×

Quiz Session - Attempts With Random Questions

CompTIA Cloud+ (CV0-004) Version 2.0.1 Exam Questions

Page 6 of 30

101.

Which of the following statements about VXLAN and GENEVE is FALSE?

  • VXLAN is VMware's proprietary implementation of the open-source GENEVE standard

  • VXLAN and GENEVE both allow transport of Ethernet traffic over an IP network

  • VXLAN and GENEVE can both help address size limitations with traditional Ethernet

  • VXLAN and GENEVE use different default ports 

Correct answer: VXLAN is VMware's proprietary implementation of the open-source GENEVE standard

Virtual extensible LAN (VXLAN) is a network virtualization technique that encapsulates Ethernet frames in IP/UDP packets. It was created to address size limitations associated with Ethernet. 

Generic network virtualization encapsulation (GENEVE) is an alternative solution for the same basic problem VXLAN aims to solve.

A key difference between GENEVE and VXLAN is that GENEVE only defines a packet format but does not prescribe how packets are sent.

VXLAN uses port 4789 by default, while GENEVE uses port 6081 by default. 

VXLAN is not a VMware proprietary implementation.

102.

You would like to make sure that a sufficient amount of log data is available if an event occurs so that your team can troubleshoot, diagnose the issue, and determine the root cause. 

Where do you establish and document how much event data should be gathered and retained?

  • Event collection policy

  • Event monitoring policy

  • Alert data collection policy

  • Data archival policy

Correct answer: Event collection policy

An event collection policy establishes what log data is captured, from what devices, how much, and how long it is stored. This policy is typically part of the overall data retention policy.

A data archival policy would deal with archiving data for long-term storage. 

Event monitoring policy and alert data collection policy are distractor answers.

103.

You are setting up a high-performance storage solution for a data center. 

What standard RAID level should you use to ensure your system can sustain the failure of two drives at the same time?

  • 6

  • 7

  • 5

  • 8

Correct answer: 6

Redundant array of independent disks (RAID) 6 is an extension of RAID 5 that is designed to sustain multiple simultaneous drive failures. 

RAID 5 can sustain a single drive failure. 

RAID 7 and 8 are not standard RAID levels.

104.

Izumi is an engineer at Acme Inc. Izumi needs to restore a virtual machine from an outdated full backup. Izumi wants to bring the full backup up to date before restoring it. 

What series of later backups would Izumi need to make an up-to-date synthetic full backup?

  • Incremental

  • Replica

  • Application-level

  • DR

Correct answer: Incremental

Newer incremental backups and an out-of-date full backup can be used to create an up-to-date synthetic full backup. 

Replicas are active secondary data storage locations. 

Application-level backups only back up applications and the associated application configurations and data. 

DR (disaster recovery) is not a specific backup type.

105.

You have deployed four applications on the same physical server. The underlying dependent prerequisite versions change frequently, and when you upgrade for one application, it causes the other three applications to have errors. 

What is the MOST straightforward approach to addressing this issue?

  • Deploy four virtual machines

  • Ask the software vendors to agree on the same prerequisite versions

  • Upgrade the physical server operating system

  • Deploy four separate physical machines

Correct answer: Deploy four virtual machines

By deploying virtual machines, each virtual machine guest can have its own version of the underlying prerequisite software without impacting the others.

Upgrading the physical server operating system is unlikely to address the fundamental problem of the programs conflicting with one another.

Getting agreement across multiple software vendors to align on the same prerequisites is typically impractical. 

Four separate physical machines come with more operational and cost overhead than four virtual machines.

106.

What is the BEST source for firmware updates for Internet of Things (IoT) devices?

  • The manufacturer

  • NIST

  • Internal development teams

  • GitHub

Correct answer: The manufacturer 

Firmware is the software that runs on network and IoT devices. It is similar to an operating system in that it directs the components inside these network devices. Firmware should be sourced from the manufacturer of the device.

107.

Acme Cloud LLC. provides an IaaS service to Small Co. 

Which of the following is Acme Cloud LLC. responsible for patching in this scenario?

  • Hypervisor

  • Operating system

  • Database

  • Web server application

Correct answer: Hypervisor

With the IaaS model, the cloud service provider (Acme Cloud LLC. in this case) is responsible for patching the hypervisor. 

The consumer (Small Co. in this case) is responsible for patching the operating systems. databases, and applications.

108.

You deployed a new customer-facing e-commerce system over Labor Day for a new line of products your company is selling. Your team sized the cloud-based virtual servers and storage based on projected sales estimates from the marketing department since there was no historical capacity planning information. 

During the after-Thanksgiving sale, customers were complaining that the system was slow. The cloud administrator confirmed that the system response time was very slow. You have been asked to troubleshoot this deployment issue.

What is the MOST likely cause of this issue?

  • Resource contention

  • Integration issues related to different clouds

  • Cloud provider service outage

  • Language support

Correct answer: Resource contention

High demand and conflicts over access to shared resources such as memory, storage, or databases create performance and slow-down issues. Resources experiencing ongoing contention are referred to as oversubscribed.

Given the high demand, resource contention is the most likely of the listed choices. 

No new integrations or language-related changes were mentioned. 

Similarly, nothing suggests the cloud provider had an outage.

109.

Today is Nov 11, 2030. The certificate on a website is valid and expires Dec 11, 2030. Most users can access the website without issue.

One user complains with a new laptop that they see a certificate expired error when accessing the website. 

Which of the following is MOST likely to explain the issue?

  • Outbound traffic to port 123 is blocked on the laptop

  • Outbound traffic to port 21 is blocked on the laptop

  • Inbound traffic to port 989 is blocked on the laptop

  • Inbound traffic to port 53 is blocked on the laptop

Correct answer: Outbound traffic to port 123 is blocked on the laptop

An incorrect certificate expiry error could be explained by a misconfigured date and time on the local laptop. The network time protocol (NTP) uses port 123 by default. If the laptop could not sync its time to a network time server by sending outbound traffic over port 123, that could explain the issue. 

Inbound traffic is unlikely to be the issue. 

Port 21 is a default FTP port. 

110.

Which of the following tools can a team use to track changes to source code and compare diffs related to specific commits?

  • Git

  • Ansible

  • Docker

  • GraphQL

Correct answer: Git

Git is a version control system that enables robust source code management including change tracking and comparing the diffs related to specific commits to the code.

Ansible is a configuration management platform.

Docker is a containerization tool. 

GraphQL is a type of API.

111.

When should a server migration take place?

  • During a maintenance window

  • During green time

  • During blue time

  • After 16:00 UTC

Correct answer: During a maintenance window

Server migrations should be scheduled during a maintenance window. 

"Blue" and "green" time are distractor answers based on the blue-green deployment model. 

A specific UTC time is not relevant to the question since servers may be located in any timezone across the globe and 16:00 UTC may or may not be a good time for a specific migration.

112.

Acme Enterprises runs an accounting firm in the European Union (EU). Which of the following could impede an organization's ability to replicate data across multiple datacenters on different continents?

  • Regulatory requirements

  • N + 1 rules

  • EIA/TIA 568

  • VT-x

Correct answer: Regulatory requirements

Regulatory requirements can restrict where data is stored. For example, in the EU, GDPR places data residency restrictions on the personal data of EU citizens. 

N + 1 is a type of redundancy that can support a single system failure without downtime. 

EIA/TIA 568 is a structured cabling standard. 

VT-x is a virtualization technology for x86 CPUs.

113.

What report was created so organizations can have a marketing-focused, non-technical summary of a SOC 2 report?

  • SOC 3

  • SOC 2.1

  • SOC M

  • SOC NT

Correct answer: SOC 3

Service Organization Controls 3 (SOC 3) is a report for public disclosure that provides details on financial controls and security. SOC 3 reports were created to provide a marketing-oriented, non-technical summary of SOC 2 reports. 

While there are SOC 2 type 1 and type 2 reports, the other answers are not standard SOC reports.

114.

A user complains that a web page is not loading as expected.

What is the BEST example of a simple potential cause that can be eliminated before focusing on more complex ones?

  • Verify that the user entered the correct URL

  • Run a single ping command from all the affected devices

  • Compare the device configuration to the vendor documentation

  • Run a load test

Correct answer: Verify that the user entered the correct URL

Many times, a problem can be solved by ruling out entry-level indicators, such as ensuring that the user is logged in, that the user is connected to the network, or that the target system is turned on. These simple checks require a minimum of time and can avoid the expense of a detailed investigation if they are found to be the source of the issue.

All the other answers are more involved and could be unnecessary if the user was inputting the wrong URL.

115.

If you need to configure a system such that one group of users has read-only permission to a resource and another group of users has modify permissions, where would you put that security information?

  • Access control list

  • Authentication list

  • Authorization list

  • Permissions list

Correct answer: Access control list 

An access control list (ACL) is a file or table that contains access privileges to resources by specific users or user groups.

Authentication list, authorization list, and permission list are not the standard terms for this type of list.

116.

Acme Inc. hires you as a cloud engineer. Your first project requires you to horizontally scale a web server in the cloud. 

Which of the following would BEST achieve the task?

  • Create additional web servers

  • Add resources to the existing web server

  • Add a CASB

  • Add a WAF

Correct answer: Create additional web servers

Horizontal scaling is achieved by adding additional servers to a system. Therefore, creating additional web servers is the best answer to this question. 

Adding resources to the web server is vertical scaling. 

A CASB and WAF are security appliances that can improve security posture but would not directly scale a web server.

117.

Alex is a server administrator at Acme Inc. After provisioning a virtual server, Alex creates a point-in-time copy of the server and all the data on it. 

What term best describes the copy of the server Alex created?

  • Snapshot

  • Init file

  • AMI

  • P2V

Correct answer: Snapshot

A snapshot is a point-in-time copy of a system. 

An init file is a generic term for a file a program or system uses for initialization. 

AMI (Amazon Machine Image) is a type of system image used to instantiate virtual machines in the AWS cloud. 

P2V (physical to virtual) is a type of system migration.

118.

An IoT device exposes a RESTful API that allows users to retrieve temperature data. 

What HTTP operation is MOST likely to allow a user to READ the current temperature data from an API endpoint on the system?

  • GET

  • READ

  • PULL

  • PUT

Correct answer: GET

RESTful application programming interfaces (APIs) use standard HTTP operations to allow systems to exchange and modify information. 

Common HTTP operations used with RESTful APIs include:

  • GET- Reads data or retrieves a resource
  • POST- Creates a resource
  • PUT- Modifies a resource
  • DELETE- Deletes a resource

PULL and READ are distractor answers.

119.

If you are a cloud provider and want to allow your customers to use their own on-premises Active Directory user IDs and passwords to access your services, what security technique would you employ?

  • Federation

  • Authentication

  • Authorization

  • Least privilege

Correct answer: Federation

Federation is the process through which two or more organizations can establish mutual trust for security purposes using their own built-in credentials. It prevents organizations from having to maintain multiple login credentials for each system they have to access.

Authentication and authorization are phases within the AAA (authentication, authorization, and accounting) framework.

Least privilege is a security concept that focuses on only granting the minimum permissions a user or system needs to complete required tasks.

120.

What type of change request has been evaluated previously and is pre-authorized?

  • Standard

  • Normal

  • Incremental

  • Legacy

Correct answer: Standard

Standard risk is well understood and poses a low risk to the organization. Therefore, it does not need to go through the analysis and evaluation cycles.

Normal changes are reviewed and approved (or rejected) as part of the change management process. 

Incremental and legacy changes are distractor answers.

×