CV0-003: CompTIA Cloud+ Topic 4
Question #: 151
Topic #: 1
A systems administrator is performing an OS upgrade on a production VM. Which of the following actions should the administrator take before the upgrade to ensure the FASTEST recovery of the system in case the upgrade fails in an unrecoverable way?
A. Submit the upgrade to the CAB.
B. Perform a full backup.
C. Take a snapshot of the system.
D. Test the upgrade in a preproduction environment.
Selected Answer: C
Question #: 152
Topic #: 1
Users are experiencing slow response times from an intranet website that is hosted on a cloud platform. There is a site-to-site VPN connection to the cloud provider over a link of 100Mbps. Which of the following solutions will resolve the issue the FASTEST?
A. Change the connection to point-to-site VPN.
B. Order a direct link to the provider.
C. Enable quality of service.
D. Upgrade the link to 200Mbps.
Selected Answer: D
Question #: 154
Topic #: 1
An administrator receives a ticket indicating the accounting application is not working. Which of the following should the administrator check FIRST?
A. DHCP
B. Service-level agreement
C. DNS
D. System logs
Selected Answer: D
Question #: 155
Topic #: 1
A company recently adjusted its load-balancer encryption policies to support only TLSv1.3. Soon after the change was made, several customers began reporting they could not access their website. Which of the following is the MOST likely cause of the issue?
A. The certificate is expired.
B. There is a mismatch between the key and the certificate.
C. The customers are using an unsupported OS.
D. The load balancer was misconfigured.
Selected Answer: C
Question #: 156
Topic #: 1
A cloud architect is reviewing the design for a new cloud-based ERP solution. The solution consists of eight servers with a single network interface. The allocated
IP range is 172.16.0.0/28. One of the requirements of the solution is that it must be able to handle the potential addition of 16 new servers to the environment.
Because of the complexity of the firewall and related ACL requirements, these new servers will need to be in the same network range. Which of the following changes would allow for the potential server addition?
A. Change the IP address range to use a 10.0.0.0 address.
B. Change the server template to add network interfaces.
C. Change the subnet mask to use a 255.255.255.128 range.
D. Change the server scaling configuration to increase the maximum limit.
Selected Answer: C
Question #: 157
Topic #: 1
An organization is required to set a custom registry key on the guest operating system. Which of the following should the organization implement to facilitate this requirement?
A. A configuration management solution
B. A log and event monitoring solution
C. A file integrity check solution
D. An operating system ACL
Selected Answer: A
Question #: 158
Topic #: 1
A systems administrator wants the VMs on the hypervisor to share CPU resources on the same core when feasible. Which of the following will BEST achieve this goal?
A. Configure CPU passthrough.
B. Oversubscribe CPU resources.
C. Switch from a Type 1 to a Type 2 hypervisor.
D. Increase instructions per cycle.
E. Enable simultaneous multithreading.
Selected Answer: E
Question #: 159
Topic #: 1
A systems administrator needs to implement a security control that will prevent unknown malware from infecting a system in case the antivirus solution fails. Which of the following should the administrator implement?
A. A software whitelist
B. File integrity monitoring
C. A host-based IDS
D. Hardened baselines
Selected Answer: B
Question #: 160
Topic #: 1
A cloud administrator is setting up a DR site on a different zone of the same CSP. The application servers are replicated using the VM replication, and the database replication is set up using log shipping. Upon testing the DR site, the application servers are unable to access the database servers. The administrator has verified the systems are running and are accessible from the CSP portal. Which of the following should the administrator do to fix this issue?
A. Change the database application IP.
B. Create a database cluster between the primary site and the DR site.
C. Update the connection string.
D. Edit the DNS record at the DR site for the application servers.
Selected Answer: C
Question #: 161
Topic #: 1
A company recently subscribed to a SaaS collaboration service for its business users. The company also has an on-premises collaboration solution and would like users to have a seamless experience regardless of the collaboration solution being used. Which of the following should the administrator implement?
A. LDAP
B. WAF
C. VDI
D. SSO
Selected Answer: D
Question #: 162
Topic #: 1
A systems administrator has finished installing monthly updates to servers in a cloud environment. The administrator notices certain portions of the playbooks are no longer functioning. Executing the playbook commands manually on a server does not work as well. There are no other reports of issues. Which of the following is the MOST likely cause of this issue?
A. Change management failure
B. Service overload
C. Patching failure
D. Job validation issues
E. Deprecated features
Selected Answer: E
Question #: 163
Topic #: 1
A systems administrator notices several VMs are constantly ballooning, while the memory usage of several other VMs is significantly lower than their resource allocation. Which of the following will MOST likely solve the issue?
A. Right-sizing
B. Bandwidth increase
C. Cluster placement
D. Storage tiers
Selected Answer: A
Question #: 164
Topic #: 1
The security team for a large corporation is investigating a data breach. The team members are all trying to do the same tasks but are interfering with each other’s work. Which of the following did the team MOST likely forget to implement?
A. Incident type categories
B. A calling tree
C. Change management
D. Roles and responsibilities
Selected Answer: D
Question #: 165
Topic #: 1
A cloud engineer is responsible for managing two cloud environments from different MSPs. The security department would like to inspect all traffic from the two cloud environments. Which of the following network topology solutions should the cloud engineer implement to reduce long-term maintenance?
A. Chain
B. Star
C. Mesh
D. Hub and spoke
Selected Answer: D
Question #: 166
Topic #: 1
A systems administrator is using VMs to deploy a new solution that contains a number of application VMs. Which of the following would provide high availability to the application environment in case of hypervisor failure?
A. Anti-affinity rules
B. Cold migration
C. Live migration
D. Affinity rules
Selected Answer: A
Question #: 167
Topic #: 1
A cloud administrator needs to establish a secure connection between two different locations. Which of the following is the BEST option to implement the secure connection?
A. HTTPS
B. IPSec
C. TLS
D. SSH
Selected Answer: B
Question #: 168
Topic #: 1
A company still has several dedicated servers and wants to migrate them to its private cloud. Which of the following migration methods would be BEST to accomplish this goal?
A. Virtual-to-virtual
B. Storage
C. Cloud-to-cloud
D. Physical-to-virtual
Selected Answer: D
Question #: 169
Topic #: 1
A systems administrator is securing a new email system for a large corporation. The administrator wants to ensure private corporate information is not emailed to external users. Which of the following would be MOST useful to accomplish this task?
A. DLP
B. EDR
C. DNSSEC
D. SPF
Selected Answer: A
Question #: 170
Topic #: 1
A cloud administrator is looking at the company’s cloud services bill for the previous month. The administrator notices on the billing dashboard that certain resources are not being billed to any particular department. Which of the following actions will help correct this billing issue?
A. Check the utilization of the resources.
B. Modify the chargeback details of the consumer.
C. Add the resources to the consumer monitoring group.
D. Modify the tags for all the unmapped resources.
Selected Answer: D
Question #: 171
Topic #: 1
A cloud architect is deploying a web application that contains many large images and will be accessed on two containers. Which of the following will MOST improve the user experience while keeping costs low?
A. Implement web servers in both continents and set up a VPN between the VPCs.
B. Implement web servers on both continents and peer the VPCs.
C. Implement a CDN and offload the images to an object storage.
D. Implement a replica of the entire solution on every continent.
Selected Answer: C
Question #: 172
Topic #: 1
Once a year, a company’s private cloud experiences increased activity. The company has a disaster recovery site that is hosted in a public cloud. To avoid investment in additional hardware, which of the following actions would BEST address this issue?
A. Configure cloud bursting to spin up new VMs automatically and terminate them when usage is back to normal.
B. Activate the disaster recovery site, and deactivate it when usage is back to normal.
C. Create a new backup site and decommission it when usage is back to normal.
D. Manually add memory and CPU to existing VMs, and remove them when usage is back to normal.
Selected Answer: A
Question #: 173
Topic #: 1
A systems administrator is troubleshooting issues with network slowness. Traffic analysis shows that uplink bandwidth on the core switch is often sustained at
125Mbps due to a
combination of production traffic from other sources. Which of the following would BEST resolve the issue?
A. Turn off the servers that use the most bandwidth.
B. Enable QoS to prioritize production traffic.
C. Increase the buffer size on the core switch.
D. Reboot the core switch.
Selected Answer: B
Question #: 174
Topic #: 1
An enterprise recently upgraded the memory of its on-premises VMs from 8GB to 16GB. However, users are not experiencing any performance benefit. Which of the following is the MOST likely reason?
A. Insufficient memory on the hypervisor
B. Operating system memory limit
C. Memory mismatch error
D. Dynamic memory allocation
Selected Answer: D
Question #: 175
Topic #: 1
A systems administrator is deploying a new virtualized environment. The setup is a three-server cluster with 12 VMs running on each server. While executing a vertical-scaling test of the vCPU on the VMs, the administrator gets an error. Which of the following issues is MOST likely occurring?
A. Compute
B. Storage
C. Licensing
D. Scripts
Selected Answer: A
Question #: 176
Topic #: 1
A company would like to migrate its current on-premises workloads to the public cloud. The current platform requires at least 80 instances running at all times to work properly. The company wants the workload to be highly available, even if the cloud provider loses one region due to a catastrophe, and the costs to be kept to a minimum. Which of the following strategies should the company implement?
A. Create /25 subnets in two regions and run 80 instances on each one.
B. Create /26 subnets in two regions and run 40 instances on each one.
C. Create /26 subnets in three regions and run 40 instances on each one.
D. Create /26 subnets in three regions and run 80 instances on each one.
Selected Answer: C
Question #: 177
Topic #: 1
A web application has been configured to use auto-scaling for provisioning and deprovisioning more VMs according to the workload. The systems administrator deployed a new Cl/CD tool to automate new releases of the web application. During the night, a script was deployed and configured to be executed by the VMs during bootstrapping. Now, the auto-scaling configuration is creating a new VM every five minutes. Which of the following actions will MOST likely resolve the issue?
A. Reducing the maximum threshold in the auto-scaling configuration
B. Debugging the script and redeploying it
C. Changing the automation tool because it is incompatible
D. Modifying the script to shut down the VM after five minutes
Selected Answer: B
Question #: 178
Topic #: 1
A systems administrator is troubleshooting an application that is configured to auto-scale with a minimum of two nodes and a maximum of four. The application will scale out if the CPU utilization of one of the nodes exceeds 80% for more than five minutes and will scale in if the CPU utilization of one of the nodes drops under
20% for more than ten minutes. There is a reverse proxy in front of the application. The systems administrator notices two of the nodes are often running over 80% for a long period of time, which is triggering the creation of the other two nodes; however, they are being created and terminated while the load in the first two remains over 50% all the time. Which of the following should the administrator configure to fix this issue?
A. Disable DNS caching in the reverse proxy.
B. Reduce the minimum node count to one.
C. Disable TLS tickets.
D. Reduce the scale-out rule to 50%.
E. Increase the scale-in rule to 50%.
Selected Answer: A
Question #: 179
Topic #: 1
Over the last couple of years, the growth of a company has required a more complex DNS and DHCP environment. Which of the following should a systems administration team implement as an appropriate solution to simplify management?
A. IPAM
B. DoH
C. VLAN
D. SDN
Selected Answer: A
Question #: 180
Topic #: 1
A financial industry services firm was the victim of an internal data breach, and the perpetrator was a member of the company’s development team. During the investigation. one of the security administrators accidentally deleted the perpetrator’s user data. Even though the data is recoverable, which of the following has been violated?
A. Chain of custody
B. Evidence acquisition
C. Containment
D. Root cause analysis
Selected Answer: A
Question #: 181
Topic #: 1
After initial stress testing showed that a platform performed well with the specification of a single 32 vCPU node, which of the following will provide the desired service with the LOWEST cost and downtime?
A. One 32 vCPU node with CDN caching
B. Two 8 vCPU nodes with load balancing
C. Three to six 8 vCPU nodes autoscaling group
D. Four 8 vCPU nodes with DNS round robin
Selected Answer: C
Question #: 182
Topic #: 1
A company has hired a security firm to perform a vulnerability assessment of its environment. In the first phase, an engineer needs to scan the network services exposed by the hosts. Which of the following will help achieve this with the LEAST privileges?
A. An agent-based scan
B. A credentialed scan
C. A network-based scan
D. An application scan
Selected Answer: C
Question #: 183
Topic #: 1
A local bank has all of its infrastructure in the cloud. An update was applied to the main database server at 5:00 a.m. on Monday morning, and the database was then corrupted and unusable. It had to be restored from backup. The last backup was taken the night before at 10:00 p.m. The database was then restored successfully, but seven hours’ worth of data was lost, which is deemed unacceptable. Which of the following needs to be updated in the DR plan?
A. Recovery point objective
B. Statement of work
C. Service-level agreement
D. Recovery time objective
Selected Answer: A
Question #: 184
Topic #: 1
A systems administrator needs to migrate email services to the cloud model that requires the least amount of administrative effort. Which of the following should the administrator select?
A. DBaaS
B. SaaS
C. IaaS
D. PaaS
Selected Answer: B
Question #: 185
Topic #: 1
While investigating network traffic, a cloud administrator discovers the monthly billing has increased substantially. Upon further review, it appears the servers have been compromised, and sensitive files have been exfiltrated. Which of the following can be implemented to maintain data confidentiality?
A. Hardening
B. IAM
C. Encryption
D. IPSec
Selected Answer: C
Question #: 186
Topic #: 1
A cloud administrator is monitoring a database system and notices an unusual increase in the read operations, which is causing a heavy load in the system. The system is using a relational database and is running in a VM. Which of the following should the administrator do to resolve the issue with minimal architectural changes?
A. Migrate the relational database to a NoSQL database
B. Use a cache system to store reading operations
C. Create a secondary standby database instance
D. Implement the database system using a DBaaS
Selected Answer: B
Question #: 187
Topic #: 1
A financial services company is considering its options for moving its infrastructure to the cloud. The company runs its critical database on a proprietary legacy mainframe, which cannot be hosted anywhere but in the data center. However, the company would like to migrate portions of the infrastructure to an external provider. Which of the following cloud deployment models would be the BEST option?
A. Private
B. Public
C. Community
D. Hybrid
Selected Answer: D
Question #: 188
Topic #: 1
A storage administrator is reviewing the storage consumption of a SAN appliance that is running a VDI environment. Which of the following features should the administrator implement to BEST reduce the storage consumption of the SAN?
A. Deduplication
B. Thick provisioning
C. Compression
D. SDS
Selected Answer: A
Question #: 189
Topic #: 1
A company is deploying a public cloud solution for an existing application using lift and shift. The requirements for the applications are scalability and external access. Which of the following should the company implement? (Choose two.)
A. A load balancer
B. SDN
C. A firewall
D. SR-IOV
E. Storage replication
F. A VPN
Selected Answer: AF
Question #: 190
Topic #: 1
A systems administrator is concerned about having two virtual database servers on the same host. Which of the following should be configured?
A. Regions
B. Anti-affinity
C. Oversubscription
D. Container
Selected Answer: B
Question #: 191
Topic #: 1
A production engineer is configuring a new application, which is running in containers, that requires access to a database. Which of the following methods will allow the application to authenticate to the database in the MOST secure way?
A. Store the credentials in a variable on every worker node
B. Store the credentials on a shared volume using whole-disk encryption
C. Store the credentials in a configuration file using SHA-256 inside the container image
D. Store the credentials using the orchestrator secret manager
Selected Answer: D
Question #: 192
Topic #: 1
An organization has a public-facing API that is hosted on a cloud provider. The API performs slowly at times. Which of the following technologies should the cloud administrator apply to provide speed acceleration and a secure connection?
A. WAF
B. EDR
C. IDS
D. HIPS
E. SSL
Selected Answer: E
Question #: 193
Topic #: 1
A cloud administrator configured a local cloud-resource pool lo offer 64GB of memory, 64 cores, and 640GB of storage. Thirty-two machines with identical resource allocations are started. but one machine is unable to handle requests. Which of the following is the MOST likely cause?
A. Insufficient guest bandwidth
B. Overwhelmed vCPU
C. A storage error on the guest
D. Incorrect VLAN assignment
E. Inadequate memory allocation
Selected Answer: E
Question #: 194
Topic #: 1
A cloud engineer is performing updates to an application and needs to gracefully stop any new transactions from processing before the updates can be applied. Which of the following steps should the engineer take?
A. Enable maintenance mode from the application dashboard
B. Wait until after business hours to conduct the change when the system is not in use
C. Run a kill command on the system to stop the application services
D. Use a load balancer to redirect traffic to other systems serving the application
Selected Answer: D
Question #: 195
Topic #: 1
A company wants to move to a multicloud environment and utilize the technology that provides the most portability. Which of the following technology solutions would BEST meet the company’s needs?
A. Bootstrap
B. Virtual machines
C. Clusters
D. Containers
Selected Answer: D
Question #: 196
Topic #: 1
A DevOps administrator is building a new application slack in a private cloud. This application will store sensitive information and be accessible from the internet. Which of the following would be MOST useful in maintaining confidentiality?
A. NAC
B. IDS
C. DLP
D. EDR
Selected Answer: C
Question #: 197
Topic #: 1
An administrator needs to back up all the data from each VM daily while also saving space. Which of the following backup types will BEST fit this scenario?
A. Differential
B. Incremental
C. Synthetic full
D. Full
Selected Answer: B
Question #: 198
Topic #: 1
A systems administrator is setting up a backup solution to follow the 3-2-1 policy. Currently, the solution is set to back up from the servers to an on-site storage server. Which of the following should the administrator configure to comply with the 3-2-1 policy?
A. Weekly lull backups, with daily incremental backups
B. A second on-site storage server for backups
C. Storage snapshots
D. An off-site storage server for backups
Selected Answer: D
Question #: 199
Topic #: 1
A systems administrator deployed a new application release to the green stack of a blue-green infrastructure model and made the green stack primary. Immediately afterward, users began reporting application issues. The systems administrator must take action to bring the service online as quickly as possible. Which of the following is the FASTEST way to restore the service?
A. Reboot all the servers in the green stack
B. Failback to the blue stack
C. Restore from backups
D. Troubleshoot and resolve the application issues
Selected Answer: B
Question #: 200
Topic #: 1
A systems administrator is asked to implement a new three-host cluster. The cloud architect specifies this should be a testing environment, and the budget is limited. The estimated resource consumption for each application is as follows:
A. • Three public cloud hosts with four cores
• 120GB of RAM
• 100GB of storage
• 1Gbps
B. • Three public cloud hosts with six cores
• 80GB of RAM
• 180GB of storage
• 150Mbps
C. • Three public cloud hosts with six cores
• 80GB of RAM
• 1TB of storage
• 200Mbps
D. • Four public cloud hosts with four cores
• 140GB of RAM
• 200GB of storage
Selected Answer: B
