CV0-003: CompTIA Cloud+ Topic 1
Question #: 1
Topic #: 1
A company has decided to scale its e-commerce application from its corporate datacenter to a commercial cloud provider to meet an anticipated increase in demand during an upcoming holiday.
The majority of the application load takes place on the application server under normal conditions. For this reason, the company decides to deploy additional application servers into a commercial cloud provider using the on-premises orchestration engine that installs and configures common software and network configurations.
The remote computing environment is connected to the on-premises datacenter via a site-to-site IPSec tunnel. The external DNS provider has been configured to use weighted round-robin routing to load balance connections from the Internet.
During testing, the company discovers that only 20% of connections completed successfully.
Instructions –
Review the network architecture and supporting documents and fulfill these requirements:
Part 1:
✑ Analyze the configuration of the following components: DNS, Firewall 1, Firewall 2, Router 1, Router 2, VPN and Orchestrator Server.
✑ Identify the problematic device(s).
Part 2:
✑ Identify the correct options to provide adequate configuration for hybrid cloud architecture.
If any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Part 1 –
Part 2 –
Only select a maximum of TWO options from the multiple choice question. (Choose two.)
A. Update the PSK (Pre-shared key) in Router 2.
B. Update the A record on the DNS from 2.2.2.2 to 1.1.1.1.
C. Promote deny All to allow All in Firewall 1 and Firewall 2.
D. Change the Address Space on Router 2.
E. Change internal IP Address of Router 1.
F. Reverse the Weight property in the two CNAME records on the DNS.
G. Add the Application Server at on-premises to the Load Balancer.
Selected Answer: AD
Question #: 2
Topic #: 1
An organization suffered a critical failure of its primary datacenter and made the decision to switch to the DR site. After one week of using the DR site, the primary datacenter is now ready to resume operations.
Which of the following is the MOST efficient way to bring the block storage in the primary datacenter up to date with the DR site?
A. Set up replication.
B. Copy the data across both sites.
C. Restore incremental backups.
D. Restore full backups.
Selected Answer: A
Question #: 3
Topic #: 1
A cloud administrator is building a new VM for machine-learning training. The developer requesting the VM has stated that the machine will need a full GPU dedicated to it. Which of the following configuration options would BEST meet this requirement?
A. Virtual GPU
B. External GPU
C. Passthrough GPU
D. Shared GPU
Selected Answer: C
Question #: 4
Topic #: 1
Which of the following service models would be used for a database in the cloud?
A. PaaS
B. IaaS
C. CaaS
D. SaaS
Selected Answer: A
Question #: 5
Topic #: 1
A VDI administrator has received reports from the drafting department that rendering is slower than normal. Which of the following should the administrator check
FIRST to optimize the performance of the VDI infrastructure?
A. GPU
B. CPU
C. Storage
D. Memory
Selected Answer: B
Question #: 6
Topic #: 1
A Chief Information Security Officer (CISO) is evaluating the company’s security management program. The CISO needs to locate all the assets with identified deviations and mitigation measures. Which of the following would help the CISO with these requirements?
A. An SLA document
B. A DR plan
C. SOC procedures
D. A risk register
Selected Answer: D
Question #: 7
Topic #: 1
A cloud engineer is responsible for managing a public cloud environment. There is currently one virtual network that is used to host the servers in the cloud environment. The environment is rapidly growing, and the network does not have any more available IP addresses. Which of the following should the engineer do to accommodate additional servers in this environment?
A. Create a VPC and peer the networks.
B. Implement dynamic routing.
C. Enable DHCP on the networks.
D. Obtain a new IPAM subscription.
Selected Answer: A
Question #: 8
Topic #: 1
A system administrator is migrating a bare-metal server to the cloud. Which of the following types of migration should the systems administrator perform to accomplish this task?
A. V2V
B. V2P
C. P2P
D. P2V
Selected Answer: D
Question #: 9
Topic #: 1
A company is utilizing a private cloud solution that is hosted within its datacenter. The company wants to launch a new business application, which requires the resources below:
The current private cloud has 30 vCPUs and 512GB RAM available. The company is looking for a quick solution to launch this application, with expected maximum sessions to be close to 24,000 at launch and an average of approximately 5,000 sessions. Which of the following solutions would help to company accommodate the new workload in the SHORTEST amount of time and with the maximum financial benefits?
A. Configure auto-scaling within the private cloud.
B. Set up cloud bursting for the additional resources.
C. Migrate all workloads to a public cloud provider.
D. Add more capacity to the private cloud.
Selected Answer: B
Question #: 10
Topic #: 1
A cloud administrator is reviewing the authentication and authorization mechanism implemented within the cloud environment. Upon review, the administrator discovers the sales group is part of the finance group, and the sales team members can access the financial application. Single sign-on is also implemented, which makes access much easier. Which of the following access control rules should be changed?
A. Discretionary-based
B. Attribute-based
C. Mandatory-based
D. Role-based
Selected Answer: D
Question #: 11
Topic #: 1
A company developed a product using a cloud provider’s PaaS platform and many of the platform-based components within the application environment. Which of the following would the company MOST likely be concerned about when utilizing a multicloud strategy or migrating to another cloud provider?
A. Licensing
B. Authentication providers
C. Service-level agreement
D. Vendor lock-in
Selected Answer: D
Question #: 12
Topic #: 1
A systems administrator is trying to establish an RDP session from a desktop to a server in the cloud. However, the connection appears to be refused even through the VM is responding to ICMP echo requests. Which of the following should the administrator check FIRST?
A. The firewall
B. The subnet
C. The gateway
D. The services
Selected Answer: A
Question #: 13
Topic #: 1
Which of the following would be the BEST option for discussion of what individuals should do in an incident response or disaster recovery scenario?
A. A business continuity plan
B. Incident response/disaster recovery documentation
C. A tabletop exercise
D. A root cause analysis
Selected Answer: C
Question #: 14
Topic #: 1
A systems administrator has migrated an internal application to a public cloud. The new web server is running under a TLS connection and has the same TLS certificate as the internal application that is deployed. However, the IT department reports that only internal users who are using new versions of the OSs are able to load the application home page. Which of the following is the MOST likely cause of the issue?
A. The local firewall from older OSs is not allowing outbound connections.
B. The local firewall from older OSs is not allowing inbound connections.
C. The cloud web server is using a self-signed certificate that is not supported by older browsers.
D. The cloud web server is using strong ciphers that are not supported by older browsers.
Selected Answer: C
Question #: 15
Topic #: 1
A systems administrator is configuring RAID for a new server. This server will host files for users and replicate to an identical server. While redundancy is necessary, the most important need is to maximize storage. Which of the following RAID types should the administrator choose?
A. 5
B. 6
C. 10
D. 50
Selected Answer: A
Question #: 16
Topic #: 1
A cloud architect is designing the VPCs for a new hybrid cloud deployment. The business requires the following:
✑ High availability
✑ Horizontal auto-scaling
✑ 60 nodes peak capacity per region
✑ Five reserved network IP addresses per subnet
✑ /24 range
Which of the following would BEST meet the above requirements?
A. Create two /25 subnets in different regions.
B. Create three /25 subnets in different regions.
C. Create two /26 subnets in different regions.
D. Create three /26 subnets in different regions.
E. Create two /27 subnets in different regions.
F. Create three /27 subnets in different regions.
Selected Answer: B
Question #: 17
Topic #: 1
A company recently experienced a power outage that lasted 30 minutes. During this time, a whole rack of servers was inaccessible, even though the servers did not lose power. Which of the following should be investigated FIRST?
A. Server power
B. Rack power
C. Switch power
D. SAN power
Selected Answer: C
Question #: 18
Topic #: 1
A cloud provider wants to make sure consumers are utilizing its IaaS platform but prevent them from installing a hypervisor on the server. Which of the following will help the cloud provider secure the environment and limit consumers’ activity?
A. Patch management
B. Hardening
C. Scaling
D. Log and event monitoring
Selected Answer: B
Question #: 19
Topic #: 1
A resource pool in a cloud tenant has 90 GB of memory and 120 cores. The cloud administrator needs to maintain a 30% buffer for resources for optimal performance of the hypervisor. Which of the following would allow for the maximum number of two-core machines with equal memory?
A. 30 VMs, 3GB of memory
B. 40 VMs, 1,5GB of memory
C. 45 VMs, 2 GB of memory
D. 60 VMs, 1 GB of memory
Selected Answer: B
Question #: 20
Topic #: 1
A company that utilizes an IaaS service provider has contracted with a vendor to perform a penetration test on its environment. The vendor is able to exploit the virtualization layer and obtain access to other instances within the cloud provider’s environment that do not belong to the company. Which of the following BEST describes this attack?
A. VM escape
B. Directory traversal
C. Buffer overflow
D. Heap spraying
Selected Answer: A
Question #: 21
Topic #: 1
A systems administrator is troubleshooting network throughput issues following a deployment. The network is currently being overwhelmed by the amount of traffic between the database and the web servers in the environment. Which of the following should the administrator do to resolve this issue?
A. Set up affinity rules to keep web and database servers on the same hypervisor.
B. Enable jumbo frames on the gateway.
C. Move the web and database servers onto the same VXLAN.
D. Move the servers onto thick-provisioned storage.
Selected Answer: C
Question #: 22
Topic #: 1
An update is being deployed to a web application, and a systems administrator notices the cloud SQL database has stopped running. The VM is responding to pings, and there were not any configuration changes scheduled for the VM. Which of the following should the administrator check NEXT?
A. Logs on the VM
B. Firewall on the VM
C. Memory on the VM
D. vGPU performance on the VM
Selected Answer: A
Question #: 23
Topic #: 1
A company is concerned about the security of its data repository that contains customer PII. A systems administrator is asked to deploy a security control that will prevent the exfiltration of such data. Which of the following should the systems administrator implement?
A. DLP
B. WAF
C. FIM
D. ADC
Selected Answer: A
Question #: 24
Topic #: 1
An engineer is responsible for configuring a new firewall solution that will be deployed in a new public cloud environment. All traffic must pass through the firewall.
The SLA for the firewall is 99.999%. Which of the following should be deployed?
A. Two load balancers behind a single firewall
B. Firewalls in a blue-green configuration
C. Two firewalls in a HA configuration
D. A web application firewall
Selected Answer: C
Question #: 25
Topic #: 1
After a hardware upgrade on a private cloud system, the systems administrator notices a considerable drop in network performance. Which of the following is
MOST likely the cause?
A. The driver
B. The memory
C. The cluster placement
D. The CPU
Selected Answer: A
Question #: 26
Topic #: 1
A systems administrator is trying to reduce storage consumption. Which of the following file types would benefit the MOST from compression?
A. System files
B. User backups
C. Relational database
D. Mail database
Selected Answer: C
Question #: 27
Topic #: 1
A technician just received the lessons learned from some recent data that was lost due to an on-premises file-server crash. The action point is to change the backup strategy to minimize manual intervention. Which of the following is the BEST approach for the technician to implement?
A. Backup as a service
B. RAID 1
C. Long-term storage
D. New backup devices
Selected Answer: A
Question #: 28
Topic #: 1
A marketing team is using a SaaS-based service to send emails to large groups of potential customers. The internally managed CRM system is configured to generate a list of target customers automatically on a weekly basis, and then use that list to send emails to each customer as part of a marketing campaign. Last week, the first email campaign sent emails successfully to 3,000 potential customers. This week, the email campaign attempted to send out 50,000 emails, but only 10,000 were sent. Which of the following is the MOST likely reason for not sending all the emails?
A. API request limit
B. Incorrect billing account
C. Misconfigured auto-scaling
D. Bandwidth limitation
Selected Answer: A
Question #: 29
Topic #: 1
A developer is no longer able to access a public cloud API deployment, which was working ten minutes prior. Which of the following is MOST likely the cause?
A. API provider rate limiting
B. Invalid API token
C. Depleted network bandwidth
D. Invalid API request
Selected Answer: B
Question #: 30
Topic #: 1
A support engineer wants to prevent users from running malware on several IaaS compute instances. Which of the following will BEST achieve this objective?
A. Encrypt all applications that users should not access.
B. Set the execute filesystem permissions on the desired applications only.
C. Implement an application whitelisting policy.
D. Disable file sharing on the instance.
Selected Answer: C
Question #: 31
Topic #: 1
A cloud administrator is reviewing the annual contracts for all hosted solutions. Upon review of the contract for the hosted mail solution, the administrator notes the monthly subscription rate has increased every year. The provider has been in place for ten years, and there is a large amount of data being hosted. Which of the following is a barrier to switching providers?
A. Service-level agreement
B. Vendor lock-in
C. Memorandum of understanding
D. Encrypted data
Selected Answer: B
Question #: 32
Topic #: 1
A systems administrator is creating a VM and wants to ensure disk space is not allocated to the VM until it is needed. Which of the following techniques should the administrator use to ensure this?
A. Deduplication
B. Thin provisioning
C. Software-defined storage
D. iSCSI storage
Selected Answer: B
Question #: 33
Topic #: 1
After accidentally uploading a password for an IAM user in plain text, which of the following should a cloud administrator do FIRST? (Choose two.)
A. Identify the resources that are accessible to the affected IAM user.
B. Remove the published plain-text password.
C. Notify users that a data breach has occurred.
D. Change the affected IAM user’s password.
E. Delete the affected IAM user.
Selected Answer: D
Question #: 34
Topic #: 1
A cloud administrator has deployed a new VM. The VM cannot access the Internet or the VMs on any other subnet. The administrator runs a network command and sees the following output:
The new VM can access another VM at 172.16.31.39. The administrator has verified the IP address is correct. Which of the following is the MOST likely cause of the connectivity issue?
A. A missing static route
B. A duplicate IP on the network
C. Firewall issues
D. The wrong gateway
Selected Answer: D
Question #: 35
Topic #: 1
A company is switching from one cloud provider to another and needs to complete the migration as quickly as possible. Which of the following is the MOST important consideration to ensure a seamless migration?
A. The cost of the environment
B. The I/O of the storage
C. Feature compatibility
D. Network utilization
Selected Answer: C
Question #: 36
Topic #: 1
A systems administrator disabled TLS 1.0 and 1.1, as well as RC4, 3DES, and AES-128 ciphers for TLS 1.2, on a web server. A client now reports being unable to access the web server, but the administrator verifies that the server is online, the web service is running, and other users can reach the server as well. Which of the following should the administrator recommend the user to do FIRST?
A. Disable antivirus/anti-malware software.
B. Turn off the software firewall.
C. Establish a VPN tunnel between the computer and the web server.
D. Update the web browser to the latest version.
Selected Answer: D
Question #: 37
Topic #: 1
A cloud administrator has finished setting up an application that will use RDP to connect. During testing, users experience a connection timeout error. Which of the following will MOST likely solve the issue?
A. Checking user passwords
B. Configuring QoS rules
C. Enforcing TLS authentication
D. Opening TCP port 3389
Selected Answer: D
Question #: 38
Topic #: 1
A company just successfully completed a DR test and is ready to shut down its DR site and resume normal operations. Which of the following actions should the cloud administrator take FIRST?
A. Initiate a failover.
B. Restore backups.
C. Configure the network.
D. Perform a failback.
Selected Answer: D
Question #: 39
Topic #: 1
An IaaS application has a two-hour RTO and four-hour RPO. The application takes one hour to back up its data or restore from a local backup file. A systems administrator is tasked with configuring the backup policy. Which of the following should the administrator configure to achieve the application requirements with the LEAST cost?
A. Back up to long-term storage every night.
B. Back up to object storage every three hours.
C. Back up to long-term storage every four hours.
D. Back up to object storage every hour.
Selected Answer: B
Question #: 40
Topic #: 1
A systems administrator is troubleshooting performance issues with a Windows VDI environment. Users have reported that VDI performance has been slow since the images were upgraded from Windows 7 to Windows 10. This VDI environment is used to run simple tasks, such as Microsoft Office. The administrator investigates the virtual machines and finds the following settings:
✑ 4 vCPU
✑ 16GB RAM
✑ 10Gb networking
✑ 256MB frame buffer
Which of the following MOST likely needs to be upgraded?
A. vRAM
B. vCPU
C. vGPU
D. vNIC
Selected Answer: C
Question #: 41
Topic #: 1
An IaaS provider has numerous devices and services that are commissioned and decommissioned automatically on an ongoing basis. The cloud administrator needs to implement a solution that will help reduce administrative overhead. Which of the following will accomplish this task?
A. IPAM
B. NAC
C. NTP
D. DNS
Selected Answer: A
Question #: 42
Topic #: 1
An organization’s web server farm, which is hosted in the cloud with DNS load balancing, is experiencing a spike in network traffic. This has caused an outage of the organization’s web server infrastructure. Which of the following should be implemented to prevent this in the future as a mitigation method?
A. Enable DLP.
B. Configure microsegmentation.
C. Enable DNSSEC.
D. Deploy a vADC appliance.
Selected Answer: D
Question #: 43
Topic #: 1
A vendor is installing a new retail store management application for a customer. The application license ensures software costs are low when the application is not being used, but costs go up when use is higher. Which of the following licensing models is MOST likely being used?
A. Socket-based
B. Core-based
C. Subscription
D. Volume-based
Selected Answer: C
Question #: 44
Topic #: 1
A systems administrator in a large enterprise needs to alter the configuration of one of the finance department’s database servers. Which of the following should the administrator perform FIRST?
A. Capacity planning
B. Change management
C. Backups
D. Patching
Selected Answer: B
Question #: 45
Topic #: 1
A database analyst reports it takes two hours to perform a scheduled job after onboarding 10,000 new users to the system. The analyst made no changes to the scheduled job before or after onboarding the users. The database is hosted in an IaaS instance on a cloud provider. Which of the following should the cloud administrator evaluate to troubleshoot the performance of the job?
A. The IaaS compute configurations, the capacity trend analysis reports, and the storage IOPS
B. The hypervisor logs, the memory utilization of the hypervisor host, and the network throughput of the hypervisor
C. The scheduled job logs for successes and failures, the time taken to execute the job, and the job schedule
D. Migrating from IaaS to on premises, the network traffic between on-premises users and the IaaS instance, and the CPU utilization of the hypervisor host
Selected Answer: A
Question #: 46
Topic #: 1
A systems administrator is reviewing two CPU models for a cloud deployment. Both CPUs have the same number of cores/threads and run at the same clock speed. Which of the following will BEST identify the CPU with more computational power?
A. Simultaneous multithreading
B. Bus speed
C. L3 cache
D. Instructions per cycle
Selected Answer: D
Question #: 47
Topic #: 1
A systems administrator is building a new visualization cluster. The cluster consists of five virtual hosts, which each have flash and spinning disks. This storage is shared among all the virtual hosts, where a virtual machine running on one host may store data on another host. This is an example of:
A. a storage area network.
B. a network file system.
C. hyperconverged storage.
D. thick-provisioned disks.
Selected Answer: C
Question #: 48
Topic #: 1
A VDI administrator has received reports of poor application performance. Which of the following should the administrator troubleshoot FIRST?
A. The network environment
B. Container resources
C. Client devices
D. Server resources
Selected Answer: D
Question #: 49
Topic #: 1
A company has developed a cloud-ready application. Before deployment, an administrator needs to select a deployment technology that provides a high level of portability and is lightweight in terms of footprint and resource requirements. Which of the following solutions will be BEST to help the administrator achieve the requirements?
A. Containers
B. Infrastructure as a code
C. Desktop virtualization
D. Virtual machines
Selected Answer: A
Question #: 50
Topic #: 1
A systems administrator is deploying a VM and would like to minimize storage utilization by ensuring the VM uses only the storage if needs. Which of the following will BEST achieve this goal?
A. Compression
B. Deduplication
C. RAID
D. Thin provisioning
Selected Answer: D
