  

Manually log in to the DB servers and update the configurations.

D.  

Rename and change the IP of the old DB server and rebuild a new DB server.

Discussion 0