CompTIA Cloud+ Final Assessment Flashcards by Pug Party

When considering identity and access management (IAM), what is the goal of authorization?

A.Proof
B.Access
C.Logs
D.Policies

B.Access

How well did you know this?

Not at all

Perfectly

Engineers discover that a cloud service occasionally experiences a severe latency with domain name system (DNS) queries. All network tests indicate that throughput is more than sufficient to remote DNS servers. How do the engineers improve the issue without modifying the physical or logical infrastructure?

A.Implement DNS Caching
B.Reference additional DNS servers
C.Reference different DNS servers
D.Move DNS servers closer

A.Implement DNS Caching

How well did you know this?

Not at all

Perfectly

An engineer recommends that an administrator should deploy cloud-based virtual machines (VMs) for the first time by using templates. What aspects of a VM can be set within a template for rapid deployment? (Select all that apply.)

A.Compute resources
B.Operating system
C.Storage resources
D.Container services

A.Compute resources
B.Operating system
C.Storage resources

How well did you know this?

Not at all

Perfectly

A software development company in New York (in the Northeast United States) has some production instances already running on the Google Cloud Platform (GCP) and wants to create two separate networks for development and staging purposes. The IT team has put together a network design depicting what the final cloud networks will look like with multiple subnets but will move forward with the development network and its primary subnet first. The networks must allow Secure Shell (SSH), Remote Desktop Protocol (RDP), and Hypertext Transfer Protocol Secure (HTTPS) for secure communication to all instances in the network from all sources outside of the network. As the cloud engineer, work with your colleagues to create the first network in this initial phase. The following information is a preview of the final network design:

Virtual private cloud networks:
mainnetwork – 10.130.0.0 – 4094 IP addresses
devnetwork – 10.120.1.0 – 254 IP addresses
stagenetwork – 10.140.1.0 – 254 IP addresses

Naming convention standards:
Subnet names: “networkname-IPv4_second_octect” or mainnetwork-130.
Firewall names: “networkname-[allow or deny]”

Network name: ____

Subnet creation mode: Custom or Automatic

Subnet name: ___

Region: us-central, us-east, us-west

IP address range (using CIDR notation): _____

Firewall name: _____

Network: default, devnetwork, mainnetowrk, stagenetwork

Direction of traffic: ingress egress

Action on Match: allow deny

targets: all instants in the network, specified targets tags, specified services accepting

source filter: IP ranges, source tags, service account

source IP ranges: 0.0.0.0/0, 10.120.0.0/20, 10.130.0.0/20, 10.140.0.0/20, 10.140.1.0/24

specified TCP port: TCP Port 22 TCP Port 3389 TCP Port 443 TCP port 23

admin will deploy on: default, devnetwork, mainnetowrk, stagenetwork

if the company want to deploy in Europe: default, devnetwork, mainnetowrk, stagenetwork

Network name: devnetwork

Subnet creation mode: Custom

Subnet name: devnetwork-120

Region: us-east1

IP address range (using CIDR notation): _____

Firewall name: _____

Network: devnetwork

Direction of traffic: ingress

Action on Match: allow

targets:
all instants in the network

source filter:
IP ranges,

source IP ranges: 0.0.0.0/0, 10.120.0.0/20

specified TCP port:
TCP Port 22 yes
TCP Port 3389 yes
TCP Port 443 yes
TCP port 23 no

admin will deploy on: mainnetowrk, stagenetwork

if the company want to deploy in Europe:
mainnetowrk

Network name: mainnetwork
Subnet name: mainnetwork-130 IP address range: 10.130.0.0/20
Firewall name: mainnetwork-allow

How well did you know this?

Not at all

Perfectly

A user mentions that a cloud-based data entry portal is not accessible. Engineers believe they have identified the problem as a client-side issue but are unsure of how prevalent it is across the system. What step should the engineers take next to solidify the problem?

A.Establish a theory
B.Question the obvious
C.Establish a plan
D.Determine the scope

D.Determine the scope

How well did you know this?

Not at all

Perfectly

A team of administrators look for clever ways to automate cloud systems and services to streamline Windows-based cloud server maintenance activities. What options do the administrators consider for reliability and efficiency? (Select all that apply.)

A.Log file archiving
B.Shutdowns and restarts
C.Installations and upgrades
D.Deploying containers

A.Log file archiving
B.Shutdowns and restarts
C.Installations and upgrades

How well did you know this?

Not at all

Perfectly

An engineer manages a new cloud deployment. Network devices in the cloud infrastructure are configured by using a software-defined (SDN) network approach. What plane controls packet management tasks or filters network traffic within and between segments?

A.MAC
B.IP
C.Control
D.Data

D.Data

How well did you know this?

Not at all

Perfectly

Engineers concern themselves with user density issues before moving to a cloud-based service. What approach can the engineers utilize to address any concerns? (Select all that apply.)

A.Capacity planning
B.Business needs
C.Trend analysis
D.Solution requirements

A.Capacity planning
C.Trend analysis

How well did you know this?

Not at all

Perfectly

Systems administrators need to configure cloud storage to handle large amounts of audio and video data that will be accessed frequently. The solution should be scalable and provide highly detailed metadata. Which storage type will provide the required capabilities?

A.Block
B.Object
C.File
D.Bucket

B.Object

How well did you know this?

Not at all

Perfectly

An organization considers a move from on-premise infrastructure to one in the cloud. Engineers at the organization are concerned with how to implement routers and switches. Which cloud subscription model would the engineers have to manage the routers and switches?

A.XaaS
B.PaaS
C.IaaS
D.SaaS

C.IaaS

How well did you know this?

Not at all

Perfectly

A developer troubleshoots building a cloud-based application. The application build process has run smoothly in the past, but now automation attempts continue but return a deprecation message in the process. IT staff recently upgraded the configuration management software. What is the likely cause of the problem?

A.Older configuration files contain deprecated settings.

B.Configuration management is trying to use an OS feature that no longer exists.

C.Configuration management tool version is incorrect.

D.An API does not match requirements for an associated data source.

A.Older configuration files contain deprecated settings.

How well did you know this?

Not at all

Perfectly

An IT support technician discovers that a Windows-based cloud instance requires a new driver to resolve an issue. Installing the driver pertains to which step in the troubleshooting process?

A.Establish a Plan of Action
B.Implement the Solution
C.Verify Full System Functionality
D.Implement Preventive Measures

B.Implement the Solution

How well did you know this?

Not at all

Perfectly

A large firm looks to move its systems to the cloud. Security responsibility is of great concern. In a shared security model, which areas are a cloud service provider (CSP) responsibility? (Select all that apply.)

A.Compute
B.Storage
C.Traffic
D.Authentication

A.Compute
B.Storage

How well did you know this?

Not at all

Perfectly

To control costs, an administrator needs to set storage quotas for file shares on a Windows cloud-based server. What options exist to set quotas? (Select all that apply.)

A.By instance
B.By user
C.By group
D.By partition

B.By user
C.By group
D.By partition

How well did you know this?

Not at all

Perfectly

Top level engineers compile a document to address disaster recovery management techniques. Of interest to stakeholders is the recovery time objective (RTO). How do engineers describe this metric?

A.The time needed to maintain an organization’s business continuity

B.The time between a disaster and the most recent backup

C.The time necessary to return a service to its fully operational status

D.The time between server or system failures

A.The time needed to maintain an organization’s business continuity

How well did you know this?

Not at all

Perfectly

A cloud-based application needs to support file sharing for both Windows and non-Windows clients. Which two protocols should the administrator implement? (Select all that apply.)

A.VPC
B.NFS
C.CIFS
D.EFS

B.NFS
C.CIFS

How well did you know this?

Not at all

Perfectly

During a cloud storage service rollout, engineers opt to use a storage system that utilizes the common internet file system (CIFS). Which storage type do engineers deploy?

A.Block
B.File
C.Object
D.Bucket

B.File

How well did you know this?

Not at all

Perfectly

Cloud engineers microsegment a network to secure sections from each other based on workload. When considering the granularity of the segments, which aspect is critical?

A.Reduced attack surface
B.Independent governance
C.Increased compliance
D.Scaling ability

B.Independent governance

How well did you know this?

Not at all

Perfectly

Top level engineers create a set of policies to address disaster recovery management techniques. There is a great deal of emphasis on the mean time to recovery (MTTR). How do engineers describe this metric?

A.The time needed to maintain an organization’s business continuity

B.The time between a disaster and the most recent backup

C.The time necessary to return a service to its fully operational status

D.The time between server or system failures

C.The time necessary to return a service to its fully operational status

How well did you know this?

Not at all

Perfectly

A cloud service at an organization should only allow for logins based on a user’s specific and authorized location. Which technologies do security engineers suggest using to comply with this requirement? (Select all that apply.)

A.VLAN
B.IP
C.GPS
D.SSH

A.VLAN
B.IP
C.GPS

How well did you know this?

Not at all

Perfectly

Engineers decide to use IPsec encapsulation to encrypt a portion of network communications between two cloud servers. As network bandwidth is a concern, how do engineers configure the encryption? (Select all that apply.)

A.The engineers use tunnel mode

B.The engineers use transport mode

C.The engineers use data encryption rules

D.The engineers implement key exchange

B.The engineers use transport mode

C.The engineers use data encryption rules

How well did you know this?

Not at all

Perfectly

You are a cloud systems administrator for a Deep Learning and Artificial Intelligence (AI) applications research laboratory. The organization outsources cloud services from a third-party cloud service provider (CSP), in this case, Amazon Web Services (AWS) Amazon Elastic Compute Cloud (EC2). It is your responsibility to manage virtual machine (VM) instances for the laboratory.

The types of analysis tasks and their instance requirements are as follows:

of vCPUs
task 1: 2, 8, 16, 32, 64, 96
task 2: 2, 8, 16, 32, 64, 96
task 3: 2, 8, 16, 32, 64, 96

Memort size (GiB)
task 1: 16, 32, 64, 128, 384
task 2: 16, 32, 64, 128, 384
task 3: 16, 32, 64, 128, 384

Instance storage
task 1: EBS-only, 8 x 1 TB NVMe SSD
task 2: EBS-only, 8 x 1 TB NVMe SSD
task 3: EBS-only, 8 x 1 TB NVMe SSD

network bandwith (Gbps)
task 1: 10, 100
task 2: 10, 100
task 3: 10, 100

instance type
task 1: Accelerated computing, compute optimized, memory optimized
task 2: Accelerated computing, compute optimized, memory optimized
task 3: Accelerated computing, compute optimized, memory optimized

Define numbers of NVIDIA GPUs
task 1: 0, 2, 4, 8
task 2: 0, 2, 4, 8
task 3: 0, 2, 4, 8

use GPU auto boost
task 1: yes, no
task 2: yes, no
task 3: yes, no

regarding cost task 1, task 2, task 3

based on this exercose: CPU, GPU, Memory

of vCPUs
task 1: 16, 64, 96
task 2: 32, 64, 96
task 3: 16, 64, 96

Memort size (GiB)
task 1: 64, 128
task 2: 64
task 3: 16, 384

Instance storage
task 1: EBS-only,
task 2: EBS-only,
task 3: 8 x 1 TB NVMe SSD

network bandwith (Gbps)
task 1: 10
task 2: 10
task 3: 100

instance type
task 1: memory optimized
task 2: compute optimized
task 3: Accelerated computing

Define numbers of NVIDIA GPUs
task 1: 0
task 2: 2
task 3: 8

use GPU auto boost
task 1: no
task 2: yes
task 3: yes

regarding cost task 1,
based on this exercose: GPU

How well did you know this?

Not at all

Perfectly

An administrator new to automation and orchestration looks for help on the subject. If a colleague recommends using playbooks, which tool does the administrator use?

A.Chef
B.Puppet
C.Ansible
D.Powershell

C.Ansible

How well did you know this?

Not at all

Perfectly

Support technicians establish a plan of action to resolve a cloud server issue. What should the technicians consider in this plan? (Select all that apply.)

A.Service interruptions
B.Likely cause
C.Problem scope
D.Data loss

A.Service interruptions
D.Data loss

How well did you know this?

Not at all

Perfectly

A systems administrator implements a 3-2-1 backup rule. What does this storage scheme provide? A.Three weeks retention, two sets of data, one copy offsite B.Three media types, two backup jobs, one week retention C.Three copies of data, two different media types, one copy offsite D.Three verification passes, two offsite copies, one backup job

C.Three copies of data, two different media types, one copy offsite

Key stakeholders gather for a post-incident meeting after experiencing a service disruption in a crucial cloud application. Communication between the support team and management did not go well during the incident. Which topics do the stakeholders focus on during this meeting? (Select all that apply.) A.Lessons Learned B.Root Cause Analysis C.Standard Operating Procedures D.Device Documentation

A.Lessons Learned C.Standard Operating Procedures

In following best practice, what does an engineer document throughout a service’s lifecycle as it relates to troubleshooting? (Select all that apply.) A.Process B.Findings C.Actions D.Outcomes

B.Findings C.Actions D.Outcomes

An organization deploys an application in a cloud-based infrastructure. The application has a one-time fee that is good for the life of the current version. Which license model does the organization purchase? A.Volume B.Perpetual C.Socket D.Subscription

B.Perpetual

One organization acquires another organization. In combining cloud infrastructures from each, a directive to rename servers to a standard format is issued. After doing so, many servers are no longer reachable by host name. What configuration should support engineers check? A.Subnet masks B.Static IP addresses C.Static resource records D.Firewall ACLs

C.Static resource records

An organization mandates that a multifactor authentication solution is in place to access a cloud-based database. Which solution uses what you know and what you have authentication methods? A.Password, Retina scan B.Retina scan, Smart card C.Fingerprint reader, Hardware token D.Password, Hardware token

D.Password, Hardware token

# of virtual host: ___ (incert) (incert) (incert) An IT services company in California (in the Western United States) has hired you as a cloud architect to determine their company’s needs prior to transitioning over to a cloud platform. The end goal is to modernize the company’s IT infrastructure and better manage IT costs. The company uses a VMware infrastructure on-premises to host Active Directory Domain Services (AD DS), web services, file services, print services, and backup services. Your IT manager is hesitant to transition all operational services over at one time and would prefer a slower transition by extending web and file services to the cloud. However, the manager is interested in moving print services completely to the cloud. Backup services will remain as is. Taking this approach will allow time for the company’s VMware administrators to learn cloud administration using a familiar interface while still taking advantage of other cloud solutions that would auto-scale the company’s web services based on customer demand. The company would also like to find a way to integrate a cloud identity service with the company’s existing AD infrastructure. Looking at the Google Cloud Platform (GCP) as one possible solution, you must select the cloud products and services that will fulfill the company’s needs so you can discuss prices with a sales representative. Current On-premises Infrastructures: VMware vSphere with 15 rack servers 1000 TB capacity of storage appliances Office PCs – Users must have their own desktop Current On-premise Services with Redundancies: AD DS Print File Web Backup Google Cloud Services General Information: Google Cloud VMware Engine (GCVE) deploys at least three virtual hosts with vSphere services and includes a VMware HCX migration tool. Google Cloud Storage uses basic cloud storage to store user data and other data. Google Compute Engine deploys virtual instances with available autoscaling policies. Google Bare Metal uses isolated hardware to run specialized workloads. Google Cloud Identity provides federating services with existing identity management system. appropriate cloud environment to deploy: hybrid cloud, on-premises cloud, private cloud GCP solution: google cloud VMware Engine (GCVE), google cloud storage, google compute engine, google bare metal service region: asia-notheast, europe-west2, europe-west3, us-east4, us-west2 ad services VMware VM, bare, metal environment, google cloud identity, google compute instance, N/A; keep on-premises backup services: VMware VM, bare, metal environment, google cloud identity, google compute instance, N/A; keep on-premises file services: VMware VM, bare, metal environment, google cloud identity, google compute instance, N/A; keep on-premises Web services: VMware VM, bare, metal environment, google cloud identity, google compute instance, N/A; keep on-premises cloud solution for backup: infrastructure as a service (IaaS), N/A; keep on-premises, Platform as a service (PaaS), software as a service (SaaS), storage as a service (STaaS), Virtual desktop indrastricture (VDI) of virtual host: ___ (incert) (incert) (incert) for the (incert) you have backup x2 web x2 file x2 print x2

appropriate cloud environment to deploy: hybrid cloud, GCP solution: google cloud VMware Engine (GCVE) service region: us-west2 ad services: VMware VM, bare, metal environment, google cloud identity, backup services: N/A; keep on-premises file services: VMware VM Web services: google compute instance cloud solution for backup: N/A; keep on-premises on premasess of virtual host: 15 Web File backup google cloud of virtual host: 3 File web Print

A developer creates a cloud application with an infrastructure as code (IaC) approach. Engineers opt to use an automation tool to match the desired state to the device that will host the application. Which specific IaC method do the engineers utilize? A.Declarative B.Imperative C.Manual D.Scaled

A.Declarative

While practicing a patch management strategy, a systems administrator decides to follow a N -1 approach. What does the administrator document as a negative to this approach? A.Vulnerability B.Rollback C.Testing D.Automation

A.Vulnerability

A significant update for a cloud-based application is available. IT support decides to install the update on a small percentage of systems to monitor behavior before deploying the update to the entire environment. Consider the different upgrade methods and determine which one IT support implements. A.Blue-green B.Canary C.Rolling D.Automated

B.Canary

An engineer manages a new cloud deployment. Network routers in the virtual private cloud (VPC) are configured differently depending on the router’s role in the network. Which configuration type has manual route entries? A.Static B.Dynamic C.Subnetted D.Forwarded

A.Static

An engineer documents information through its lifecycle, including creation, use, storage, and destruction. Which diagram type does the engineer create? A.Network B.Data C.Stateful D.Stateless

B.Data

Two cloud-based servers replicate customer data. Engineers are unhappy with the current configuration as it may lead to data loss in the event of a single server failure. To avoid such loss, what replication type do engineers plan on using? A.Asynchronous B.Synchronous C.Primary D.Secondary

B.Synchronous

A new virtual private cloud utilizes several virtual local area networks (VLANs). What should an administrator know in order to manage a VLAN? (Select all that apply.) A.Data frames are tagged with VLAN information B.Functionality is at layer 2 in the OSI model C.Tagging data frames with VLAN information segments the network at layer 2 D.Any device can communicate with a member of any VLAN

A.Data frames are tagged with VLAN information B.Functionality is at layer 2 in the OSI model C.Tagging data frames with VLAN information segments the network at layer 2

A systems administrator encounters a misconfiguration for a cloud instance. Which of the following should be checked? A. Oversubscription of compute resources. B. Storage capacity and type (SSD versus HDD). C. Automation tools. D. Network latency.

C. Automation tools.

An entertainment company deploys a virtual server farm for a cloud-based gaming event. Which configuration do engineers use to ensure the highest visual experience possible? A.Shared virtual graphics processing unit B.Pass-through graphics processing unit C.Optimizing instructions per cycle D.Hyperconverged virtualization combination

B.Pass-through graphics processing unit

Which goal of data encryption is concerned with the proof that data exists or was transmitted by the party who created or transmitted the data? A.Non-repudiation B.Confidentiality C.Integrity D.Redundancy

A.Non-repudiation

An administrator new to using Git tries to build a repository for a cloud application. Which command does the administrator use to place the code in the remote repository? A.git merge B.git clone C.git commit D.git push

D.git push

A cloud service roadmap may vary; however, a general roadmap will include which primary phases? (Select all that apply.) A.Development B.Configuration C.Deprecation D.Management

A.Development C.Deprecation

Users at an organization complain that access to a new cloud service is very slow. The organization manages the service infrastructure through a contract with a CSP. As there are no on-premises servers or services, which cloud-based service areas do the engineers investigate? (Select all that apply.) A.ISP bandwidth B.Data location C.Virtual infrastructure D.Local firewall

B.Data location C.Virtual infrastructure

Network devices in cloud infrastructure are configured by using a software-defined (SDN) network approach. An engineer uses which management plane to program multiple network devices? A.IP B.Data C.Mac D.Control

D.Control

Engineers discover that a VPC has a set of misconfigured virtual routers. As a result, traffic is not passing between different network segments. Engineers establish and test a theory on the cause, which is results in a founded solution. What troubleshooting step is taken next? A.Implement preventive measures B.Perform a root cause analysis C.Establish a plan of action D.Determine the scope

C.Establish a plan of action

Which benefits does a type 1 hypervisor provide over a type 2 hypervisor? (Select all that apply.) A.Indirect hardware access B.Separate management interface C.Better performance D.Increased security

C.Better performance D.Increased security

An engineer configures cloud storage access for a variety of data purposes. Which access type is appropriate for frequently used project files? A.Cool B.Hot C.Archive D.Redundant

B.Hot

An engineer configures a new virtual machine (VM) in the cloud. After a few days of use, the engineer notices that the server functions properly, but the time on the VM differs by a few minutes than the host. The host uses an authoritative time source and a policy synchronizes time with other servers on the network. How does the engineer remedy this issue? A.With a host time source B.With a manual adjustment C.With a new local IP address D.With guest extensions

D.With guest extensions

The results of a recent audit mandate that an organization hardens cloud-based server operating systems. Which steps do systems administrators take? (Select all that apply.) A.Perform system updates B.Set a BIOS password C.Control remote access D.Disable unused services

A.Perform system updates C.Control remote access D.Disable unused services

An organization looks to reduce cloud-based storage costs. What hardware level features should the organization consider for reducing storage usage and costs? (Select all that apply.) A.Compression B.Replication C.Deduplication D.Scalability

A.Compression C.Deduplication

An organization configures several virtual server instances in the cloud. Status reports indicate that the host system continuously utilizes a memory ballooning feature. What does this feature indicate to the engineers that monitor the systems? A.The host is unaware of actual memory use B.The host is experiencing a paging problem C.The host is experiencing a swapping problem D.The host does not have enough memory

D.The host does not have enough memory

web application receives updates every six months. The production and staging environments alternate on the same schedule as the updates. What type of release model is in practice? A.Canary B.Testing C.Blue-green D.Migration

C.Blue-green

A web application firewall requires configuration to protect a group of cloud services. Which parameters would protect the services if access is required only from a particular source location? (Select all that apply.) A.IP B.Country C.Protocol D.Port

A.IP B.Country

A server in a virtual private cloud cannot access a storage service on the distant side of a router. Which command does an administrator use to find the network path the server uses to the service? A.tracert B.netstat C.curl D.arp

A.tracert

Security consultants plan on performing disaster recovery testing for an organization with a large cloud presence. Plans are being considered, and recommendations are being made. Which test type is in progress? A.Walk-through B.Paper test C.Table-top D.Cutover

B.Paper test

While deploying an online eCommerce server, an organization states that in the event of a system crash, 8-10 hours of data loss is all that it can tolerate. When documenting a disaster recovery plan, engineers use this information for which metric? A.RPO B.RTO C.MTTR D.SLA

A.RPO

An orchestration workflow combines five automated steps to deploy a cloud-based conferencing server. What does an administrator ensure when using the workflow? A.That each step is related to the next B.That steps apply to the same service C.That changes do not require authentication D.That testing is performed between each automation step

D.That testing is performed between each automation step

A new virtual private cloud includes several servers that respond to public HTTPS requests. An engineer configures the servers to utilize load balancing to respond to requests more efficiently. How does load balancing work when the least busy server is configured to receive the next work cycle? A.It uses a round robin approach B.It uses quality of service C.It uses a dynamic algorithm D.It uses a static algorithm

C.It uses a dynamic algorithm

Engineers implement a redundant array of independent disks (RAID) in all production physical cloud servers after experiencing a disaster recovery issue. When considering the troubleshooting methodology, which step are the engineers following during this implementation? A.Establish a Plan of Action B.Implement the Solution C.Verify Full System Functionality D.Implement Preventive Measures

D.Implement Preventive Measures

Several cloud-based virtual servers power a public facing website. Thin storage provisioning of the servers is set to a maximum of 200 GB. What is the cost if 150 GB of space is in use? A.The cost only applies to the storage space in use. B.The cost applies to the storage space maximum. C.The cost is prorated based on the maximum less the minimum space. D.The cost is a predefined flat fee.

A.The cost only applies to the storage space in use.

A cloud-based server infrastructure for an organization is currently not available. Engineers determine that all of the virtual machines (VM) on a host and the host itself are shut down. What VM management approach helps to avoid such a situation? (Select all that apply.) A.Clustering B.Affinity C.Replication D.Anti-Affinity

A.Clustering D.Anti-Affinity

A security administrator would like to implement a single sign-on (SSO) for a series of cloud linked databases from different vendors. Which potential solution does the administrator investigate? A.AD B.SAML C.IAM D.MFA

B.SAML

You are the primary network administrator for a startup producing Artificial Intelligence (AI) applications using transformer-based Natural Language Processing (NLP) models in conjunction with various forms of image processing and object recognition. As such, you are responsible for all critical aspects of server administration. A multinational corporation recently acquired your development team, and your new boss has tasked you with establishing a new network with a new server and hardware. You will also be responsible for configuring developers' workstations. All workstations are thin clients running on containers on the server. There are two types of workstations: High-end Deep Learning workstations that come complete with 4 NVIDIA GPUs with a total of 160 GB of high-speed graphics memory interconnected with NVIDIA NVLink SXM4 technology. Each unit has 7.68 TB of local storage and supports up to 12 developers simultaneously. Low-cost thin clients with 128 GB of local storage (most storage takes place on the server). The device predetermines the workstation type. The second type of thin client is for administrative and clerical use. You will use Infrastructure as Code (IAC) to write scripts to securely automate the creation of new containers and to automate the installation of operating system (OS) source files on both the server and the workstations at the same time. Once configured and run, you will set these scripts to run task-by-task without the need for intervention from you. Swarm can accomplish container creation and management to manage Docker containers. Puppet or Bash can perform the initial installation of services, and Puppet can achieve routine automation operations. Automation Tasks to Code for Based on Device: Virtualization server setup: Install the virtualization service on the server Install an NFS shared space on the server Copy important files to the shared storage space Virtual machine creation: Configure and spin up a virtual machine appropriate to the workstation type (graphic design or clerical) Install the OS that is appropriate to the workstation type Configure the OS. Routine operations: On a weekly basis, perform software updates for both types of container and OS. The following requirements are in place for the VMs: Install Red Hat Enterprise Linux 8 (RHEL8) as the OS for the development containers, and Windows 10 for the containers intended for clerical use. Install Red Hat Enterprise Linux Server (RHELS) on the server. XFS is the default file system for RHEL8 and RHELS. The server will provide shared space using the Network File System (NFS) protocol. choose the library you will install: KVM, LXD why did you choose this lib: amazon web services inscernce managment, container managerment, virtrualization managment complete the terminal command sudo APT-get install: install-kvm.sh, lxd, qemu-kvm, ssh, virt-install choose the command that will check your system: kvvm-ok, locate, lxd init, pwd, touch now use the selectores to complete the command: df, egrep, -c 'im': /dev/cpuinfo, /ect/cpuinfo, /proc/cpuinfo after adding your admin username to groups change: firewall status, ownership of the directory, root password, server roles to: custom, DHCP, disabled, nobody:nogroup for the development clients install: BeOS Haiku R1 Beta 2, CentOS 8.3, RedHat Enterprise Linux 8, Ubuntu 20.04 (focal fassa), Ubuntu jeOS 8.10 (intrepid ibex), windows 10 for the low-cost thin client install: BeOS Haiku R1 Beta 2, CentOS 8.3, RedHat Enterprise Linux 8, Ubuntu 20.04 (focal fassa), Ubuntu jeOS 8.10 (intrepid ibex), windows 10 of the fallowing options ansible yes, no bash script yes, no chef yes, no terraform yes, no puppet yes, no python yes, no powershell yes, no

choose the library you will install: LXD why did you choose this lib: container managerment complete the terminal command sudo APT-get install: lxd choose the command that will check your system: kvvm-ok, lxd init, pwd, touch now use the selectores to complete the command: egrep, -c 'im': /dev/cpuinfo, /proc/cpuinfo after adding your admin username to groups change: firewall status, ownership of the directory, server roles to: custom, disabled, nobody:nogroup for the development clients install: BeOS Haiku R1 Beta 2, CentOS 8.3, RedHat Enterprise Linux 8, Ubuntu jeOS 8.10 (intrepid ibex), windows 10 for the low-cost thin client install: BeOS Haiku R1 Beta 2, CentOS 8.3, Ubuntu 20.04 (focal fassa), Ubuntu jeOS 8.10 (intrepid ibex), windows 10 of the fallowing options ansible yes, bash script yes, chef yes, terraform yes, puppet yes, python yes, powershell yes,

A corporate counsel reviews established service level agreements for cloud services a company offers. What areas do these agreements cover? (Select all that apply.) A.Escalation B.Troubleshooting C.Compensation D.Downtime

C.Compensation D.Downtime

Which security solution plays an active role in preventing threats from impacting a system? A.HIDS B.IPS C.API D.MAC

B.IPS

An engineer monitors a system for excessive system load as it relates to processes. Which metric does the engineer record when considering the number of logical processors in the system? A.Queue length B.Period of time C.Physical CPUs D.CPU efficiency

A.Queue length

A systems administrator plans a system upgrade to several cloud-based network devices. Which approach fulfills the administrator's decision to upgrade a few systems during a scheduled period in order to evaluate updates prior to a general roll out? A.Blue-green B.Rolling C.Canary D.Percentage

C.Canary

Which update type does an engineer use to apply numerous patches to a system at one time? A.Signature B.Rollup C.Hotfix D.Patch

B.Rollup

An engineer resolves an issue where a single cloud resource was not available to end users. For what reason does the engineer then document a root cause analysis? A.To perform testing for functionality B.To identify the problem C.To evaluate why the problem occurred D.To preemptively reconfigure services

C.To evaluate why the problem occurred

Multifactor access to a cloud management workstation fails for a systems administrator. The system administrator reports that the system accepted a password but will not accept a smart card with embedded credential data. What does a security team determine the problem to be? (Select all that apply.) A.An incorrectly assigned user role B.An expired certificate C.A revoked certificate D.A disabled account

B.An expired certificate C.A revoked certificate

Engineers configure encryption on two cloud servers. As data integrity is a priority concern, what do the engineers hope to achieve by using file hashes? A.Proof of access B.Data privacy C.Authorized viewing only D.File change monitoring

D.File change monitoring

Several cloud-based virtual machines (VM) routinely experience a severe loss of performance. Engineers discovered that the issue occurs when one VM renders 3D models. What graphics configuration should the VMs use? A.Physical B.Shared C.Pass-through D.Virtual

C.Pass-through

How would engineers reconfigure memory for a server instance using AWS? A.Change the instance type B.Modify properties within the instance C.Reconfigure the instance D.Modify properties outside the instance

A.Change the instance type

A virtualized cloud system requires the authentication of the hardware that it runs on and utilizes a virtual trusted platform module (vTPM). Where does the vTPM reside? A.In the hypervisor management console B.In the host BIOS C.In the hypervisor D.In the VM

C.In the hypervisor

A systems administrator evaluates various environments for a cloud-based microservice. The goal is to save costs while providing the resources the microservice needs. Which environment does the administrator utilize? A.Container B.Server C.Instance D.Storage

A.Container

Users mention that some private cloud services are accessible while others are not. An engineer determines that the access control lists (ACLs) need to be modified. What does the engineer find the default ACL to be for a service? A.Inbound denied, outbound allowed B.Inbound allowed, outbound denied C.Inbound denied, outbound denied D.Inbound allowed, outbound allowed

A.Inbound denied, outbound allowed

Engineers at an organization prepare for cloud migration. The services that will move are internal and proprietary in nature. What migration type and cloud type result from this move? A.Cloud-to-on premises, Private cloud B.On premises-to-cloud, Hybrid cloud C.On premises-to-cloud, Private cloud D.Cloud-to-cloud, Community cloud

C.On premises-to-cloud, Private cloud

An organization using a hybrid cloud deployment is experiencing issues with Active Directory synchronization between cloud-based and on-premise servers. Engineers have determined that they cannot ping devices beyond the local physical gateway, but cloud-based devices can still be pinged. What might be causing the issue? A.CSP Outage B.ISP outage C.On-premise outage D.Server outage

B.ISP outage

A lifecycle roadmap tracks the phases of a system or service. Which phase in the lifecycle does an IT department expect to last the longest? A.Maintenance B.Development C.Deprecation D.Deployment

A.Maintenance

A developer experiences a dependency compatibility issue while working on several Java based web applications. Each application has differing dependency requirements and will not run alongside each other on a development workstation. There is a need to have all applications running at the same time. How does the developer efficiently solve this problem? A.Use a template to quickly spin up virtual machines B.Place a software firewall between the applications C.Deploy a container for each application D.Place dependencies in separate folders

C.Deploy a container for each application

A load balancer does not work as intended. All traffic should be evenly distributed amongst the servers. How should the engineer reconfigure load balancing? A.With a dynamic algorithm B.As round robin C.With a static algorithm D.With ACL filtering

C.With a static algorithm

An organization looks to provide a cloud portal to an unaffiliated audience through a 3rd party service. Which cloud model does the organization deploy? A.Public B.Private C.Community D.Hybrid

A.Public

n organization prepares to release a cloud-based service to the public. In which environment do engineers perform quality assurance testing? A.Development B.Monitoring C.Production D.Staging

D.Staging

A cloud server requires a license for each virtual CPU that is in use. Which license type does the IT department purchase? A.Core B.Socket C.Volume D.Perpetual

A.Core

A cloud engineer configures virtualized services for a new cloud-based application rollout. Which resource area does the engineer focus attention on to determine general I/O functionality requirements? A.Data B.Compute C.Network D.Virtualization

B.Compute

A systems administrator evaluates the performance of cloud-based servers. In doing so, a monitoring baseline is set. What does the administrator accomplish? A.Establishing monitoring protocols B.Estimating the performance or stability of a given service or system C.Clearing of any full event logs D.Establish continuous monitoring

B.Estimating the performance or stability of a given service or system

An administrator configures the syslog logging service on cloud-based servers to forward logs to a central location. The forwarding is currently not working correctly. Where can the administrator find the logs? A.In the /logs directory B.In the root of the c drive C.In the /etc directory D.In the /var/log directory

D.In the /var/log directory

CompTIA Cloud+ Final Assessment Flashcards

(88 cards)