×

Quiz Session - Attempts With Random Questions

CompTIA Cloud+ (CV0-004) Version 2.0.1 Exam Questions

Page 4 of 30

61.

What type of encryption requires a single user to have two keys?

  • Asymmetric

  • Symmetric

  • Dual

  • Stream

Correct answer: Asymmetric

Asymmetric encryption requires users to have a public and a private key. 

Symmetric encryption requires one key. 

Dual encryption is not a standard encryption type.

Stream ciphers are a type of symmetric encryption.

62.

Which type of service level agreement (SLA) is the MOST complex to test for to determine if the cloud provider has met their contractual service obligation?

  • Multilevel SLA

  • Customer-based SLA

  • Service-based SLA

  • Cloud-based SLA

Correct answer: Multilevel SLA

A service level agreement (SLA) is a contract that outlines the type of service to be provided, the service's performance level, how the performance levels will be monitored and reported on, steps for reporting service issues, issue resolution process, timeframe, and service provider penalties if the SLA is not met. Multilevel SLAs are the most complicated because they are created for different types of consumers who use the same services.

A service-based SLA describes a single service that is provided for all customers. 

A customer-based SLA is differentiated between business customers and home users. 

There is no type of SLA known as a cloud-based SLA.

63.

Alex, a systems administrator at Acme Inc., was troubleshooting an issue on a firewall appliance and made several configuration changes. A few hours later, users with IP addresses in the range 203.0.113.0/24 report they can no longer access the network the firewall protects. Users from the 198.51.100.0/24 network report no issues. 

Users from both networks should be able to access the network behind the firewall, and there were no problems before Alex made changes.

What MOST likely explains the problem?

  • Alex input an incorrect ACL entry

  • The 203.0.113.0/24 network was hacked

  • Alex input a default ALLOW rule in the firewall

  • Alex deleted a DENY rule for 198.51.100.0/24

Correct answer: Alex input an incorrect ACL entry 

An incorrect access control list (ACL) entry that blocks 203.0.113.0/24 would explain the symptoms and is most likely because Alex was making changes before the issue was reported. 

While a hack is possible, it is not supported by any of the information in the question. 

An ALLOW rule would not block traffic. 

Deleting a DENY rule for another network should not cause 203.0.113.0/24 to have connectivity issues.

64.

Cruz is a database administrator at Acme Inc. who regularly searches a MySQL database to provide insights to management and internal stakeholders. 

Cruz wants to improve the performance of commonly searched data in the database. This data is not frequently written. 

What should Cruz do to achieve his goal?

  • Index the data

  • Change the datatypes

  • Migrate to a Redis database

  • Use functions

Correct answer: Index the data

Indexing data in a relational database can significantly improve search performance. Indexing can negatively impact write speeds because additional data is associated with indexed data. 

The datatypes are not given in the question, and, generally, changing datatypes alone does not meaningfully improve search speed. 

Migrating a relational MySQL database to a nonrelational Redis database is a complex task that may not improve search performance at all. 

Functions are database operations such as sum or count. Nothing in the question suggests they would directly impact search performance.

65.

What deployment tool can you use to document a standard installation profile to ensure that all cloud resources have the same security patches, service packs, operating systems, and base applications installed?

  • Template

  • License tracker

  • UNC path file

  • Automation script

Correct answer: Template

Templates provide a streamlined playbook or approach to deploying consistent images across the environment. Templates also help decrease the installation and configuration costs and allow for faster deploy times and lower operational costs.

A license tracker is useful for the management of different software licenses, but not for creating installation profiles. 

A UNC path is a standard way to represent the location of data. It follows the "\\<server>\<path>" format.

An automation script may use a template, but it does not typically directly maintain the configuration profile.

66.

Which software environment is used by programmers to develop code and test small changes before deploying to other environments for testing and use by end users?

  • Development

  • Systems assurance

  • Quality assurance

  • Production

Correct answer: Development

Development is the environment for programmers to build new features and changes, test them, and preview them before pushing to later stage environments such as quality assurance (QA)/test, staging, and production. 

Systems assurance is not a standard name for a development environment.

67.

You have a large storage area network and wish to associate and configure certain storage devices to specific servers. 

What specific SAN approach and technology would you use to accomplish this?

  • Zoning

  • Segmenting

  • SAN masking

  • Striping

Correct answer: Zoning

Zoning creates specific associations between servers and storage devices and allows the storage administrator to isolate parts of the storage area network. This is usually done for performance or security reasons.

SAN masking is a distractor term based on LUN masking. 

Striping is a RAID technique. 

Segmenting is a general term that can describe a variety of logical isolation techniques.

68.

You are hired as a security consultant for Acme Inc. Acme Inc. asks you to recommend a solution that will help them reduce the risk of network intrusions. 

What two network security devices inspect network traffic to identify and block potential malicious intrusions?

  • IDS and IPS

  • HTTP and SHTTP

  • Router firmware and firewall rules

  • ACL and TPM

Correct answer: IDS and IPS

Intrusion detection systems (IDSs) review the data that passes through a network, send alerts, and log suspicious traffic. Intrusion prevention systems (IPSs) are more proactive. They can also block suspicious traffic.

HTTP and SHTTP are application layer network protocols. 

Router firmware does not inspect network traffic. A firewall rule is not a network device. 

An access control list (ACL) is a list of rules that define what level of permissions an entity is granted to a resource (if any). A trusted platform module (TPM) is a type of crypto-processor that enables the use of cryptographic keys on hardware devices.

69.

Your organization has several petabytes of audio, video, and other media files that are typically unchanged after they are stored. The organization does not need any specific file hierarchy to be maintained along with the data. 

What type of storage is BEST to store this type of data?

  • Object storage

  • Lock storage

  • NFS

  • RAID storage

Correct answer: Object storage

Object storage is well-suited to handling very large amounts of unstructured data that infrequently changes using simple and efficient techniques such as flat organization and metadata.

RAID storage could help with fault tolerance, but does not best address the use case of storing large, infrequently changing datasets. 

Network file system (NFS) is a protocol used for file sharing. Object storage is a better answer in this case because there is no need for a file hierarchy and the dataset consists of large, infrequently changing data. 

Lock storage is not a standard cloud storage type. 

70.

You are deploying DBaaS for an analytics data warehouse. 

Which of the following services is NOT included in the DBaaS model?

  • Business logic

  • Self-service provisioning

  • Metered usage

  • SLA monitoring

Correct answer: Business logic

Database-as-a-Service (DBaaS) or "managed databases" offers database services. Consumers of DBaaS write their own applications to access the data in DBaaS. Business logic is written or applied by the users.

Self-service provisioning, metered usage, and SLA monitoring are typical in DBaaS and other cloud service models.

71.

Where is a swap file MOST likely to be created?

  • Disk

  • RAM

  • CPU cache

  • NIC

Correct answer: Disk

Swap files are created on disk when all of a system's RAM is utilized. The swap file is used as virtual RAM. 

A swap file would not typically be created in the CPU cache. 

A network interface card (NIC) is a network adapter, not a storage location.

72.

In which cloud service model does the cloud provider have the MOST responsibility for security, compliance, and liability requirements?

  • SaaS

  • PaaS

  • IaaS

  • XaaS

Correct answer: SaaS

Software as a Service (SaaS) providers are responsible for maintaining security levels for the user; the user has no way of configuring the security settings. Security, compliance, and liability requirements are all built into the SaaS application.

SaaS shifts more burden to the cloud service provider than PaaS or IaaS. The tradeoff for users is the level of control. 

XaaS is a generic term that means "anything as a service" and is not a specific model.

73.

You need to view and possibly update the TCP/IP routing tables of Windows devices on your network. 

What command should you use?

  • route

  • ifconfig

  • ipconfig

  • routeconfig

Correct answer: route

The route command allows operators to modify static routes by making manual entries in the network routing table.

ifconfig is a Linux command. 

ipconfig is used to display information about local network interfaces. 

routeconfig is not a standard Windows command line command.

74.

A video streaming service uses an algorithm to suggest videos you may like based on your previous viewing patterns. The suggestions update over time based on the videos you view and "like." 

This is MOST likely an implementation of what type of technology?

  • ML

  • MTU

  • REST

  • Serverless

Correct answer: ML 

Suggestion algorithms are a common use case for machine learning (ML). 

MTU is a network setting.

REST is a standard pattern for creating and using APIs. 

Serverless computing is a form of computing where all the underlying resources are abstracted away from the consumer and functions are executed ad-hoc.

75.

Acme Inc. uses a firewall application that comes as a prebuilt virtual machine from a security vendor. Acme Inc. deploys this virtual machine in their cloud environment to filter inbound network (OSI layer 3) traffic. 

The prebuilt virtual machine is an example of what?

  • Virtual appliance

  • Physical switch

  • OSI Layer 3 server

  • Packet router

Correct answer: Virtual appliance

A virtual appliance is an image running on a cloud virtual machine that is pre-configured to implement firewall functions such as filtering and routing.

The appliance is not a physical appliance, so "physical switch" is incorrect. 

A router, in general, forwards packets. The appliance in question is a firewall, not a router. 

OSI Layer 3 server is a distractor answer. 

76.

When troubleshooting the deployment of a local Windows application, what is one of the dependencies you should validate?

  • .NET version

  • C# version

  • Firmware version

  • Advanced Packaging Tool (APT)

Correct answer: .NET version

Windows applications are written in the .NET programming language and require the correct programming library versions to be installed on the machine where the application is running.

C# is a programming language often used to write .NET applications.

Firmware is typically associated with embedded systems and network devices, not Windows applications. 

Advanced Packaging Tool (APT) is a Linux (Ubuntu) package manager.

77.

You are provisioning a virtual network. The requirements are:

  1.  Have space for 200 hosts
  2. Minimize the amount of unused addresses beyond the 200 hosts

What size CIDR block should you give this network?

  • /24

  • /23

  • /31

  • /30

Correct answer: /24

A /24 CIDR block allows for 254 hosts. None of the other options allow for 200 hosts.

78.

Acme Inc. uses incremental backups. They take backups of their cloud servers every day. A full backup is taken every Monday. Their RPO is 48 hours. 

The backup taken on Friday will include all the changes since when?

  • Since Thursday's backup

  • Since Tuesday's backup

  • Since Monday's backup

  • Since Wednesday's backup

Correct answer: Since Thursday's backup

Incremental backup strategies take backups of data changed since the last incremental or full backup. In this case, that means Friday's backup will include all the changes since Thursday's backup.

RPO does not change what an incremental backup is.

79.

Charlie is a database administrator at Acme Inc. Charlie takes a full backup of a SQL database server by saving the entire database as a collection of files.

What term BEST describes this type of database backup?

  • Database dump

  • Volume backup

  • LUN cloning

  • File backup

Correct answer: Database dump

A database dump is a full database backup that saves an entire database in one or more files. 

Volume backup is a generic term that can refer to backing up any storage volume. 

File backups are backups of filesystems that are often used for workstations and servers.

LUN cloning creates a copy of a specific unit of block storage.

80.

Which of the following is an example of vertical scaling?

  • Adding disk space to a server

  • Making a program more efficient so less CPU is used

  • Running two programs on the same server

  • Adding a server to a deployment to support more load

Correct answer: Adding disk space to a server

Vertical scaling occurs when resources are added to an existing system. In this case, the only answer that adds resources to an existing system is "adding disk space to a server."

Adding a server to a deployment is horizontal scaling.

×