×

Quiz Session - Attempts With Random Questions

CompTIA Cloud Essentials+ Exam Questions

Page 8 of 25

141.

Due to misconfigurations, a cloud firewall allows undesired traffic into a business's network. The access control list and rules on the firewall have been modified to address the problem.

What is this risk response type?

  • Mitigate

  • Avoid

  • Accept

  • Transfer

Correct answer: Mitigate

The company addressed this risk by modifying the configuration. This is referred to as risk mitigation.

The issue was not addressed through avoidance. Avoidance refers to ceasing to do or use what is creating the problem. In this instance, you would need to disable the existing firewall.

Accepting risk entails maintaining the status quo. While this may appear hazardous, in many circumstances, mitigation is not achievable or is more expensive than the projected damage from a breach caused by the vulnerability.

142.

A company has completed inventorying their assets with their associated values. They have taken into consideration the asset value and the probability of the threat occurring.  What is their NEXT step in the risk assessment process?

  • Risk Classification

  • Gap analysis

  • Vulnerability scan

  • Documentation

Correct answer: Risk Classification

The next step in the risk assessment process would be the risk classification. The classification's purpose is to assist in determining the right risk response or suitable level of protection to apply to a given asset. The classification is divided into two parts: asset value and the likelihood of a threat arising. Both of these aspects contribute to the asset and threat risk classification. The greater the asset's worth and the more likely that a threat will materialize, the higher the risk rating, for example, Level 5. Reduced asset value and a decreased probability of occurrence of a threat result in a lower risk rating, for example, Level 1. Classifications are denoted by the letters A, B, C, D, and E or by a scale of one to five.

143.

A requirement states controls must be in place that restricts all cloud administrators from adding new VMs. What should be configured to meet the requirement?

  • Policies

  • Templates

  • SLA

  • Subscriptions

Correct answer: Policies

Policies apply restrictions for administrators' control over where and how to deploy virtual machines (VMs) as well as the granular resource specifications, such as the type of VMs. 

Templates, SLA, and subscriptions are incorrect. Templates are used for automating the creation of VMs. SLAs are contracts between CSPs and customers. Subscriptions are arrangements between CSPs and customers. 

144.

Which of the following is a defined set of processes that outlines how an organization recovers and safeguards its information technology infrastructure in the event of a disaster?

  • DRP

  • MTTR

  • RPO

  • RTO

Correct answer: DRP

A DRP (disaster recovery plan) describes an organization's recovery strategy in the aftermath of a catastrophic incident. A DRP is thorough and may be applied to a single information technology system or asset. The DRP outlines specific actions to take in order to resume company activities as soon as feasible.

MTTR, RPO, and RTO are incorrect. Mean time to repair (MTTR) is the average amount of time it takes to get a downed service functioning again. Recovery point objective (RPO) is the maximum amount of acceptable data loss. Recovery time objective (RTO) is the maximum amount of acceptable down time. 

145.

Cloud storage runs on a solution that features scalability, transparency, a standard interface and diverse storage type support. What storage technology is being referred to?

  • SDS

  • SDN

  • CDN

  • SSH

Correct answer: SDS

A good Storage-Defined Storage (SDS) solution will have the following features:

  • Customers should be able to scale both the quantity of storage available to them and the underlying hardware without experiencing any performance concerns or downtime. Client scalability should be automatic.
  • The amount of storage space is available and the cost of the storage should be transparent to administrators.
  • Management and maintenance of SDS should be easy for administrators.
  • SDS should support applications written for object, file or block storage.

146.

You work for a company that specializes in cybersecurity. Your cloud deployment must ensure data is consistently accessible, even during a natural disaster.

Which aspect of cloud computing MOST effectively satisfies this requirement?

  • Replication

  • Encryption

  • Automation

  • Communications

Correct answer: Replication

Replication is the ideal solution in this circumstance since it ensures that the organization's data is always available, even in the event of a natural disaster. Data replication is the process of copying data across several data centers in order to ensure its availability. A common replication configuration consists of a primary data center that is duplicated to another availability zone or region, depending on the business requirements.

Encryption, automation, and communications are incorrect. Encryption is the use of ciphertext. Automation is the use of DevOps. 

147.

What is NOT a benefit of using a subscription-based SaaS model?

  • Control of uptimes

  • Smaller up-front licensing costs

  • No upgrade costs for new features

  • Clients can always have the most updated version

Correct answer: Control of uptimes

Subscription-based cloud models rely on trusting a third party with the maintenance, scheduling, and servicing of hardware. This involves giving up a level of control and visibility over usage availability compared to privately controlled on-premise equipment. For some organizations, this might not be acceptable or desirable.

Benefits of using a subscription-based SaaS model include:

  • Smaller up-front licensing costs
  • No upgrade costs for new features
  • Clients can always have the most updated version

148.

What is a typical exclusion from vendor hardware maintenance packages?

  • Hardware upgrades

  • Firmware updates

  • Technical support

  • Replacements of defective parts

  • Warranty

Correct answer: Hardware upgrades

Typically, maintenance does not include hardware changes. If a higher-performance version of the hardware is available, you will need to make an additional purchase with its own maintenance. Hardware maintenance packages often include the following: firmware upgrades, technical assistance, part replacement, and warranty.

149.

You are tasked with coming up with a cost-saving solution that allows your organization to host user's desktops from the cloud. Which of the following would your organization benefit from implementing?

  • VDI

  • SDN

  • CDN

  • VPN

Correct answer: VDI

Virtual desktop infrastructure (VDI) enables the hosting of a user's desktop within a virtual machine on a cloud server. VDI enables centralization of management, increased security, and remote access to users' desktops and company resources. Typically, VDI lowers the total cost of ownership.

All other options are incorrect. Content delivery networks (CDNs), software defined networking (SDN), and virtual private network (VPN) are focused on network communications and content delivery.

150.

Your organization needs to select a storage solution for the structured databases they are moving to the cloud but still need to be able to quickly access. What is the BEST cloud storage option?

  • Hot block storage

  • Cold block storage

  • Hot object storage

  • Cold object storage

Correct answer: Hot block storage

Block storage is the optimal choice for cloud databases. For structured data, block storage is faster, while object storage is better for unstructured data. Hot storage is designed to be constantly accessible. It is more expensive than cold storage but provides significantly faster access. As a result, hot block storage is the optimal cloud storage solution for your organization's cloud databases.

151.

An enterprise wishes to establish a network and virtual machines (VMs) on a cloud service provider's (CSP) infrastructure. One of the virtual machines will be assigned a public IP address. It is only within the cloud architecture that data will be exchanged between virtual machines after the initial upload of data to the cloud infrastructure.

Which of the following describes this technical setup?

  • Jump box

  • SSH public key authentication

  • Operating system image

  • Type 2 hypervisor 

Correct answer: Jump box

A jump box is a single VM that has a public IP address and can connect with other cloud VMs with private internal IP addresses. This is a preferred option over directly contacting VMs with public IP addresses. Jump boxes enhance cloud security. 

An SSH public key authentication is a method of using a cryptographic key to log into an SSH. An operating system image is a copy of the state of an operating system. A Type 2 hypervisor is a hypervisor that is installed on top of an operating system. 

152.

Which statement in regard to application container images is FALSE?

  • Container images contain operating system files.

  • Container images contain application files and settings.

  • A container image can be either stored in a private or public repository, depending on permissions.

  • Container images are portable, which means they can be readily transferred to other hosts that support application containerization.

Correct answer: Container images contain operating system files.

A container image is a collection of files necessary for the operation of an application or microservice. A container image lacks operating system files since the images are dependent on the underlying host operating system.

All other options are true in regard to application container images.

153.

Which of the following statements is FALSE?

  • Use of COTS software is unlimited in the cloud.

  • Free-for-use licenses have become synonymous with open source.

  • Free-for-use software can be used freely without having to pay any licensing fees.

  • Pay-for-use licenses are synonymous with COTS software.

  • Pay-for-use licenses are software that you must pay a fee to use.

  • Use of COTS software in the cloud is dependent on the software vendor.

Correct answer: Use of COTS software is unlimited in the cloud.

Free-for-use licenses, which have come to be associated with open source, refer to software that can be used without paying any licensing fees. Pay-for-use licenses, which have to be associated with Commercial Off The Shelf (COTS) software, refer to software that you must pay a fee to use. While it is possible to use either in the cloud, this will have an influence on the pay-for-use license. When using COTS software in the cloud, the software vendor must be taken into consideration, and each case must be treated uniquely.

154.

Which file type is MOST frequently used for cloud resource template files?

  • JSON

  • VHD

  • CDN

  • XML

Correct answer: JSON

JavaScript Object Notation (JSON) is a popular file syntax for cloud resource templates. Infrastructure as Code (IaC) is delivered via cloud automation templates that are often stored in the JSON file format.

155.

The analysis of the data generated by a cloud feasibility study to identify areas where cloud solutions may fall short of meeting specific computing requirements is referred to as what type of assessment?

  • Gap analysis

  • Feasibility study

  • Pilot program

  • Phased cloud migration

Correct answer: Gap analysis

The current and future IT resource requirements of a business are diverse. To move forward, you must close the gap between where you are now and where you want to be. You can identify all areas in which gaps exist by means of a gap analysis. A feasibility study's output will include data that can be used to conduct a gap analysis. You can supplement that report with additional information to generate your own data for identifying and tracking progress toward closing the gap.

156.

What can cloud-based command-line tools, scripts, templates, and batch operations accomplish?

  • Automation

  • Access control

  • Logging

  • Data management

Correct answer: Automation

Cloud automation can help eliminate human error and accelerate the process of creating, modifying, and deleting cloud resources. Cloud automation can be accomplished using the following methods: command-line tools, scripts, templates, and batch jobs.

These tools are not required for access control, logging, or data management. 

157.

A cloud systems administrator configured autoscaling for an application. The configuration is set to add additional CPU to the virtual machine if the CPU threshold hits 80%.

In terms of scalability, what is it called when you increase CPU once it meets a certain threshold?

  • Scaling up

  • Scaling down

  • Scaling in

  • Scaling out

Correct answer: Scaling up

Vertical scaling is the act of increasing or decreasing CPU and RAM to improve application performance. Scaling up and scaling down are two concepts of vertical scaling. The act of increasing CPU to improve application performance when it meets a certain threshold is referred to as scaling up.

Scaling down, in, and out are incorrect. Scaling in and out are concepts of horizontal scaling. Scaling down is the opposite of scaling up.

158.

Which RAID configuration is also known as disk striping with distributed parity?

  • RAID 5

  • RAID 0

  • RAID 1

  • RAID 2

Correct answer: RAID 5

RAID 5 is also known as disk striping with distributed parity. Disk striping is using multiple disks to improve I/O. Distributed parity is keeping error recovery information on several disks to serve as backup. 

RAID 0, RAID 1, and RAID 2 are incorrect. RAID 0 is known as disk striping. RAID 1 is known as disk mirroring. RAID 2 is not tested on the exam. 

159.

Your client must create a secure login process for their recently transferred cloud system. Employees have been provided with an electronic key token, and they will also log in using their username and password.

What type of security solution MUST be implemented in order to use this?

  • MFA

  • SSO

  • MAC

  • TLS

Correct answer: MFA

You're going to use multi-factor authentication (MFA). This adds another degree of protection to an existing username and password combination by utilizing token-based authentication. This authentication technique is based on the "something you know and something you have" model.

SSO, MAC, and TLS are incorrect. Single sign-on (SSO) is the use of one login to enter various applications in a domain. Media access control (MAC) is part of a data link layer. Transport Layer Security (TLS) is a communication protocol that uses PKIs. 

160.

Which of the following risk responses is exemplified by implementing a cloud backup solution with a third party vendor other than your existing CSP?

  • Risk transfer

  • Risk mitigation

  • Risk avoidance

  • Risk tolerance

Correct answer: Risk transfer

Risk transfer is demonstrated by implementing a cloud backup solution with a third-party vendor other than your present CSP. According to the terms of the agreement, the risk of data loss is divided between the 3rd party backup vendor and the customer.

This is not an instance of risk tolerance. This strategy entails taking no action and accepting the danger.

This is not an illustration of risk avoidance. This strategy entails discontinuing the action that is creating the problem.

This is not a risk mitigation strategy. This approach advocates making changes that lessen the effects of the risk.

×