×

Quiz Session - Attempts With Random Questions

CompTIA Cloud Essentials+ Exam Questions

Page 1 of 25

1.

What is a concern regarding vertically scaling up?

  • Cloud computing costs

  • Bandwidth (network performance)

  • Storage consumption

  • Access to available resources

Correct answer: Cloud computing costs

A significant challenge with vertical scaling is the rise in cloud computing costs. While resizing cloud-based virtual machines to add more CPUs and RAM can improve application performance, it can also increase the cost of running the VMs. Scale up only as necessary. Bandwidth, storage consumption, and access to available resources are incorrect. However, they may be of concern to other cloud computing characteristics.

2.

In spite of your private cloud's outstanding effectiveness, it is in desperate need of an upgrade. What would be the BEST way to scale the cloud horizontally?

  • Add more hosts

  • Add RAM to a VM

  • Take away RAM from a VM

  • Add more VMs

Correct answer: Add more hosts

Adding additional hosts is referred to as horizontal scaling, which involves the addition of physical servers.

Adding additional VMs or changing RAM to a VM would merely shift resources without increasing the private cloud's overall size. Vertical scaling is a term that refers to the process of increasing or upgrading resources on a host, such as memory or CPU.

3.

Which type of analysis identifies the current technology configuration of a current solution compared to the desired configuration to efficiently support business processes?

  • Technical gap analysis

  • Business gap analysis

  • PPP gap analysis

  • Cloud needs gap analysis

Correct answer: Technical gap analysis

A technological gap analysis is used to examine whether present information technology solutions adequately fulfill business demands. For example, determining that cloud-based data must be housed in data centers located within national borders. A technical gap analysis compares the current technical configuration of a system to the configuration needed to support business activities efficiently.

4.

Which of the following would best describe the text below? 

{"firstname": "Stephanie"},

{"lastname": "Webb"}

  • JSON 

  • XML

  • SSH 

  • LDAP

Correct answer: JSON

The text is written in JSON. JSON is a data exchange format. JSON uses key value pairs. 

XML, SSH, and LDAP are incorrect. XML uses tags. SSH and LDAP are protocols and not data exchange formats. 

5.

Which type of storage involves a unique identifier rather than a directory path?

  • Object storage

  • File storage

  • Hot storage

  • Cold storage

Correct answer: Object storage

Object storage uses a unique identifier. This is considered a flat storage structure. 

File storage, hot storage, and cold storage are incorrect. File storage uses a directory path. Hot storage is used for quick retrieval of data. Cold storage is used for slower but cheaper retrieval of data. 

6.

CSPs have their own rigorous change management processes, and they do communicate changes within their cloud platforms. Because of this, what poses a challenge to cloud administers and change managers?

  • Inability to block and rollback CSP changes

  • Management of operating system patches

  • SLAs not being met

  • Management of operating system patches

Correct answer: Inability to block and rollback CSP changes

CSPs have their own stringent change management systems in place and communicate changes internally inside their cloud platforms. Cloud consumers, on the other hand, are unaware of the entire impact of a change. As a result of CSP changes, cloud administrators and change managers do not have the ability to block or roll back a CSP change made in the cloud, which poses a challenge.

7.

What are the two MAIN factors used to evaluate risk?

  • Likelihood and impact

  • Severity and likelihood

  • Impact and severity

  • Frequency and likelihood

Correct answer: Likelihood and impact

Risk refers to the chance or likelihood of an asset being threatened. Once an organization identifies risks, they are entered into a risk register, where the probability, likelihood, and impact are documented. The impact identifies the risk's nature and the potential for loss or damage to assets, whereas the likelihood quantifies the risk's possibility of occurring.

8.

What is the compliance standard that takes care of quality and ensures that a cloud provider is meeting all the regulatory requirements for its products and services they are offering?

  • ISO 27017:2015

  • NIST SP 800-53

  • FedRAMP

  • Sarbanes-Oxley Act

Correct answer: ISO 27017:2015

The International Standards Organization (ISO) standard 27017:2015 titled “Information Technology – Security Techniques – Code of Practice for Information Security Controls Based on ISO/IEC 27002 for Cloud Services” is the compliance standard that is in charge of quality and ensures that a cloud provider is in compliance with all applicable regulatory requirements for the products and services that they are providing to their customers.

9.

After performing a cloud assessment and migration, what is a critical component that OFTEN is overlooked?

  • Documentation and diagrams

  • Reporting

  • Collaboration

  • Training

Correct answer: Documentation and diagrams

Documentation and diagrams are crucial when undertaking a cloud assessment, and, later, a migration. Documentation and diagrams should be considered for the following: the placement of resources and applications, the identification of owners, the identification of capabilities and processes, and the documentation of dialogues between stakeholders and team members, to mention a few.

10.

To establish a secure point-to-point connection via the Internet, which of the following cloud technologies is utilized?

  • VPN

  • RDP

  • SSH

  • HTTPS

Correct answer: VPN

Virtual private networks (VPNs) provide secure tunnels between two endpoints across an untrusted network, such as the internet. VPNs allow secure data transmission. The other options are incorrect. They are cloud protocols and services, but are not closely related to secure point-to-point connections.

11.

A new company directive requires that costs associated with cloud-based production workloads that must run 24 hours a day be reduced. Which of the following might be the most cost-beneficial for the company?

  • Reserved instances

  • Spot instances

  • Pay-as-you-go

  • BYOL

Correct answer: Reserved instances

If you anticipate the need for cloud compute capacity over an extended length of time, you can reduce cloud costs by utilizing reserved instances, which are discounted by a Cloud Service Provider (CSP). Reserved instances demand a long-term commitment to obtain discounted compute services. Reserved instance consumers must keep in mind that the cost of the reserved instance will remain constant regardless of whether the VM is powered on or off.

12.

Which cloud technology allows the creation of storage volumes from a collection of physical devices?

  • SDS

  • SDN

  • CDN

  • SSH

Correct answer: SDS

As opposed to traditional computing devices which are limited by the number of drives connections the computer has, cloud storage supports software-defined storage (SDS). SDS separates the actual storage of data from the logical control over drive configuration, making it independent of the underlying hardware platform. As a result, storage volumes can be built from a combination of physical storage devices.

13.

Which of the following is used to safeguard data at rest?

  • AES

  • HTTP

  • HTTPS

  • SQL

Correct answer: AES

Data at rest can be safeguarded through Advanced Encryption Standards (AES). AES is a 256-bit encryption. AES is required by the U.S. federal government and available through many cloud service providers (CSPs). 

HTTP, HTTPS, and SQL are incorrect. HTTP and HTTPS are used for data in transit. SQL is used for database creation. 

14.

What does the term "big data" refer to?

  • Unstructured data

  • Metadata

  • Object data

  • Structured data

Correct answer: Unstructured data

Although it can, the term "big data" does not always refer to the size of the data set. Big data is a term that refers to a collection of unstructured data that, when evaluated properly, can reveal valuable insights. Unstructured data includes images and videos stored on a computer or in the cloud. Unstructured data can be more easily organized and retrieved with object storage.

15.

In terms of cloud optimization, what needs to be configured to manage auto-scaling capacity?

  • Instance pool

  • Storage capacity

  • CPU usage

  • Resource usage

Correct answer: Instance pool

When designing your workloads in the cloud, you should always keep scalability in mind. When configuring auto-scaling features in the cloud, the minimum and maximum sized instance pool must be defined.

16.

Which of the following describes a collection of risks along with priority levels and other details?

  • Risk register

  • Findings

  • Risk mitigation

  • Risk acceptance

Correct answer: Risk register

A risk register is a centralized repository for risks that have been discovered. Severity levels are assigned to the dangers in the registry. The severity level will be determined by the likelihood of the risk occurring and the resulting impact. After that, the risk will be assigned a priority level. Additionally, the risk register will record the risk owner, as well as the risk response and treatment. 

Findings, risk mitigation, and risk acceptance are incorrect. Findings are the results of experimentation. Risk mitigation is the process of trying to make an action with a large risk profile less risky. Risk acceptance is the choice to pursue a risk because of the cost-benefits. 

17.

The cloud administrator has completed patching a line of business applications in their companies' cloud deployment. What is the next step that they should perform?

  • Test in QA environment

  • Pilot evaluation

  • Vulnerability test

  • Deploy to production

Correct answer: Test in QA environment

Following that, the cloud administrator must implement quality assurance (QA) testing. When a patch is applied to an application, it must be tested and validated. This is to ensure that the patch addresses the issue it was intended to address and does not conflict with any existing processes or systems. A QA test environment should always be available for evaluating all parts of a patch, including interoperability and dependencies.

Pilot evaluation, vulnerability testing, and deploy to production are incorrect. Pilot evaluation is usually done before an initial cloud system is first put into use. Vunerability testing is likely done before patch creation. Deploy to production should not be done before testing in a QA environment. 

18.

Which cloud self-service access methods are BEST for automation?

  • API & CLI

  • API

  • PowerShell

  • CLI

  • SDK

  • PowerShell & CLI

Correct answer: API & CLI

Automation and reproducibility are facilitated by API and CLI access to cloud resources.

19.

Cryptographic algorithms and keys can be used to ensure which of the following?

  • Integrity of data

  • Availability of data

  • Confidentiality of data

  • Security of data

Correct answer: Integrity of data

To secure the integrity of data, cryptographic techniques and keys can be utilized. Cryptographic algorithms and keys can ensure the integrity of data, which is critical when determining whether evidence is admissible in a court of law. Hashing and message authentication are both cryptographic techniques that are used to safeguard the integrity of data.

20.

You are employed by a research group located in the U.S. that is currently working on a medical study. Each participant consents to having activity monitoring devices attached to their bodies. The collected data from multiple users is analyzed, generalized, and summarized for consumption.

What legal or regulation compliance might be applied to the data collected?

  • HIPAA

  • GDPR

  • SOX

  • PCI DSS

Correct answer: HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) is intended to safeguard personal health information from illegal access and use. As a result, the data gathered may be subject to HIPAA regulations. Bear in mind that in this scenario the data obtained from various users is evaluated, generalized, and presented without identifying a single participant, and that an exception to the rule may exist. HIPAA may apply to any medical information that can be traced back to an American citizen.

GDPR, SOX, and PCI DSS are incorrect. GDPR governs the EU. SOX governs financial accounting. PCI DSS is a standard related to credit card processing. 

×