Online Free Questions for CompTIA CV0-002 Exam

11. Since the hypervisors were upgraded to the latest version, each new deployment results in an error being displayed at the orchestrator.

To troubleshoot the issue, which of the following should be done FIRST?

12. A company moves all core applications to the public cloud. However, the lead time from business request to delivery is longer than before the migration.

Which of the following should help address the issue?

13. A software solution must be deployed based on the most granular access level.

Which of the following methods should be used to meet the requirements?

14. A cloud-based web proxy is blocking key sites that a business requires for operation. After validation, the sites are legitimate, and access is required for end users to complete their work.

Which of the following is the BEST solution to allow access to the sites?

15. A CSA needs to apply new OS security patches to the application cluster server farm in a

public cloud provider. The CSA wants to ensure the security patch and configuration are consistent for all members of the server farm.

Which of the following deployment practices is the BEST approach to do this?

16. Which of the following would be appropriate when considering inbound access security for a web-based SaaS solution?

17. A company’s Chief Information Officer (CIO) wants to manage PII by delegating access to sensitive files to the human resources department. The cloud engineer is tasked with selecting and implementing an appropriate technique to achieve the stated objective.

Which of the following control methods would be BEST for the cloud engineer to implement?

18. Following is a sample result from a recently completed load test.





Based on the information provided, which of the following would be the BEST recommendation?

19. A company wants to leverage a SaaS provider for its back-office services, and security is paramount.

Which of the following solutions should a cloud engineer deploy to BEST meet the security requirements?

20. A critical new security update has been released to fix an identified zero-day vulnerability with the SSH server process. Due to its severity, all development and staging servers must have this update applied immediately.

Which of the following is the FASTEST way for the administrator to apply the patch and ensure all systems are configured consistently?

21. A cloud architect created a new delivery controller for a large VM farm to scale up according to organizational needs. The old and new delivery controllers now form a cluster. However, the new delivery controller returns an error when entering the license code.

Which of the following is the MOST likely cause?

22. Which of the following provides the BEST approach for deploying multiple new firewalls into an IaaS cloud environment with minimal errors?

23. A user has submitted a ticket to request additional VMs due to long wait times for online ordering.

Given the snapshot of the resources in the table below:





Which of the following is the BEST option for the administrator to resolve the ticket?

24. There has been a change in requirements for two countries where PCI virtual instances exist. As such three virtual instances need to be added in both countries’ PCI environments, and two instances need to be removed.

Which of the following is the BEST way to ensure compliance is met in those two countries?

25. A company is in the process of evaluating cloud service providers, as it is planning to move all of its onpremises IT services to the cloud. Most of the applications are mission critical with four 9s and five 9s uptime. The area where the company is located is also prone to natural disasters. One of the main requirements is that IT services need to survive local outages as well as regional outages. One of the company’s main customers is a government entity.

Which of the following is the BEST way for a cloud engineer to address these requirements?

26. A file server is being migrated from physical hardware into a private cloud. Baselining of the server shows the disks average 90% full at all times. The contents of the file server consist mostly of compressed audio files. Multiple copies of the same files are often saved in different locations on the same disk.

Which of the following storage technologies is MOST likely to help minimize storage utilization when moving this server to the private cloud?

27. A cloud administrator needs to configure multiple web servers to participate actively in workload processing.

Which of the following will BEST help the administrator achieve this goal?

28. A cloud administrator is managing two private cloud environments. In cloud A, the disaster recovery solution has an SLA for RPO of five minutes and RTO of one hour. In cloud B, the disaster recovery solution has an SLA for RPO of one hour and RTO of 24 hours. A new customer’s application requires that, in case of a disaster, no more than 15 minutes of data can be lost, and it should be fully recovered within one day.

Which of the following would be the BEST approach to this application?

29. A company needs to extend its on-premises private cloud to an external cloud provider to meet the needs of additional storage and database services. The cloud architect also needs to implement a technique to meet data-in-transit requirements.

Which of the following is the BEST design to meet the company’s needs?

30. Given the IaaS cloud service model, at which of the following layers of the platform does micro segmentation BEST apply?

31. A cloud engineer is provisioning a group of servers in a public cloud using a template. The template uses a custom image that includes all the hardening minimum security standards approved by the cybersecurity department. The image is more than 30 days old and is updated on a quarterly basis.

Before deploying the servers in production, the cloud engineer should:

32. A multinational corporation is moving its worldwide cloud presence to a single region, which is called Region A. An administrator attempts to use a workflow, which was previously used to deploy VMs to Region E in the new Region A environment, and receives the following error: Invalid character set.

Which of the following is the MOST likely cause of the error?

33. A programmer is building a new web application for a client's public cloud infrastructure. The client has requested that the web application stay available even in the event of a regional outage at the cloud provider.

Which of the following would BEST address these availability requirements?

34. A company has an SLA of 15ms for storage latency.





Given the above metrics, which of the following is the MOST appropriate change to the environment?

35. Company A recently acquired Company B. A cloud administrator needs to give access to the accounting and time-reporting systems for Company B’s employees. Company A’s employees use a single account to access both systems.

To give access to Company B’s employees, the cloud administrator should:

36. A cloud administrator is integrating account logins with Facebook, LinkedIn, and Twitter for marketing and to increase market presence using social media platforms.

Given this scenario, which of the following components are needed to match these requirements? (Select TWO).

37. The risk and compliance team mandates that all PII should be sent via secure and encrypted channels via webmail.

As the SaaS administrator, which of the following is the BEST method for implementing data governance?

38. Network functions have been virtualized in private cloud space. A number of successful user functionality tests were executed, and a load test was run using less than 100 users. The virtual network element was added into a pool of similar physical and virtual network functions. Each virtual function is licensed to handle 1.2 million subscribers. However, following the pool migration, less than 10% of the users of the virtualized network element are able to browse.

Which of the following is the BEST approach to troubleshoot the issue?

39. A cloud administrator reports a problem with the maximum number of users reached in one of the pools. There are ten VMs in the pool, each with a software capacity to handle ten users. Based on the dashboard metrics, 15% of the incoming new service requests are failing.

Which of the following is the BEST approach to resolve the issue?

40. A company uses SaaS and IaaS solutions from multiple cloud providers. Users report that this requires them to manage and remember multiple user accounts and passwords.

Which of the following solutions should be implemented to fix this issue?

41. A company wants to set up a new department using private cloud resources. The new department needs access to sales and financial data, but it should be prohibited from accessing human resources data.

Which of the following is the BEST option to configure on the virtual (software-defined) network to meet these requirements?

42. Cloud developers are experiencing a delay caused by the static code review before each deployment. The security operator and developer must address the issue without cutting corners with security testing.

Which of the following would BEST address the delay issue?

43. A cloud administrator is given a requirement to maintain a copy of all system logs for seven years. All servers are deployed in a public cloud provider’s environment.

Which of the following is the MOST cost-efficient solution for retaining these logs?

44. A business is demanding faster IT services turnaround from its IT groups. The current lead time between request and delivery is three weeks for a task that would take a competitor two days. An architect is asked to develop a solution to reduce the lead time of the request while ensuring adherence to the company policies.

Which of the following is the BEST approach to achieve the stated objective?

45. After load testing on the QA environment, which showed good performance results with 10,000 users, the new version was installed in the production environment. However, users are reporting performance issues, and there are only 7,000 users currently utilizing the application. The configuration of each environment is shown in the table below.





Which of the following is the MOST likely cause of differing performance in the QA and PROD environments?

46. Last month, a cloud engineer updated all the Linux servers to disallow telnet communication by updating the firewall and uninstalling the application. However, it was recently discovered that three of the servers had the telnet port and application installed and configured.

Which of the following is the BEST way to implement and maintain the change?

47. A cloud provider is evaluating an insider threat. A resource from the company operations team has access to the servers’ virtual disks. This poses a risk that someone could copy and move the virtual server image and have access to the data.

Which of the following solutions would help mitigate this problem?

48. A hospital is leveraging a third-party-hosted, SaaS-based EMRS for all its regional locations. The EMRS will consolidate all existent stand-alone regional systems. All regional systems managers are concerned about the new system availability.

Which of the following should the new EMRS architect do to address the manager’s concerns?

49. Ann, a cloud administrator, is reporting on how the organization has adhered to its marketing of 99.99999% system availability SLA.

Given this scenario, which of the following should Ann include in her report?

50. With increased traffic to a website, several outages have occurred due to a log files filling the root drive of the web servers. An administrator is considering several possible solutions to prevent future outages.

Which of the following techniques is MOST likely to impact server performance if implemented?

51. A VM was successfully tested in a lab environment. As part of the deployment preparation, the image needs to be backed up for use in the multi-rollout accompanied by orchestration templates.

Which of the following should be used to create the image?

52. A cloud administrator is troubleshooting a network issue that was raised after the introduction of a CASB solution. The administrator attempts different ideas during troubleshooting but is unable to resolve the issue.

In which of the following steps of the troubleshooting process is the administrator experiencing an issue?

53. A company is consuming a SaaS solution with a large user base and wants to minimize user management, but also ensure access is as secure as possible.

Which of the following should the cloud administrator select to help meet these requirements? (Choose two.)

54. During peak times, users are unable to access their online wealth management applications in a timely fashion. The online banking application resides in a community cloud environment.

Which of the following explains how the cloud systems administrator should start to resolve this issue?

55. A company wants to implement a public IaaS solution but also wants to address site resiliency challenges.

When selecting an IaaS provider, which of the following should a cloud technician look for within the provider’s capabilities to meet the requirements?

56. An administrator needs to make a file-level backup of a VM before deploying monthly updates. The backup should capture all changes since the last backup but should NOT reset the archive bit on any files.

Which of the following backup types BEST meets these requirements?

57. Several suspicious emails are being reported from end users. Organizational email is hosted by a SaaS provider. Upon investigation, the URL in the email links to a phishing site where users are prompted to enter their domain credentials to reset their passwords.

Which of the following should the cloud administrator do to protect potential account compromise?

58. The outputs of the old and new applications were compared side by side.

Which of the following requirements did the testing plan confirm? (Select two.)

59. A cloud administrator has implemented a cost-savings policy to reduce the number of servers running at a given time. This policy will shut down all servers at 3:30 a.m. and restart them at 8:30 a.m. every morning. The management team has recently communicated that the daily reports are no longer available for the 9:00 a.m. meeting.





Which of the following would be BEST for the administrator to implement?

60. A software development company is building cloud-ready applications and needs to determine the best approach for releasing software.

Which of the following approaches should be used?

61. An e-commerce business recently experienced a two-hour outage from its hosted web service provider. According to the SLA, the business needs to determine how much data can be restored.

On which of the following service-level components should the business focus?

62. Which of the following is the BEST way to ensure accounts in a cloud environment are disabled as soon as they no longer need to be active?

63. A mobile subscriber is experiencing random limited-service outages. Customers report being unable to make calls or browse. The service provider management console is not showing any alarms, errors, or critical logs, but does show a large number of connection request failures.

Which of the following could be the problem?

64. An administrator is using a script to create ten new VMs in a public cloud. The script runs and returns no errors. The administrator confirms that all ten VMs show up in the dashboard, but only the first eight reply to pings.

Which of the following is the MOST likely cause of the issue?

65. A company is migrating some of its consumer-facing services to a cloud provider. The company has been getting more customers since its competitors have gone bankrupt.

Which of the following actions would BEST meet the company’s increased resource needs?

66. A cloud engineer was recently hired at a company. The IT manager has tasked the cloud engineer to perform server maintenance in its public cloud. The cloud engineer is unaware of the process to perform the routine maintenance.

Which of the following should the technician do FIRST?

67. A systems administrator needs to deploy a database that saves a unique ID/hash at the beginning of each block into a private cloud. The administrator needs to maximize storage savings. The administrator has multiple storage policies set.

Which of the following would be the BEST option for this deployment?

68. Ann, a technician, is using a saved workflow to deploy virtual servers. The script worked yesterday but is now returning an authentication error. Ann confirms that she can manually log in with her own account and create a virtual server.

Which of the following is MOST likely causing the error?

69. All the virtual server instances within an organization’s private cloud environment are having trouble logging into the Kerberos realm. Upon investigation, the CSA notices the time stamps are different on the server virtual instances.

Which of the following should be the CSA’s NEXT step to resolve this issue?

70. A company wants to ensure production data is not exposed during a functional and load testing exercise, as it will be the source of the data.

Which of the following techniques should the cloud administrator deploy to ensure testing requirements are met?

71. A company is subcontracting part of a large project to another company. Management wants to ensure that there is a secure way for employees from both companies to share data without exposing internal information to employees at the other company.

Which of the following cloud models BEST serves this purpose?

72. A cloud engineer needs to deploy a new virtual firewall in a private cloud.

Which of the following should the engineer do as a FIRST step?

73. A new service request asks for all members of the finance department to have access to the accounting department’s file server VMs on the private cloud environment.

Which of the following is the MOST efficient way to fulfill this service request?

74. cloud administrator uses a script to automatically restart all the servers running in the public cloud provider environment, which hosts e-commerce applications. The administrator decides to implement the same script for a similar environment that hosts the finance applications. After verifying the script is deployed to the public cloud environment for finance, the administrator schedules a job to run at 9:00 a.m. After 9:00 a.m., the administrator receives a report from the e-commerce team that the application is experiencing outages.

Which of the following should the administrator do to resolve the issue?

75. A cloud administrator was testing a new application on a VM in the private cloud environment with the following requirements:

* Disk IO read latency below 5ms

* Write latency below or equal to 8ms

* Number of IOPS at least 5000

* Overall CPU usage below 80% The test results were:

* Read latency 4ms

* Write latency 800s

* 6000 IOPS

* CPU1 average 75%

* CPU2 average 82%

Which of the following BEST reflects the test results?

76. A cloud administrator has deployed a new web application to a private cloud. The application platform consists of two web servers that communicate to a redundant database back end. The traffic to the web servers is directed by a load balancer appliance. The administrator connects to the website on each of the webservers individually and confirms they are able to log in.

Which of the following aspects of the application has the administrator tested successfully?

77. A cloud administrator is load balancing six VMs on an IaaS cloud service. The organization has an SLA stating the application should be available 99.999% of the time. At present, the six VMs are handling the load from one region and three availability zones. System baselines have confirmed there must be at least six VMs to handle this load.

Given this scenario, which of the following should the administrator recommend to BEST meet these requirements?

78. A company is implementing a launchpad within an existing application that will point to an existing SaaS provider. One of the requirements is the user should not have to log on multiple times. SSO is in place. When the launchpad is used, the user is redirected to SaaS providers as designed, but is asked for login credentials.

Which of the following is the MOST likely cause of this issue?

79. A company recently decided to move some of its servers to a public cloud. The engineer has been invited to attend requirement sessions for moving servers to the cloud. The engineer is tasked with ensuring the servers that are being moved to the cloud are still in compliance, as they were on-premises.

Which of the following should the engineer request during the requirement sessions?

80. A cloud administrator is securing data-at-rest and data-in-transit featured on an IaaS cloud platform. The volume to be secured is mounted storage from the same region and availability zone. The data is transferred via FTP to another Linux server in a secure manner in another availability zone, with the same data-at-rest requirements.

Given this scenario, which of the following security tools, services, and/or protocols would satisfy these requirements in the MOST secure manner? (Choose three.)

81. A cloud service administrator is consuming PaaS services and is performing baseline configuration tests.

Which of the following is part of the PaaS consumer’s responsibility with respect to the baseline confirmation tests?

82. The access control department creates a process to grant elevated administrator privileges for only a certain amount of time for a specific administrator task in an IaaS-hosted VM resource.

Which of the following access control method is used?

83. A company security policy mandates education and training for new employees. The policy must outline acceptable use policies for SaaS applications.

Given these requirements, which of the following security controls is BEST suited?

84. A storage administrator must choose the best replication methodology for storage.

The datacenters are on opposite sides of the country. The RPO is 24 hours.

Replication and customer access use the same connections. Replication should not impact customer access during the day.

Which of the following solutions would BEST meet these requirements?

85. A new version of an e-commerce application was deployed using a standard template configuration of 4 vCPU and 8GB of RAM. The administrator has configured the application to automatically add 4 GB of RAM after 80% utilization of continuous use over a period of time.

Which of the following testing techniques should be used to test this scenario?

86. A company is required to ensure all access to its cloud instance for all users to utilize two-factor authentication.

The QA team confirms all functional requirements successfully test. After deployment, all business users report the two-factor authentication is not enforced while accessing the instance.

Which of the following would be the MOST likely reason the QA team did not catch the issue?

87. A customer wants to remove a user’s access to the SaaS CRM system.

Which of the following methods should be executed FIRST?

88. IaaS users are reporting longer than expected wait times when accessing the virtual file repository. There are more than 2TB of free disk space, and vCPU and vRAM do not reach more than 75% utilization. In which of the following ways should the cloud systems administrator analyze this issue?

89. A recent advertisement campaign has increased traffic to an e-commerce application that is hosted within a public cloud environment. Customers are reporting that it takes too long to load their pages and submit orders. A cloud administrator looks at the metrics from the environment and sees high utilization of the CPU and memory resources. The cloud provider offers several preconfigured sizes for server template: x-small, small, medium, large, x-large, and 2x-large.





Given an expected increase in workload, which of the following is the BEST solution to improve application performance?

90. A consultant is helping a gaming-as-a-service company set up a new cloud. The company recently bought several graphic cards that need to be added to the servers.

Which of the following should the consultant suggest as the MOST cost effective?

91. A technician receives a report of system utilization:





Which of the following additional resources should the technician add FIRST given the trend data shown above?

92. The administrator at a SaaS provider wants to improve security of the systems hosting the SaaS application. The administrator has created a script that monitors malware research sites and automatically creates and uploads signatures when new vulnerabilities are announced.

To which of the following security services is the script MOST likely to upload these signatures?

93. An automation performs the following on a monthly basis:

- Disable accounts that have not logged on in the last 60 days

- Remove firewall rules with zero hits in the last 30 days

- Remove DNS entries that have not been updated in the last 60 days

- Archive all logs that are more than 30 days old

Six weeks after this new automation is implemented, an internal client reports that quarterly replication failover testing has failed.

Which of the following is the MOST likely cause of the failed test?

94. An organization is replacing its internal human resources system with a SaaS-based application. The solution is multi-tenant, and the organization wants to ensure ubiquitous access while preventing password replay attacks.

Which of the following would BEST help to mitigate the risk?

95. A cloud administrator has finished building a virtual server template in a public cloud environment. The administrator is now cloning six servers from that template. Each server is configured with one private IP address and one public IP address. After starting the server instances, the cloud administrator notices that two of the servers do not have a public IP address.

Which of the following is the MOST likely cause?

96. A company's security policy requires full disk encryption on all clients with preboot enabled. The encryption server is hosted, and the requirement is to push an update to all endpoints.

Which of the following is the BEST method to test and apply the update with minimal disruption to end users?

97. A consumer is performing a comparison between different IaaS providers for upcoming cloud migrations.

Which of the following is the MOST appropriate option to make a comparison for the selection process?

98. A cloud administrator runs a maintenance script to remove unused resources. After the maintenance has been performed, users report they can no longer access the application website. The administrator confirms the server is up and responding on the proper ports.

Which of the following cleanup actions MOST likely caused the problem?

99. A company is looking for a hardware feature with the least amount of downtime in terms of firmware upgrades.

Which of the following features BEST meet this requirement?

100. A company changed its policy to have seven-year data retention in the public cloud.

Which of the following would be the MOST cost-effective way to meet retention requirements?

101. A SaaS customer reports that no one can access the application portal. After some troubleshooting, the cloud administrator finds a problem and provides a remedy by restarting the cluster. After documenting the solution, the support case is closed. Multiple tenants lose access to their hosts the following day.

Which of the following troubleshooting steps did the administrator miss?

102. A company is migrating its application to a cloud provider. Six months before going live, a

representative from each stakeholder group validated the functionality and performance in the QA environment and did not identify any issues. After going live, the system response time is slower that the testing environment.

Which of the following is the MOST likely gap in the testing plan?

103. A company has deployed a four-node cluster in a COLO environment with server configurations listed below. The company wants to ensure there is 50% overhead for failover and redundancy. There are currently eight VMs running within the cluster with four vCPUs x32GB each.

The company wants to better utilize its resources within the cluster without compromising failover and redundancy.





Given the information above, which of the following should a cloud administrator do to BEST accommodate failover and redundancy requirements?

104. A cloud engineer recently applied the troubleshooting process for a major connectivity issue.

Which of the following is the FINAL step in the troubleshooting methodology?

105. A company needs to meet the security requirements for PII.

Which of the following cloud service models allows the company to have the MOST control to meet the security requirements?

106. A company has implemented a change management process that allows standard changes during business hours. The company’s private cloud hardware needs firmware updates and supports rolling upgrades.

Which of the following considerations should be given to upgrade firmware and make the change as transparent as possible to users?

107. The InfoSec team has directed compliance database activity monitoring without agents on a hosted database server in the public IaaS.

Which of the following configurations is needed to ensure this requirement is achieved?

108. A cloud-based web store is experiencing poor website performance and unavailability.

Which of the following approaches would prevent the issue without administrator intervention?

109. A cloud architect is tasked with isolating traffic between subnets in an IaaS platform. The networks should be able to statefully communicate with each other.

Given this scenario, which of the following should the architect implement?

110. A cloud administrator configures a new web server for the site https://companyname.com. The administrator installs a wildcard SSL certificate for *.companyname.com. When users attempt to access the site, a certificate error is received.

Which of the following is the MOST likely cause of the error?

111. A company uses its own private cloud, which has few available resources. Mission-critical systems and other information systems are running on it. A new system will be deployed on the private cloud.

The following tests are included in the test plan:

✑ Load test (2h)

✑ Backup/restore test (6h)

✑ Functional test (8h)

✑ Failover test (1h)

The work schedule of the existing system is shown below.





To minimize the effect to the existing system, which of the following schedules is MOST suitable for the load test?

112. A new private cloud platform is being deployed by an engineer. SLA requirements state that any clusters should have a baseline redundancy sufficient to handle the failure of at least two hosts.

The engineer records the following metrics after the deployment:





Which of the following metrics is MOST likely to represent a violation of SLA?

113. A CSA is reviewing the deployment of an e-commerce application in a public cloud provider. The CSA wants to ensure the sizing is optimal to keep the cost of the environment down.

The available server configurations are as follows:





A review of the current system shows the following utilization information:





Which of the following should the CSA implement to ensure the MOST optimal sizing?

114. A rural manufacturing company wants to move all IT services, including the industrial control systems, to the cloud.

Given this scenario, which of the following cloud services elements would be a challenge to the deployment?

115. A technician uses a workflow to create new virtual servers in a private cloud. The workflow reports that the process was successful, but the virtual servers do not appear in the cloud dashboard.

Which of the following is the MOST likely reason the servers were not created?

116. A user cannot consume SaaS services while working remotely. IP whitelisting is implemented to connect to a SaaS provider as a security mechanism.

Which of the following describes the MOST likely reason why the user cannot access the SaaS resources?

117. Email users report that it takes more than one minute to open emails, including those without attachments. There are three email instances in three different regions hosted by the same CSP. Other applications hosted by the same CSP have no reported issues.

Which of the following solutions BEST resolves the issue?

118. An administrator defines a backup as follows:

✑ One weekly full backup

✑ Daily incremental backup

Which of the following BEST describes where the administrator would define this?

119. A company is using storage-as-a-service from an IaaS provider for application services. The company has a mandate to protect personal information being stored on the cloud. The service provided includes encryption for in-transit data and requires a security solution for data-at-rest.

Which of the following should be deployed to secure the personal information?

120. Identify the problematic device(s).



Instructions:

If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.



Simulation

121. After deploying a VM with a baseline CPU utilization below 80%, a cloud engineer notices the current CPU utilization stays in the 95% to 99% range.

Which of the following describes how this should be fixed to BEST meet the baseline?

122. Based on demand, an IaaS provider wants to deploy a security application for its customers.

Which of the following is the BEST technique for the IaaS provider to apply this to target systems?

123. A cloud implementation engineer successfully created a new VM. However, the engineer notices the new VM is not accessible from another network. A ping test works from another VM on the same subnet.

Which of the following is the MOST likely problem?

124. A cloud engineer is deploying a new application to a multicloud platform. After running the script, the engineer sees the VMs were not created on one of the cloud providers. The engineer confirms the proper credentials are being used for all cloud providers and there is available capacity.

Which of the following is the MOST likely cause of the deployment failure?

125. A cloud administrator is receiving alerts that the disk on several systems is 90% full. Upon reviewing the systems, the administrator determines that the log directory is using 50% of the disk. The company has a 14- day retention policy for all logs.

Which of the following is the BEST solution to implement to minimize future alerts?

126. A new startup company is growing and wants to deploy a human resources management system on a private cloud that is only accessible to the human resources department.

Which of the following is the BEST method of access control?

127. A cloud engineer is required to ensure all servers in the cloud environment meet requirements for PCI compliance. One of the requirements is to make certain all administrator logins and commands are logged.

Which of the following is the BEST approach to meet these requirements?

128. In a private cloud environment, which of the following is the BEST way to update 20 VMs with the same patch that has been regression tested and approved for rollout?

129. A cloud administrator for a state government agency is tasked with giving access to the voter registration application to a government agency in another state. Only authorized officials from each state should access the application. These agencies have a common environment where applications have been deployed in the past.

Which of the following should the cloud administrator do to give access to the application?

130. A VM was deleted by mistake today at 11:05 a.m.

Below are the backups currently available for the VM:





Crash-consistent restore is acceptable.

Which of the following backups should be chosen?

131. A mobile subscriber is experiencing random limited-service outages. Customers report being unable to make calls or browse. The service provider management console is not showing any alarms, errors, or critical logs, but does show a large number of connection request failures.

Which of the following could be the problem?

132. A cloud administrator needs to configure multiple web servers to participate actively in workload processing.

Which of the following will BEST help the administrator achieve this goal?

133. A private cloud is using the iSCSI protocol for connection from storage to hypervisors. This connection is not encrypted currently, and the systems administrator is tasked with enabling on-the-fly encryption.

Which of the following technologies should the administrator use?

134. A Big Data analytics company wants to ensure its data is protected at rest.

Which of the following is the BEST hardware-based solution?

135. Joe, a developer, has a virtualization environment consisting of four hosts. Joe needs to configure the environment to be able to place new VMs automatically to the recommended host with more resources.

Which of the following must be enabled on the environment to achieve this?

136. A rural manufacturing company wants to move all IT services, including the industrial control systems, to the cloud.

Given this scenario, which of the following cloud services elements would be a challenge to the deployment?

137. A new service request asks for all members of the finance department to have access to the accounting department’s file server VMs on the private cloud environment.

Which of the following is the MOST efficient way to fulfill this service request?

138. A cloud engineer received a support call indicating web apps running on an IaaS server are unavailable.

The engineer took the following trouble-shooting steps:

- Hypothesized the server outage is considered to be the cause of the problem.

- Performed rollback of applied patches.

- Ensured all web apps are running correctly.

- Documented the incident.

Which of the following troubleshooting methodology steps did the cloud engineer overlook?

139. An administrator is performing a migration of a physical cluster that uses boot from SAN into private cloud. The systems administrator needs to minimize the downtime required.

Which of the following migrations is the BEST option for the systems administrator to use?

140. A VM was successfully tested in a lab environment. As part of the deployment preparation, the image needs to be backed up for use in the multi-rollout accompanied by orchestration templates.

Which of the following should be used to create the image?

141. A company has a private cloud NAC solution in place to prevent unauthorized/non-company assets from connecting to the internal network. A cloud systems administrator cannot add a new physical server to the existing functioning cluster.

Which of the following is the MOST likely cause of this issue?

142. A technician receives a call from Joe, a user, who is unable to log into any of the company’s SaaS application. The applications are provided by multiple vendors. Joe reports his credentials were working previously, and he is able to log into the locally hosted applications with the same credentials.

Which of the following is the MOST likely cause of Joe’s issues?

143. A cloud architect is deploying a VM in a public IaaS cloud. The software that will be installed on the VM is not compatible with any of the OS versions in the system images offered by the IaaS vendor.

Which of the following is the BEST way to deploy a VM with the required OS?

144. Recent feedback from an employee engagement survey stated that users are frustrated with multiple logins to different SaaS providers, and the cloud engineering teams is directed to address this issue and implement a solution. The security policy states that users must access the SaaS from approved IP addresses.

Which of the following is the BEST and most efficient solution to deploy?

145. A service engineer is trying to determine why one of the company’s SaaS solution is no longer available. The internal systems are responding and other online applications using the same SaaS solution are responding as expected.

Which of the following is the MOST common cause of the availability issue?

146. An administrator is creating new severs in a public cloud. The workflow creates and application group with three VMs, one web server, one application server and one database server. The three VMs are all accessible via SSH, but the websites shows a 503-error referring to a database issue.

Which of the following is the MOST likely cause of the error?

147. A customer has indicated that bi-weekly full backups are taking too long to complete.

Which of the following would be the BEST action if minimizing restore time is very important to the customer?

148. A facilities management company uses a private cloud that bursts to a public cloud at times. The CSA is asked to check the amount of storage that is used when the organization is overutilizing on-premises resources.

Which of the following should the CSA check?

149. DRAG DROP

Drag and drop each Disaster Recovery Solution need to the corresponding SLA requirement. Options may be used once or not at all.

150. CORRECT TEXT

The QA team is testing a newly implemented clinical trial management (CTM) SaaS application that uses a business intelligence application for reporting. The UAT users were instructed to use HTTP and HTTPS.

Refer to the application dataflow:

1A C The end user accesses the application through a web browser to enter and view clinical data.

2A C The CTM application server reads/writes data to/from the database server.

1B C The end user accesses the application through a web browser to run reports on clinical data.

2B C The CTM application server makes a SOAP call on a non-privileged port to the BI application server.

3B C The BI application server gets the data from the database server and presents it to the CTM application server.

When UAT users try to access the application using https://ctm.app.com or http://ctm.app.com, they get a message stating: “Browser cannot display the webpage.” The QA team has raised a ticket to troubleshoot the issue.

151. A law firm wants to limit log retention to the minimum required by law and regulation.

Which of the following is the engineer most likely to do FIRST?

152. Cloud developers are experiencing a delay caused by the static code review before each deployment. The security operator and developer must address the issue without cutting corners with security testing.

Which of the following would BEST address the delay issue?

153. All the virtual server instances within an organization’s private cloud environment are having trouble logging into the Kerberos realm. Upon investigation, the CSA notices the time stamps are different on the server virtual instances.

Which of the following should be the CSA’s NEXT step to resolve this issue?

154. A company provides IaaS services.

Which of the following disk provisioning models for creating standard template should the company use to provision virtual instances?

155. Several state and local law enforcement agencies have decided to share information about traffic violations within their state by using a new search application. The state has policies around limiting the exposure of PII, and each local agency must comply with these policies.

Which of the following cloud architecture models would be the BEST approach?

156. A cloud engineer is upgrading a high-performance computing cluster for the private cloud. The existing cluster is being replaced with GPU servers. A single GPU server is capable of the same teraflops output as 10 CPU servers.

The current cluster configuration is as follows:

- 100 quad-core CPU servers capable of producing 100 teraflops.

- The baseline and current usage is 100%.

The new cluster was set up and benchmarked in four different configurations.

Which of the following configurations will meet the baseline teraflops performance of the cluster while maintaining the current usage?

157. A company wants to set up a new department using private cloud resources. The new department needs access to sales and financial data, but it should be prohibited from accessing human resources data.

Which of the following is the BEST option to configure on the virtual (software defined) network to meet these requirements?

158. An engineer is responsible for managing a private cloud environment at a software company. Company developers perform all programming in the cloud environment. There are two departments working on a highly classified product that now requires dedicated resources, which cannot be viewed or accessed by other departments in the cloud environment.

Which of the following should the engineer perform to ensure the requirements are met? (Choose three.)

159. A company is in the process of evaluating cloud service providers, as it is planning to move all of its on-premises IT services to the cloud. Most of the applications are mission critical with four 9s and five 9s uptime. The area where the company is located is also prone to natural disasters. One of the main requirements is that IT services need to survive local outages as well as regional outages. One of the company’s main customers is a government entity.

Which of the following is the BEST way for a cloud engineer to address these requirements?

160. A cloud administrator is troubleshooting a network issue that was raised after the introduction of a CASB solution. The administrator attempts different ideas during troubleshooting but is unable to resolve the issue.

In which of the following steps of the troubleshooting process is the administrator experiencing an issue?

161. A large law firm is migrating all of its systems to the cloud to meet growing business needs. The firm wants to reduce IT staff while maintaining day-to-day operations, such as user provisioning, folder management, and permissions.

Which of the following MUST the cloud provider and cloud customer implement to ensure user non-repudiation?

162. A multinational corporation is moving its worldwide cloud presence to a single region, which is called Region A. An administrator attempts to use a workflow, which was previously used to deploy VMs to Region E in the new Region A environment, and receives the following error: Invalid character set.

Which of the following is the MOST likely cause of the error?

163. An administrator is using a script to create ten new VMs in a public cloud. The script runs and returns no errors. The administrator confirms that all ten VMs show up in the dashboard, but only the first eight reply to pings.

Which of the following is the MOST likely cause of the issue?

164. A company has hired a technician to build a cloud infrastructure for a massively parallel application.

Which of the following should the technician consider doing FIRST?

165. An administrator needs to deploy a new release of an application in a way that allows a quick rollback to the previous version of the application.

Which of the following is the BEST strategy to apply?

166. Below is the output from a troubleshooting activity:

- SaaS application is unavailable to a set of users at a single site.

- WAN connectivity was considered to be the cause of the problem.

- Upon testing, it seemed the WAN connectivity was up, but the default gateway was unreachable from the internal users.

- The faulty switch was replaced to bring up the connectivity.

- The incident was documented.

Based on the methodology, which of the following steps was overlooked during the activity?

167. A production IaaS database server contains PCI data and is a critical business capability. The CAB approved a normal code change release for QA and PROD to occur 30 minutes apart and to last a maximum of one hour. The cloud DBA team is 45 minutes behind schedule, so they miss the start time on QA.

As the cloud DBA, which of the following is the BEST course of action to apply the code change?

168. A customer wants to remove a user’s access to the SaaS CRM system.

Which of the following methods should be executed FIRST?

169. Since the hypervisors were upgraded to the latest version, each new deployment results in an error being displayed at the orchestrator.

To troubleshoot the issue, which of the following should be done FIRST?

170. A company is required to ensure all access to its cloud instance for all users to utilize two-factor authentication. The QA team confirms all functional requirements successfully test. After deployment, all business users report the two-factor authentication is not enforced while accessing the instance.

Which of the following would be the MOST likely reason the QA team did not catch the issue?

171. The IT department receives a client request to build multiple file server instances.

Which of the following is the MOST efficient way for a cloud systems administrator to fulfill this request?

172. A cloud administrator is securing data-at-rest and data-in-transit featured on an IaaS cloud platform. The volume to be secured is mounted storage from the same region and availability zone. The data is transferred via FTP to another Linux server in a secure manner in another availability zone, with the same data-at-rest requirements.

Given this scenario, which of the following security tools, services, and/or protocols would satisfy these requirements in the MOST secure manner? (Choose three.)

173. A company has an internal SLA for CPU and RAM oversubscription that should stay below 120%. Storage utilization should stay below 90% with oversubscription below 160%.

Given the following:





Which of the following should be done to meet the SLA?

174. Company A recently acquired Company B. A cloud administrator needs to give access to the accounting and time-reporting systems for Company B’s employees. Company A’s employees use a single account to access both systems.

To give access to Company B’s employees, the cloud administrator should:

175. A systems administrator created several new VMs on a private cloud and wants to ensure the new baseline still meets corporate guidelines.

The administrator finds the following new load numbers on the hosts:





If corporate policy requires N+1 host capacity, which of the following metrics is MOST likely to present a problem?

176. Which of the following provides the BEST approach for deploying multiple new firewalls into an IaaS cloud environment with minimal errors?

177. A new browser version has been deployed to all users at a company. After the deployment, users report that they can no longer access the company's secure time-card system, which is hosted by a SaaS provider. A technician investigates and discovers a security error is received upon opening the site. If the browser is rolled back to the older version, the site is accessible again.

Which of the following is the MOST likely cause of the security error users are seeing?

178. Identify the correct options to provide adequate configuration for hybrid cloud architecture.



Instructions :

If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.



Simulation

179. DRAG DROP

A hosted file share was infected with CryptoLocker and now root cause analysis needs to be performed. Place the tasks in the correct order according to the troubleshooting methodology.

180. A company is seeking a new backup solution for its virtualized file servers that fits the following characteristics:

- The files stored on the servers are extremely large.

- Existing files receive multiple small changes per day.

- New files are only created once per month.

- All backups are being sent to a cloud repository.

Which of the following would BEST minimize backup size?

181. A company has deployed a four-node cluster in a COLO environment with server configurations listed below. The company wants to ensure there is 50% overhead for failover and redundancy. There are currently eight VMs running within the cluster with four vCPUs x32GB each. The company wants to better utilize its resources within the cluster without compromising failover and redundancy.





Given the information above, which of the following should a cloud administrator do to BEST accommodate failover and redundancy requirements?

182. A courier company has virtualized its packing software application. The CSA needs to confirm the deployment is utilizing the correct amount of CPU per virtual instance.

After confirming the deployment requirements, the CSA should log into the cloud services portal to ensure that:

183. Due to a competitor's unlimited data plan, a service provider is struggling and wants to transform its business services to be more hosting oriented. A cloud architect is tasked to review current cloud resource capacity and provide recommendations and a plan for better resource utilization.

Given the following report:





Which of the following is the BEST option for the architect to suggest?

184. A cloud administrator is receiving alerts that the disk on several systems is 90% full. Upon reviewing the systems, the administrator determines that the log directory is using 50% of the disk. The company has a 14-day retention policy for all logs.

Which of the following is the BEST solution to implement to minimize future alerts?

185. A company purchased a SaaS CRM application. The signed SLA meets year-round performance requirements. Three months after deployment, customers start reporting a slow application response time. System availability, connectivity, and proper functionality still meet the SLA.

Which of the following is MOST likely the reason for the poor response time?

186. A cloud architect created a new delivery controller for a large VM farm to scale up according to organizational needs. The old and new delivery controllers now form a cluster.

However, the new delivery controller returns an error when entering the license code.

Which of the following is the MOST likely cause?

187. A multinational corporation needs to migrate servers, which are supporting a national defense project, to a new datacenter. The data in question is approximately 20GB in size. The engineer on the project is considering datacenters in several countries as possible destinations. All sites in consideration are on a high-speed MPLS network (10Gb+ connections).

Which of the following environmental constraints is MOST likely to rule out a possible site as an option?

188. A cloud administrator is provisioning five VMs, each with a minimum of 8GB of RAM and a varying load throughout the day. The hypervisor has only 32GB of RAM.

Which of the following features should the administrator use?

189. Several SaaS providers support identity federation for authentication.

Which of the following would BEST assist in enabling federation?

190. A company is interested in a DRP. The purpose of the plan is to recover business as soon as possible.

The MOST effective technique is:

191. The outputs of the old and new applications were compared side by side.

Which of the following requirements did the testing plan confirm? (Select two.)

192. A cloud engineer is using a hosted service for aggregating the logs for all the servers in a public cloud environment. Each server is configured via syslog to send its logs to a central location. A new version of the application was recently deployed, and the SaaS server now stops processing logs at noon each day. In reviewing the system logs, the engineer notices the size of the logs has increased by 50% each day.

Which of the following is the MOST likely reason the logs are not being published after noon?

193. A cloud administrator notices one of the servers is using the wrong set of NTP servers. The administrator needs to avoid the same issue in the future but needs to minimize administration resources.

Which of the following tools should a cloud administrator deploy to meet this requirement?

194. The legal department requires eDiscovery of hosted file shares.

To set up access, which of the following is the BEST method to ensure the eDiscovery analyst only has the ability to search but not change configuration or settings?

195. When designing a new private cloud platform, a cloud engineer wants to make sure the new hypervisor can be configured as fast as possible by cloning the OS from the other hypervisor. The engineer does not want to use local drives for the hypervisors.

Which of the following storage types would BEST suit the engineer's needs?

196. A cloud engineer deployed an email server in a public cloud. Users can access the email server, but the emails they send cannot reach their destinations.

Which of the following should the cloud engineer do FIRST?

197. A file server is being migrated from physical hardware into a private cloud. Baselining of the server shows the disks average 90% full at all times. The contents of the file server consist mostly of compressed audio files. Multiple copies of the same files are often saved in different locations on the same disk.

Which of the following storage technologies is MOST likely to help minimize storage utilization when moving this server to the private cloud?

198. A cloud administrator is looking at business requirements that specify the data available at the disaster recovery site must not be more than 24 hours old.

Which of the following metrics correctly relates to these requirements?

199. A cloud implementation engineer successfully created a new VM.

However, the engineer notices the new VM is not accessible from another network. A ping test works from another VM on the same subnet.

Which of the following is the MOST likely problem?

200. A customer wants a cloud systems administrator to adjust the backup schedule after month-end to ensure the data can be restored as fast as possible while minimizing the time needed to perform the backup.

Which of the following backup types should be scheduled?

201. cloud administrator uses a script to automatically restart all the servers running in the public cloud provider environment, which hosts e-commerce applications. The administrator decides to implement the same script for a similar environment that hosts the finance applications. After verifying the script is deployed to the public cloud environment for finance, the administrator schedules a job to run at 9:00 a.m. After 9:00 a.m., the administrator receives a report from the e-commerce team that the application is experiencing outages.

Which of the following should the administrator do to resolve the issue?

202. A critical new security update has been released to fix an identified zero-day vulnerability with the SSH server process. Due to its severity, all development and staging servers must have this update applied immediately.

Which of the following is the FASTEST way for the administrator to apply the patch and ensure all systems are configured consistently?

203. A company wants to take advantage of cloud benefits while retaining control of and maintaining compliance with all its security policy obligations.

Based on the non-functional requirements, which of the following should the company use?

204. An administrator is deploying a new application platform with the following resource utilization:





Company policy requires that no resource utilization surpasses 80%.

Which of the following resources will need to be upgraded prior to deployment?

205. Several suspicious emails are being reported from end users. Organizational email is hosted by a SaaS provider. Upon investigation, the URL in the email links to a phishing site where users are prompted to enter their domain credentials to reset their passwords.

Which of the following should the cloud administrator do to protect potential account compromise?

206. Which of the following is the BEST way to ensure accounts in a cloud environment are disabled as soon as they no longer need to be active?

207. A cloud administrator has deployed a new all-flash storage array with deduplication and compression enabled, and moved some of the VMs into it. The goal was to achieve 4:1 storage efficiency while maintaining sub-millisecond latency.

Which of the following results would BEST suit the requirements?

208. A newly established CSP allows for drive shipping to upload new data into the environment. Sensitive data on 40TB of storage needs to be transferred within one week.

Which of the following is the MOST efficient and secure method for shipment of the data to the CSP with minimal downtime?

209. A manufacturing company's current security policy mandates PII is not stored in the SaaS solution.

Which of the following configuration controls should be used to block sensitive information from being stored in the SaaS solution?

210. A new application with availability SLA requirements of 99.99% has been deployed in a cloud.

For a test spanning a month, which of the following unavailability times would mean the test was successful? (Select TWO).

211. A company's security policy requires full disk encryption on all clients with preboot enabled. The encryption server is hosted, and the requirement is to push an update to all endpoints.

Which of the following is the BEST method to test and apply the update with minimal disruption to end users?

212. A technician receives a report of system utilization:





Which of the following additional resources should the technician add FIRST given the trend data shown above?

213. A cloud architect is tasked with isolating traffic between subnets in an IaaS platform. The networks should be able to statefully communicate with each other.

Given this scenario, which of the following should the architect implement?

214. A cloud administrator is provisioning several user accounts that have administrator rights to assets using JSON within an IaaS cloud platform. The administrator is required to configure "alternate” settings using the API.

Given this scenario, which of the following elements would allow the administrator to meet these requirements in the JSON file?

215. Before doing a change on a VM, a systems administrator wants to ensure there is an easy and fast way to rollback if needed. The change and testing should take approximately two hours.

Which of the following is the EASIEST way to meet this requirement?

216. The CSA needs to install a patch on 58 virtual server instances during the Friday evening maintenance window.

Which of the following is the MOST efficient way to get the patches installed?

217. A recent advertisement campaign has increased traffic to an e-commerce application that is hosted within a public cloud environment. Customers are reporting that it takes too long to load their pages and submit orders. A cloud administrator looks at the metrics from the environment and sees high utilization of the CPU and memory resources. The cloud provider offers several preconfigured sizes for server template: x-small, small, medium, large, x-large, and 2x-large.





Given an expected increase in workload, which of the following is the BEST solution to improve application performance?

218. A company wants to leverage a SaaS provider for its back-office services, and security is paramount.

Which of the following solutions should a cloud engineer deploy to BEST meet the security requirements?

219. A company upgraded a hosted vulnerability scanner to the latest version, and now tickets are not being created to assign critical vulnerabilities. After confirming the ticketing issue, all the scanning services are confirmed to be running on the VM.

Which of the following is the MOST likely cause and best method to fix the issue?

220. A system's application servers need to be patched.

The requirements for maintenance work are as follows:

- System downtime is not allowed.

- The application server in use must be in the sane patch status.

- System performance must be maintained during patching work.

- Testing after patching must be done before the application server is in use.

- If any trouble occurs, recover the previous version in ten minutes.

Which of the following methodologies should be selected?

221. A software development company is building cloud-ready applications and needs to determine the best approach for releasing software.

Which of the following approaches should be used?

222. A customer recently provisioned a new server on the IaaS. The IP address assigned from the pool resolves to another hostname. Some user traffic is being dumped or is causing slowness because of this issue.

Which of the following maintenance activities does the provider need to perform to prevent this issue?