CV1-003 : CompTIA Cloud+ : Part 02

  1. A company wants to check its infrastructure and application for security issues regularly. Which of the following should the company implement?

    • Performance testing
    • Penetration testing
    • Vulnerability testing
    • Regression testing
  2. A company that utilizes an IaaS service provider has contracted with a vendor to perform a penetration test on its environment. The vendor is able to exploit the virtualization layer and obtain access to other instances within the cloud provider’s environment that do not belong to the company.

    Which of the following BEST describes this attack?

    • VM escape
    • Directory traversal
    • Buffer overflow
    • Heap spraying
  3. A systems administrator would like to reduce the network delay between two servers.

    Which of the following will reduce the network delay without taxing other system resources?

    • Decrease the MTU size on both servers
    • Adjust the CPU resources on both servers
    • Enable compression between the servers
    • Configure a VPN tunnel between the servers
  4. An administrator is performing an in-place upgrade on a quest VM operating system.

    Which of the following can be performed as a quick method to roll back to an earlier state, if necessary?

    • A configuration file backup
    • A full backup of the database
    • A differential backup
    • A VM-level snapshot
  5. After analyzing a web server’s logs, a systems administrator sees that users are connecting to the company’s application through HTTP instead of HTTPS. The administrator then configures a redirect from HTTP to HTTPS on the web server, and the application responds with a connection time-out message.

    Which of the following should the administrator verify NEXT?

    • The TLS certificate
    • The firewall rules
    • The concurrent connection limit
    • The folder permissions
  6. A systems administrator is configuring a storage array.

    Which of the following should the administrator configure to set up mirroring on this array?

    • RAID 0
    • RAID 1
    • RAID 5
    • RAID 6
  7. A company has developed a cloud-ready application. Before deployment, an administrator needs to select a deployment technology that provides a high level of portability and is lightweight in terms of footprint and resource requirements.

    Which of the following solutions will be BEST to help the administrator achieve the requirements?

    • Containers
    • Infrastructure as code
    • Desktop virtualization
    • Virtual machines
  8. A global web-hosting company is concerned about the availability of its platform during an upcoming event. Web traffic is forecasted to increase substantially during the next week. The site contains mainly static content.

    Which of the following solutions will assist with the increased workload?

    • DoH
    • WAF
    • IPS
    • CDN
  9. An organization is hosting a cloud-based web server infrastructure that provides web-hosting solutions. Sudden continuous bursts of traffic have caused the web servers to saturate CPU and network utilizations.

    Which of the following should be implemented to prevent such disruptive traffic from reaching the web servers?

    • Solutions to perform NAC and DLP
    • DDoS protection
    • QoS on the network
    • A solution to achieve microsegmentation
  10. A developer is no longer able to access a public cloud API deployment, which was working ten minutes prior.

    Which of the following is MOST likely the cause?

    • API provider rate limiting
    • Invalid API token
    • Depleted network bandwidth
    • Invalid API request
  11. An organization is implementing a new requirement to facilitate users with faster downloads of corporate application content. At the same time, the organization is also expanding cloud regions.

    Which of the following would be suitable to optimize the network for this requirement?

    • Implement CDN for overall cloud application
    • Implement auto-scaling of the compute resources
    • Implement SR-IOV on the server instances
    • Implement an application container solution
  12. Which of the following cloud deployment models allows a company to have full control over its IT infrastructure?

    • Private
    • Cloud within a cloud
    • Hybrid
    • Public
  13. A cloud administrator is designing a multiregion network within an IaaS provider. The business requirements for configuring the network are as follows:

    – Use private networking in and between the multisites for data replication.
    – Use low latency to avoid performance issues.

    Which of the following solutions should the network administrator use within the IaaS provider to connect multiregions?

    • Peering
    • Gateways
    • VPN
    • Hub and spoke
  14. A company has decided to get multiple compliance and security certifications for its public cloud environment. However, the company has few staff members to handle the extra workload, and it has limited knowledge of the current infrastructure.

    Which of the following will help the company meet the compliance requirements as quickly as possible?

    • DLP
    • CASB
    • FIM
    • NAC
  15. The human resources department was charged for a cloud service that belongs to another department. All other cloud costs seem to be correct.

    Which of the following is the MOST likely cause for this error?

    • Misconfigured templates
    • Misconfigured chargeback
    • Incorrect security groups
    • Misconfigured tags
  16. A cloud administrator has finished setting up an application that will use RDP to connect. During testing, users experience a connection timeout error.

    Which of the following will MOST likely solve the issue?

    • Checking user passwords
    • Configuring QoS rules
    • Enforcing TLS authentication
    • Opening TCP port 3389
  17. A company has a cloud infrastructure service, and the cloud architect needs to set up a DR site.

    Which of the following should be configured in between the cloud environment and the DR site?

    • Failback
    • Playbook
    • Zoning
    • Replication
  18. A systems administrator notices that a piece of networking equipment is about to reach its end of support.

    Which of the following actions should the administrator recommend?

    • Update the firmware
    • Migrate the equipment to the cloud
    • Update the OS
    • Replace the equipment
  19. An organization has two businesses that are developing different software products. They are using a single cloud provider with multiple IaaS instances. The organization identifies that the tracking of costs for each business are inaccurate.

    Which of the following is the BEST method for resolving this issue?

    • Perform segregation of the VLAN and capture egress and ingress values of each network interface
    • Tag each server with a dedicated cost and sum them based on the businesses
    • Split the total monthly invoice equally between the businesses
    • Create a dedicated subscription for the businesses to manage the costs
  20. A systems administrator disabled TLS 1.0 and 1.1, as well as RC4, 3DES, and AES-128 ciphers for TLS 1.2, on a web server. A client now reports being unable to access the web server, but the administrator verifies that the server is online, the web service is running, and other users can reach the server as well.

    Which of the following should the administrator recommend the user do FIRST?

    • Disable antivirus/anti-malware software
    • Turn off the software firewall
    • Establish a VPN tunnel between the computer and the web server
    • Update the web browser to the latest version