×

Quiz Session - Attempts With Random Questions

CompTIA Cloud+ (CV0-004) Version 2.0.1 Exam Questions

Page 2 of 30

21.

Acme Inc. uses differential backups. They take backups of their cloud servers every day. A full backup is taken every Monday. Their RPO is 48 hours. 

The backup taken on Friday will include all the changes since when?

  • Since Monday's backup

  • Since Wednesday's backup

  • Since Tuesday's backup

  • Since Thursday's backup

Correct answer: Since Monday's backup

Differential backups backup all changes since the last full backup. Therefore, Friday's backup would include all the changes since Monday's full backup. 

RPO would not change how the differential backup works in this case.

22.

What technique do firewalls use to determine if a session has been established for an incoming packet before accepting it?

  • Stateful packet inspection

  • Session packet inspection

  • Firewall packet inspection

  • NAT packet inspection

Correct answer: Stateful packet inspection

Stateful packet inspection monitors the state of active connections and uses this information to determine which network packets to allow through the firewall.

Firewall packet inspection is a generic term that can generally refer to any type of packet inspection performed by a firewall. 

Session packet inspection and NAT packet inspection are not standard terms a Cloud+ candidate needs to be familiar with.

23.

Which of the following statements about horizontal and vertical scaling is FALSE?

  • Vertical scaling is less disruptive than horizontal scaling

  • Horizontal scaling is less disruptive than vertical scaling

  • Horizontal scaling involves adding more servers to an existing deployment

  • Vertical scaling involves adding more resources to an existing server

Correct answer: Vertical scaling is less disruptive than horizontal scaling

Horizontal scaling involves adding more servers to an existing deployment. Vertical scaling involves adding more resources to an existing server. 

Horizontal scaling is typically less disruptive than vertical scaling. That is because the process of adding resources to an existing server may require maintenance downtime.

24.

What step comes immediately BEFORE "merge" in the continuous integration process?

  • Test

  • Plan

  • Build

  • Deploy

Correct answer: Test

The steps in the continuous integration (CI) process are:

  1. Plan
  2. Build
  3. Test
  4. Merge

Deploy is part of the continuous delivery (CD) process.

25.

Which encryption technology is used for specific applications such as email and directory servers?

  • SSL/TLS

  • IPSec

  • GRE

  • LDAP

Correct answer: SSL/TLS

SSL/TLS protects network traffic at the application level. 

IPsec connects and protects at the host or network level.

GRE does not offer encryption and is often used in connection with IPsec.

LDAP is not encrypted by default. LDAPS (the S is for "secure") uses SSL/TLS encryption to improve security.

26.

What address space is required for a Class A private network?

  • 10.0.0.0 to 10.255.255.255

  • 172.16.0.0 to 172.31.255.255

  • 172.16.0.0 to 172.18.255.255

  • 192.0.0.0 to 192.168.0.0

Correct answer: 10.0.0.0 to 10.255.255.255

Private network address spaces are commonly used in an internal corporate network. They are not made available as public addresses. The Class A private network address space of 10.0.0.0 to 10.255.255.255 generates over 16 million addresses.

The other answers listed are related to the class B or C ranges.

27.

Troubleshooting connectivity issues is challenging since networks operate through a series of interdependencies with each other. 

Which of the following commands is commonly used to test network connectivity between two endpoints by sending ICMP echo requests?

  • ping

  • arp

  • nbtstat

  • curl

Correct answer: ping

ping is a popular command-line tool for testing network connectivity. A "ping" command sends an ICMP echo request from one system to another. 

None of the other commands listed fit this description. 

28.

Alex is a cloud administrator at Acme Inc. Alex is investigating an issue where a service is regularly crashing and restarting. 

What log should Alex check to review when the service last restarted?

  • System

  • Application

  • Security

  • Setup

Correct answer: System

Common Windows log types include:

  • Application- Contains logs relevant to drivers and applications on a system.
  • Security- Contains information on authentication and privilege escalation attempts. May also contain audited events. 
  • Setup- Contains information on system patches applied to the system. 
  • System- Contains operating system messages and information about services that have launched or been terminated. 

29.

Your development team stores its plaintext source code in a centralized location. 

What is that location called?

  • Code repository

  • Developer repository

  • Program repository

  • Branch repository

Correct answer: Code repository

A code repository is essentially a file storage and archive location where software developers store large amounts of source code for safekeeping and future use.

Developer, program, and branch repository are distractor answers.

30.

Acme Inc. has several mission-critical virtual appliances they need to deploy. The virtual appliances have high performance and reliability requirements. It is also important for the Acme Inc. team to be able to scale the deployment in the future.

What type of hypervisor should Acme Inc. use for the deployments?

  • Type 1

  • Type 2

  • Type 3

  • Type 0

Correct answer: Type 1

Type 1 hypervisors are a better choice than type 2 hypervisors when performance, reliability, and scalability are important requirements. Type 1 hypervisors run directly on server hardware, while type 2 hypervisors require an operating system to run "on top" of. 

Type 3 and type 0 are not standard hypervisor types.

31.

Setting up alternate sites is an essential part of business continuity. 

Which site option implements continuous replication so that the primary and alternate sites are always in sync?

  • Hot site

  • Warm site

  • Cold site

  • BCP site

Correct answer: Hot site

A hot site is a location that is a real-time replication of a primary site. It is set up and ready to take over operations immediately in the event of a primary site failure.

A warm site has operational data storage in sync with production, but other components are typically offline until a failover is needed. Warm sites require more work to cutover than hot sites.

Cold sites are cheaper than hot or warm sites because there are no online components or copies of data ready to go in the event of a failure. 

BCP site is a distractor answer based on the phrase business continuity planning (BCP). 

32.

You are a healthcare provider running cloud applications that access private health information. 

Data on the cloud systems is classified with a "PHI" category if it includes personal health information. You want to ensure that only users with authorization to view health information can access data categorized as PHI. 

What type of access control should you put into place to ensure the correct access to the healthcare data?

  • Mandatory access control (MAC)

  • Discretionary access control (DAC)

  • Regulated access control (RAC)

  • Federated access control (FAC)

Correct answer: Mandatory access control (MAC)

Mandatory access control (MAC) allows data access to be restricted or allowed based on security levels of users and systems being accessed. The PHI data could be restricted to only being accessible by users with an associated security level. 

Discretionary access control (DAC) gives the data owner the power to grant or deny user permissions. DAC is used in industries where the data is highly regulated, such as healthcare and financial services.

Regulated access control (RAC) and federated access control (FAC) are not standard access control types.

33.

What data format do SAML assertions use?

  • XML

  • JSON

  • YAML

  • CSV

Correct answer: XML

SAML is an authentication protocol that uses the XML data format. 

JSON, YAML, and CSV are all common data formats, but they are not the data format used for SAML assertions.

34.

Which of the following metrics is directly related to compute resources on a virtual machine?

  • Wait time

  • Paged pool

  • Page faults

  • Virtual NIC average bytes received

Correct answer: Wait time

Compute resources deal with compute technologies like CPU, GPU, and microprocessors. 

Wait time is a CPU-related metric a CPU thread waits for processing. 

Paged pool and page faults are related to memory.

Virtual NIC average bytes received is related to network resources.

35.

What type of data would be a good candidate for object storage?

  • Image libraries

  • A database with frequent writes

  • Active access logs

  • Active system logs

Correct answer: Image libraries

Object storage is useful for storing infrequently edited files and objects. Common use cases are storing video, image, and PDF files. 

All the other options are likely to be written to frequently and are therefore not good candidates for object storage.

36.

Which of the following authentication factor combinations has a "someplace you are" and "something you have" factor?

  • Geolocation and authenticator app

  • Password and geolocation

  • Fingerprint and authenticator app

  • Fingerprint and password

Correct answer: Geolocation and authenticator app

Geolocation is a "someplace you are" factor. An authenticator app is a "something you have" factor.

A password is a "something you know" factor. 

A fingerprint is a "something you are" factor.

37.

Which of the following is a common data format used to send and receive data with REST APIs?

  • XML

  • SNMP

  • MQTT

  • YAML

Correct answer: XML

XML and JSON are the two most common formats used with REST APIs. 

SNMP and MQTT are network protocols. 

YAML is a data format, but it is not used to send and receive data with REST APIs as commonly as XML and JSON.

38.

Which of the following is typically used for formatting and exchanging authorization-related data?

  • SAML

  • ACL

  • vACL

  • ECC

Correct answer: SAML

Security Assertion Markup Language (SAML) is an XML-based language commonly used for the exchange of authorization-related data. 

An access control list (ACL) allows or disallows traffic or activity based on a list of rules. 

vACL is a distractor answer. 

Elliptic curve cryptography (ECC) is a type of cryptography that uses curves instead of prime number factors.

39.

Assuming all of these resources are available, what is the BEST resource for an organization as a reference for secure configuration of a new cloud system from a third-party vendor?

  • Vendor configuration guidelines

  • Internal device policy

  • Vendor terms of service

  • Internal audit checklist

Correct answer: Vendor configuration guidelines

Vendors build and configure their products to meet industry security standards. Organizations can use this documentation to test and audit their devices against the guidelines provided by the vendors.

The vendor terms of service would not typically detail specific configuration recommendations. 

Internal checklists and policies would not typically have the specificity the vendor's recommendations provide.

40.

Your organization is not able to move its existing workloads to the cloud all at one time. 

What is the BEST option for proceeding?

  • Establish a plan to migrate incrementally over time

  • Convert all the workloads to SaaS and decommission the existing workloads

  • Schedule a long outage window to handle a one-time migration

  • Implement a community cloud instead

Correct answer: Establish a plan to migrate incrementally over time

Most organizations are not able to migrate everything to the cloud at once. A widely used approach is to coexist with the existing and the new cloud environment for a period of time. Creating an incremental migration plan reduces risk.

A community cloud involves organizations with shared interests and similar requirements sharing cloud infrastructure. It would not address the scenario in the question.

×