211-220

Question 1

A disaster situation has occurred, and the entire team needs to be informed about the situation. Which of the following documents will help the administrator find the details of the relevant team members for escalation?

A. Chain of custody
B. Root cause analysis
C. Playbook
D. Call tree

Answer 1

D. Call tree

Question 2

A systems administrator is troubleshooting performance issues with a VDI environment. The administrator determines the issue is GPU related. and then increases the frame buffer on the virtual machines. Testing confirms the issue is solved, and everything is now working correctly. Which of the following should the administrator do NEXT?

A. Consult corporate policies to ensure the fix is allowed
B. Conduct internal and external research based on the symptoms
C. Document the solution and place it in a shared knowledge base
D. Establish a plan of action to resolve the issue

Answer 2

C. Document the solution and place it in a shared knowledge base

Question 3

A systems administrator is planning a penetration test for company resources that are hosted in a public cloud. Which of the following must the systems administrator do FIRST?

A. Consult the law for the country where the company’s headquarters is located
B. Consult the regulatory requirements for the company’s industry
C. Consult the law for the country where the cloud services provider is located
D. Consult the cloud services provider’s policies and guidelines

Answer 3

D. Consult the cloud services provider’s policies and guidelines

Question 4

A systems administrator wants to restrict access to a set of sensitive files to a specific group of users. Which of the following will achieve the objective?

A. Add audit rules on the server
B. Configure data loss prevention in the environment
C. Change tine permissions and ownership of the files
D. Implement a HIPS solution on the host

Answer 4

C. Change tine permissions and ownership of the files

Question 5

A cloud administrator has created a new asynchronous workflow lo deploy VMs to the cloud in bulk. When the workflow is tested for a single VM, it completes successfully. However, if the workflow is used to create 50 VMs at once, the job fails. Which of the following is the MOST likely cause of the issue? (Choose two.)

A. Incorrect permissions
B. Insufficient storage
C. Billing issues with the cloud provider
D. No connectivity to the public cloud
E. Expired API token
F. Disabled autoscaling

Answer 5

A. Incorrect permissions

B. Insufficient storage

Question 6

A systems administrator has verified that a physical switchport that is connected to a virtualization host is using all available bandwidth. Which of the following would BEST address this issue?

A. Port mirroring
B. Link aggregation
C. Spanning tree
D. Microsegmentation

Answer 6

D. Microsegmentation

Question 6

A piece of software applies licensing fees on a socket-based model. Which of the following is the MOST important consideration when attempting to calculate the licensing costs for this software?

A. The amount of memory in the server
B. The number of CPUs in the server
C. The type of cloud in which the software is deployed
D. The number of customers who will be using the software

Answer 6

D. The number of customers who will be using the software

Question 7

HOTSPOT -

To view the entire simulation, click the X in the upper-right corner of this window.

A highly regulated business is required to work remotely and the risk tolerance is very low. You are tasked with providing an identity solution to the company cloud that includes the following:

• secure connectivity that minimizes user login
• tracks user activity and monitors for anomalous activity
• requires secondary authentication

INSTRUCTIONS -

Select controls and servers for me proper control points.

It at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

An Image would Help lol but we dont want to pay for that upgrade

Answer 7

Cloud Service Provider
SSO BGP
|
Private cloud - Database Server

Question 8

A cloud administrator is evaluating a solution that will limit access to authorized individuals. The solution also needs to ensure the system that connects to the environment meets patching, antivirus and configuration requirements. Which of the following technologies would BEST meet these requirements?

A. NAC
B. EDR
C. IDS
D. HIPS

Answer 8

B. EDR

Question 9

A security team is conducting an audit of the security group configurations for the Linux servers that are hosted in a public IaaS The team identifies the following rule as a potential issue:

A cloud administrator, who is working remotely, logs in to the cloud management console and modifies the rule to set the source to “My IP.” Shortly after deploying the rule, an internal developer receives the following error message when attempting to log in to the server using SSH: Network error: Connection timed out. However, the administrator is able to connect successfully to the same server using SSH. Which of the following is the BEST option for both the developer and the administrator to access the server from their locations?

A. Modify the outbound rule to allow the company’s external IP address as a source
B. Add an inbound rule to use the IP address for the company’s main office as a source
C. Modify the inbound rule to allow the company’s external IP address as a source
D. Delete the inbound rule to allow the company’s external IP address as a source

Answer 9

A. Modify the outbound rule to allow the company’s external IP address as a source