Deck 2 Flashcards by Jackie Castillo

Cloud deployment model that alleviates the responsibility for management of the infrastructure since they are by definition hosted by a public cloud provider such as AWS, Azure, or Google Cloud. This model utilizes shared infrastructure & offers the same spare demand on a pay-as-you-need-it basis.

Private Cloud
Public Cloud
Community Cloud
Hybrid

Public Cloud

How well did you know this?

Not at all

Perfectly

Cloud deployment model where sometimes its referred to as a data center - it resides on a company’s own infrastructure, typically firewall protected and physically secured. This cloud deployment model utilizes an organization’s own infrastructure. An organization with this cloud model still has to build and maintain all kinds of servers to meet spikes in demand across various divisions or functions.

Private Cloud
Community Cloud
Public Cloud
Hybrid

Private Cloud

How well did you know this?

Not at all

Perfectly

This cloud deployment model is a multitenant platform that is accessible only for a specific subset of customers/allows several companies work on the same platform, given that they have similar needs and concerns.. This cloud model is for people with similar needs.

Private Cloud
Public Cloud
Community Cloud
Hybrid Cloud

Community Cloud

How well did you know this?

Not at all

Perfectly

This cloud model refers to a mixed computing, storage, and services environment made up of a variety of cloud deployment models —that include things such as Amazon Web Services (AWS) or Microsoft Azure—with orchestration among the various platforms.

Private Cloud
Public Cloud
Community Cloud
Hybrid Cloud

Hybrid Cloud

How well did you know this?

Not at all

Perfectly

____ is like a system restore. It gives you a restoration point.

Backup
Snapshot
Image

Snapshot

How well did you know this?

Not at all

Perfectly

This scaling technique where you add more power (CPU, RAM) to an existing machine. “Makes a machine Bigger”

Horizontal Scaling
Vertical Scaling

Vertical scaling

How well did you know this?

Not at all

Perfectly

This scaling technique where you add more machines into your pool of resources. This technique makes another one and/or creates new resources

Vertical Scaling
Horizontal Scaling

Horizontal Scaling

How well did you know this?

Not at all

Perfectly

a program used to run and manage one or more virtual machines on a computer.

Hypervisor
Container
Docker

Hypervisor

How well did you know this?

Not at all

Perfectly

What type of hypervisor is native, runs on bare metal/runs directly on the host’s hardware to control the hardware and to manage guest operating systems.

Type 1
Type 2

Type 1

How well did you know this?

Not at all

Perfectly

What type of hypervisor runs on top of an operating system

Type 1
Type 2

Type 2

How well did you know this?

Not at all

Perfectly

A CPU feature that allows two or more instruction threads to execute independently while sharing the same process resources. Splits an app over multiple CPU cores. Dividing up work for simultaneous processing. Instead of giving a large workload to a single core, threaded programs split the work into multiple software threads. These threads are processed in parallel by different CPU cores to save time. Executes multiple threads in a single process simultaneously.

Multithreading
VCPU
Threading

Multithreading

How well did you know this?

Not at all

Perfectly

A process by which a CPU divides up its physical cores into virtual cores that are treated as if they are actually physical cores by the operating system. This type of threading allows multiple threads to run on each core, this means more work can be done in parallel. In this process, a single physical processor converts into two virtual processors while

Multithreading
Hyperthreading
vCPU

Hyperthreading

How well did you know this?

Not at all

Perfectly

A computer processor that renders graphics on a virtual machine’s host server rather than on a physical endpoint device.

GPU
CPU
VGPU

VGPU (Virtual graphics processing unit)

How well did you know this?

Not at all

Perfectly

A technology that allows the Linux kernel to directly present an internal PCI GPU to a virtual machine. The device acts as if it were directly driven by the VM, and the VM detects the PCI device as if it were physically connected.

Pass through GPU’s
GPU
CPU

How well did you know this?

Not at all

Perfectly

Term that means to bring everything into one

Hypervisor
Hyperconverged
MultiProcessing

How well did you know this?

Not at all

Perfectly

____refers to a geographically distributed group of network of proxy servers and their datacenters that work together to provide fast delivery of Internet content. The goal is to provide high availability and performance by distributing the service spatially relative to end users.

NGFW
CDN
DoH

CDN (Content Delivery Network)

How well did you know this?

Not at all

Perfectly

RDP is what port

123
53
3389

3389

How well did you know this?

Not at all

Perfectly

A network virtualization technology that attempts to alleviate the scalability problems associates with large cloud computing deployments. It is a network virtualization method that uses encapsulation and tunneling to provide subnets with large numbers of virtual LANs. This gives the virtual network to transport multiple payload types.

VXLAN
GENEVE
NVGRE

NVGRE

How well did you know this?

Not at all

Perfectly

The maximum amount of downtime your business can tolerate without incurring a significant financial loss.

RPO
RTO
MTF

RTO

How well did you know this?

Not at all

Perfectly

____ Refers to the point in time in the past to which you will recover. Describes a period of time in which an enterprises operations must be restored following a disruptive event.

RTP
RPO
MTTF

RPO

How well did you know this?

Not at all

Perfectly

____ is a computer data storage architecture that manages data as objects, as opposed to other storage architectures like file systems which manages data as a file hierarchy, and block storage which manages data as blocks within sectors and tracks.

DB Storage
Object Storage
File Storage

Object Storage

How well did you know this?

Not at all

Perfectly

Which of the following service models would be used for a database in the cloud?

PaaS
CaaS
SaaS

SaaS

How well did you know this?

Not at all

Perfectly

A Chief information Security Officer needs to locate all of the assets with identified deviations and mitigation measures. Which of the following would help the CISO with these requirements?

An SLA Document
ADR Plan
SOC procedures

SOC procedures

How well did you know this?

Not at all

Perfectly

A systems administrator is deploying a VM and would like to minimize storage utilization by ensuring
the VM uses only the storage if needs. Which of the following will BEST achieve this goal?

A. Compression
B. Deduplication
C. RAID
D. Thin provisioning

D. Thin provisioning

How well did you know this?

Not at all

Perfectly

A database analyst reports it takes two hours to perform a scheduled job after onboarding 10,000 new users to the system. The analyst made no changes to the scheduled job before or after onboarding the users. The database is hosted in an IaaS instance on a cloud provider. Which of the following should the cloud administrator evaluate to troubleshoot the performance of the job? A. The laaS compute configurations, the capacity trend analysis reports, and the storage IOPS B. The hypervisor logs, the memory utilization of the hypervisor host, and the network throughput of the hypervisor C. The scheduled job logs for successes and failures, the time taken to execute the job, and the job schedule D. Migrating from laaS to on premises, the network traffic between on-premises users and the laaS instance, and the CPU utilization of the hypervisor host

C. The scheduled job logs for successes and failures, the time taken to execute the job, and the job schedule

A cloud administrator has deployed a new VM. The VM cannot access the Internet or the VMs on any other subnet. The administrator runs a network command and sees the following output IPV4 Address......................................172.16.31.38 Subnet Mask.......................................255.255.255.224 Default Gateway.................................172.16.31.254 The new VM can access another VM at 172.16.31.39. The administrator has verified the IP address is correct. Which of the following is the MOST likely cause of the connectivity issue? A missing static route A duplicate IP on the network Firewall issues The wrong gateway

A duplicate IP on the network

A systems administrator is creating a VM and wants to ensure disk space is not allocated to the VM until it is needed. Which of the following techniques should the administrator use to ensure? A. Deduplication B. Thin provisioning C. Software-defined storage D. iSCSI storage

B. Thin provisioning

A support engineer wants to prevent users from running malware on several IaaS compute instances. Which of the following will BEST achieve this objective? A. Encrypt all applications that users should not access. B. Set the execute filesystem permissions on the desired applications only. C. Implement an application whitelisting policy. D. Disable file sharing on the instance.

C. Implement an application whitelisting policy.

A technician just received the lessons learned from some recent data that was lost due to an onpremises file-server crash. The action point is to change the backup strategy to minimize manual intervention. Which of the following is the BEST approach for the technician to implement? A. Backup as a service B. RAID 1 C. Long-term storage D. New backup devices

C. Long-term storage

A systems administrator is trying to reduce storage consumption. Which of the following file types would benefit the MOST from compression? A. System files B. User backups C. Relational database D. Mail database

B. User backups

After a hardware upgrade on a private cloud system, the systems administrator notices a considerable drop in network performance. Which of the following is MOST likely the cause? A. The driver B. The memory C. The cluster placement D. The CPU

C. The cluster placement

An engineer is responsible for configuring a new firewall solution that will be deployed in a new public cloud environment. All traffic must pass through the firewall. The SLA for the firewall is 99.999%. Which of the following should be deployed? A. Two load balancers behind a single firewall B. Firewalls in a blue-green configuration C. Two firewalls in a HA configuration D. A web application firewall

C. Two firewalls in a HA configuration

A company is concerned about the security of its data repository that contains customer PII. A systems administrator is asked to deploy a security control that will prevent the exfiltration of such data. Which of the following should the systems administrator implement? A. DLP B. WAF C. FIM D. ADC

A. DLP

An update is being deployed to a web application, and a systems administrator notices the cloud SQL database has stopped running. The VM is responding to pings, and there were not any configuration changes scheduled for the VM. Which of the following should the administrator check NEXT? A. Logs on the VM B. Firewall on the VM C. Memory on the VM D. vGPU performance on the VM

A. Logs on the VM

A resource pool in a cloud tenant has 90 GB of memory and 120 cores. The cloud administrator needs to maintain a 30% buffer for resources for optimal performance of the hypervisor. Which of the following would allow for the maximum number of two-core machines with equal memory? A. 30 VMs, 3GB of memory B. 40 VMs, 1,5GB of memory C. 45 VMs, 2 GB of memory D. 60 VMs, 1 GB of memory

D. 60 VMs, 1 GB of memory

A cloud provider wants to make sure consumers are utilizing its IaaS platform but prevent them from installing a hypervisor on the server. Which of the following will help the cloud provider secure the environment and limit consumers’ activity? A. Patch management B. Hardening C. Scaling D. Log and event monitoring

D. Log and event monitoring

Which of the following would be the BEST option for discussion of what individuals should do in an incident response or disaster recovery scenario? A. A business continuity plan B. Incident response/disaster recovery documentation C. A tabletop exercise D. A root cause analysis

A. A business continuity plan

A systems administrator is trying to establish an RDP session from a desktop to a server in the cloud. However, the connection appears to be refused even through the VM is responding to ICMP echo requests. Which of the following should the administrator check FIRST? A. The firewall B. The subnet C. The gateway D. The services

D. The services

A system administrator is migrating a bare-metal server to the cloud. Which of the following types of migration should the systems administrator perform to accomplish this task? A. V2V B. V2P C. P2P D. P2V

D. P2V

A cloud engineer is responsible for managing a public cloud environment. There is currently one virtual network that is used to host the servers in the cloud environment. The environment is rapidly growing, and the network does not have any more available IP addresses. Which of the following should the engineer do to accommodate additional servers in this environment? A. Create a VPC and peer the networks. B. Implement dynamic routing. C. Enable DHCP on the networks. D. Obtain a new IPAM subscription.

A. Create a VPC and peer the networks.

A Chief Information Security Officer (CISO) is evaluating the company’s security management program. The CISO needs to locate all the assets with identified deviations and mitigation measures. Which of the following would help the CISO with these requirements? A. An SLA document B. ADR plan C. SOC procedures D. A risk register

C. SOC procedures

A VDI administrator has received reports from the drafting department that rendering is slower than normal. Which of the following should the administrator check FIRST to optimize the performance of the VDI infrastructure? A. GPU B. CPU C. Storage D. Memory

D. Memory

Which of the following service models would be used for a database in the cloud? A. PaaS B. laaS C. CaaS D. SaaS

D. SaaS

An organization suffered a critical failure of its primary datacenter and made the decision to switch to the DR site. After one week of using the DR site, the primary datacenter is now ready to resume operations. Which of the following is the MOST efficient way to bring the block storage in the primary datacenter up to date with the DR site? A. Set up replication. B. Copy the data across both sites. C. Restore incremental backups. D. Restore full backups.

A. Set up replication.

Users are experiencing slow response times from an intranet website that is hosted on a cloud platform. There is a site-to-site VPN connection to the cloud provider over a link of 100Mbps. Which of the following solutions will resolve the issue the FASTEST? A. Change the connection to point-to-site VPN B. Order a direct link to the provider C. Enable quality of service D. Upgrade the link to 200Mbps

C. Enable quality of service

A cloud administrator is building a new VM for machine-learning training. The developer requesting the VM has stated that the machine will need a full GPU dedicated to it. Which of the following configuration options would BEST meet this requirement? A. Virtual GPU B. External GPU C. Passthrough GPU D. Shared GPU

C. Passthrough GPU

A software development manager is looking for a solution that will allow a team of developers to work in isolated environments that can be spun up and torn down quickly. Which of the following is the MOST appropriate solution? A. Containers B. File subscriptions C. Ballooning D. Software-defined storage

A. Containers

A company is doing a cloud-to-cloud migration to lower costs. A systems administrator has to plan the migration accordingly. Which of the following considerations is MOST important for a successful, future-proof, and low-cost migration? A. Tier pricing B. Licensing C. Estimated consumption D. Feature compatibility

D. Feature compatibility

A systems administrator has finished installing monthly updates to servers in a cloud environment. The administrator notices certain portions of the playbooks are no longer functioning. Executing the playbook commands manually on a server does not work as well. There are no other reports of issues. Which of the following is the MOST likely cause of this issue? ``` A. Change management failure B. Service overload C. Patching failure D. Job validation issues E. Deprecated features ```

D. Job validation issues

A systems administrator swapped a failed hard drive on a server with a RAID 5 array. During the RAID resynchronization, a second hard drive failed. Which of the following actions will make the server fully operational? A. Restart the RAID resynchronization process B. Perform a P2V migration of the server C. Swap the failed hard drive with a fresh one D. Restore the server from backup

A. Restart the RAID resynchronization process

A vendor is installing a new retail store management application for a customer. The application license ensures software costs are low when the application is not being used, but costs go up when use is higher. Which of the following licensing models is MOST likely being used? A. Socket-based B. Core-based C. Subscription D. Volume-based

D. Volume-based

Which of the following cloud services is fully managed? ``` A. IaaS B. GPU in the cloud C. IoT D. Serverless compute E. SaaS ```

E. SaaS

A systems administrator needs to convert ten physical servers to virtual. Which of the following would be the MOST efficient conversion method for the administrator to use? A. Rebuild the servers from scratch B. Use the vendor’s conversion tool C. Clone the hard drive D. Restore from backup

C. Clone the hard drive

An IaaS application has a two-hour RTO and a four-hour RPO. The application takes one hour to back up its data or restore from a local backup file. A systems administrator is tasked with configuring the backup policy. Which of the following should the administrator configure to achieve the application requirements with the LEAST cost? A. Back up to long-term storage every night B. Back up to object storage every three hours C. Back up to long-term storage every four hours D. Back up to object storage every hour

D. Back up to object storage every hour

Lateral-moving malware has infected the server infrastructure. Which of the following network changes would MOST effectively prevent lateral movement in the future? A. Implement DNSSEC in all DNS servers B. Segment the physical network using a VLAN C. Implement microsegmentation on the network D. Implement 802.1X in the network infrastructure

B. Segment the physical network using a VLAN

A systems administrator is troubleshooting performance issues with a Windows VDI environment. Users have reported that VDI performance is very slow at the start of the work day, but the performance is fine during the rest of the day. Which of the following is the MOST likely cause of the issue? A. Disk I/O limits B. Affinity rule C. CPU oversubscription D. RAM usage

C. CPU oversubscription

A systems administrator is deploying a solution that requires a virtual network in a private cloud environment. The solution design requires the virtual network to transport multiple payload types. Which of the following network virtualization options would BEST satisfy the requirement? A. VXLAN B. STT C. NVGRE D. GENEVE

C. NVGRE

The security team for a large corporation is investigating a data breach. The team members are all trying to do the same tasks but are interfering with each other’s work. Which of the following did the team MOST likely forget to implement? A. Incident type categories B. A calling tree C. Change management D. Roles and responsibilities

D. Roles and responsibilities

A systems administrator recently deployed a VDI solution in a cloud environment; however, users are now experiencing poor rendering performance when trying to display 3-D content on their virtual desktops, especially at peak times. Which of the following actions will MOST likely solve this issue? A. Update the quest graphics drivers from the official repository B. Add more vGPU licenses to the host C. Instruct users to access virtual workstations only on the VLAN D. Select vGPU profiles with higher video RAM

D. Select vGPU profiles with higher video RAM

Which of the following will mitigate the risk of users who have access to an instance modifying the system configurations? A. Implement whole-disk encryption B. Deploy the latest OS patches C. Deploy an anti-malware solution D. Implement mandatory access control

D. Implement mandatory access control

A systems administrator is configuring RAID for a new server. This server will host files for users and replicate to an identical server. While redundancy is necessary, the most important need is to maximize storage. Which of the following RAID types should the administrator choose? A. 5 B. 6 C. 10 D. 50

C. 10

An organization has multiple VLANs configured to segregate the network traffic. Following is the breakdown of the network segmentation: ``` Production traffic (10.10.0.0/24) Network backup (10.20.0.0/25) Virtual IP network (10.20.0.128/25) ``` Server Interface IP Address Gateway COMPSVR01 Production 10.10.0.12/24 10.10.0.1 COMPSVR01 Network Backup 10.20.0.12/25 10.20.0.1 The backup administrator observes that the weekly backup is failing for this server. Which of the following commands should the administrator run to identify the issue? A. ROUTE PRINT B. NETSTAT -A C. IPCONFIG /ALL D. NET SM

A. ROUTE PRINT

An OS administrator is reporting slow storage throughput on a few VMs in a private IaaS cloud. Performance graphs on the host show no increase in CPU or memory. However, performance graphs on the storage show a decrease of throughput in both IOPS and MBps but not much increase in latency. There is no increase in workload, and latency is stable on the NFS storage arrays that are used by those VMs. Which of the following should be verified NEXT? A. Application B. SAN C. VM GPU settings D. Network

D. Network

A systems administrator is informed that a database server containing PHI and PII is unencrypted. The environment does not support VM encryption, nor does it have a key management system. The server needs to be able to be rebooted for patching without manual intervention. Which of the following will BEST resolve this issue? A. Ensure all database queries are encrypted B. Create an IPSec tunnel between the database server and its clients C. Enable protocol encryption between the storage and the hypervisor D. Enable volume encryption on the storage E. Enable OS encryption

C. Enable protocol encryption between the storage and the hypervisor

A systems administrator recently upgraded the processors in a web application host. Upon the next login, the administrator sees a new alert regarding the license being out of compliance. Which of the following licensing models is the application MOST likely using? A. Per device B. Per user C. Core-based D. Volume-based

C. Core-based

A company is utilizing a private cloud solution that is hosted within its datacenter. The company wants to launch a new business application, which requires the resources below: The current private cloud has 30 vCPUs and 512GB RAM available. The company is looking for a quick solution to launch this application, with expected maximum sessions to be close to 24,000 at launch and an average of approximately 5,000 sessions. Which of the following solutions would help the company accommodate the new workload in the SHORTEST amount of time and with the maximum financial benefits? A. Configure auto-scaling within the private cloud B. Set up cloud bursting for the additional resources C. Migrate all workloads to a public cloud provider D. Add more capacity to the private cloud

D. Add more capacity to the private cloud

A systems administrator is building a new virtualization cluster. The cluster consists of five virtual hosts, which each have flash and spinning disks. This storage is shared among all the virtual hosts, where a virtual machine running on one host may store data on another host. This is an example of: A. a storage area network B. a network file system C. hyperconverged storage D. thick-provisioned disks

A. a storage area network

An organization requires the following to be achieved between the finance and marketing departments: Allow HTTPS/HTTP. Disable FTP and SMB traffic. Which of the following is the MOST suitable method to meet the requirements? A. Implement an ADC solution to load balance the VLAN traffic B. Configure an ACL between the VLANs C. Implement 802.1X in these VLANs D. Configure on-demand routing between the VLANs

B. Configure an ACL between the VLANs

Due to a policy change, a few of a customer’s application VMs have been migrated to synchronously replicated storage. The customer now reports that performance is lower. The systems administrator checks the resource usage and discovers CPU utilization is at 60% and available memory is at 30%. Which of the following is the MOST likely cause? A. There is not enough vCPU assigned B. The application is not compatible with the new settings C. The new configuration is adding latency D. The memory of the VM is underallocated

B. The application is not compatible with the new settings

A VDI administrator has received reports of poor application performance. Which of the following should the administrator troubleshoot FIRST? A. The network environment B. Container resources C. Client devices D. Server resources

D. Server resources

A marketing team is using a SaaS-based service to send emails to large groups of potential customers. The internally managed CRM system is configured to generate a list of target customers automatically on a weekly basis, and then use that list to send emails to each customer as part of a marketing campaign. Last week, the first email campaign sent emails successfully to 3,000 potential customers. This week, the email campaign attempted to send out 50,000 emails, but only 10,000 were sent. Which of the following is the MOST likely reason for not sending all the emails? A. API request limit B. Incorrect billing account C. Misconfigured auto-scaling D. Bandwidth limitation

A. API request limit

A DevOps administrator is automating an existing software development workflow. The administrator wants to ensure that prior to any new code going into production, tests confirm the new code does not negatively impact existing automation activities. Which of the following testing techniques would be BEST to use? A. Usability testing B. Regression testing C. Vulnerability testing D. Penetration testing

B. Regression testing

Deck 2 Flashcards

(75 cards)