CompTIA CompTIA Certifications CV0-004 Questions & Answers

• Question 211:

  A network administrator is budding a site-to-site VPN tunnel from the company's headquarters office 10 the company's public cloud development network. The network administrator confirms the following:

  The VPN tunnel is established on the headquarter office firewall.

  While inside the office, developers report that they cannot connect to the development network resources.

  While outside the office on a client VPN, developers report that they can connect to the development network resources.

  The office and the client VPN have different IP subnet ranges.

  The firewall flow logs show VPN traffic is reaching the development network from the office.

  Which of the following is the next step the next network administrator should take to troubleshoot the VPN tunnel?

  A. Review the development network routing table.

  B. Change the ciphers on the site-to-site VPN.

  C. Restart the site-to-site VPN tunnel.

  D. Check the ACLS on the development workloads

  Correct Answer: A

  The next step in troubleshooting the VPN tunnel issue is to review the development network routing table. This action will help determine if the routing configurations are correctly directing traffic from the headquarters office through the VPN tunnel to the development network resources. Proper routing ensures that data packets find their way to the correct destinationwithin the cloud environment, which is critical for establishing successful communication between different network segments.References: CompTIA Cloud+ materials stress the importance of networking fundamentals in cloud environments, including VPN configurations and routing, to ensure secure and efficient connectivity between on-premises infrastructure and cloud resources.

• Question 212:

  A cloud engineer is provisioning a new application that requires access to the organization's public cloud resources. Which of the following is the best way for the cloud engineer to authenticate the application?

  A. Access key

  B. API

  C. MFA token

  D. Username and Password

  Correct Answer: A

  The best way to authenticate an application requiring access to an organization's public cloud resources is through the use of an access key. Access keys provide a secure means of authentication for applications and services without the need for interactive login credentials. This method is particularly useful for automated processes or applications that need to interact with cloud services programmatically, ensuring secure and efficient access control.References: CompTIA Cloud+ content emphasizes the importance of secure authentication mechanisms, such as access keys, in managing and securing access to cloud resources, aligning with best practices for cloud security and application deployment.

• Question 213:

  A cloud engineer wants to implement a disaster recovery strategy that:

  1.

  Is cost-effective.

  2.

  Reduces the amount of data loss in case of a disaster.

  3.

  Enables recovery with the least amount of downtime.

  Which of the following disaster recovery strategies best describes what the cloud engineer wants to achieve?

  A. Cold site

  B. Off site

  C. Warm site

  D. Hot site

  Correct Answer: D

  A hot site is a disaster recovery strategy that is cost-effective, minimizes data loss, and allows for the fastest recovery time in case of a disaster. It is an exact replica of the original site of the organization, with full computer systems as well as near-complete backups of user data. Hot sites are operational 24/7 and can take over functionality from the primary site immediately or with minimal delay. References: CompTIA Cloud+ Study Guide (V0-004) - Chapter on Disaster Recovery

• Question 214:

  A company wants to use a solution that will allow for quick recovery from ransomware attacks, as well as intentional and unintentional attacks on data integrity and availability.

  Which of the following should the company implement that will minimize administrative overhead?

  A. Object versioning

  B. Data replication

  C. Off-site backups

  D. Volume snapshots

  Correct Answer: D

  Implementing volume snapshots is an effective solution for quick recovery from ransomware attacks and protecting data integrity and availability. Snapshots capture the state of a storage volume at a point in time and can be used to restore data quickly with minimal administrative overhead.References: Data protection strategies like volume snapshots are discussed under cloud data management and protection in the CompTIA Cloud+ objectives.

• Question 215:

  A high-usage cloud resource needs to be monitored in real time on specific events to guarantee its availability. Which of the following actions should be used to meet this requirement?

  A. Configure a ping command to identify when the cloud instance is out of service.

  B. Create a dashboard with visualizations to filter the status of critical activities.

  C. Collect all the daily activity from the cloud instance and create a dump file for analysis.

  D. Schedule an hourly scan of the network to check for the availability of the resource.

  Correct Answer: B

  To guarantee real-time monitoring of a high-usage cloud resource, creating a dashboard with visualizations to filter the status of critical activities is effective. This allows for a quick visual assessment of the system's health and performance, enabling immediate action if specific events indicate potential issues with availability.References: Real-time monitoring and the use of dashboards for tracking critical cloud resources are part of the cloud management best practices covered under the CompTIA Cloud+ objectives.

• Question 216:

  A company wants to create a few additional VDIs so support vendors and contractors have a secure method to access the company's cloud environment. When a cloud administrator attempts to create the additional instances in the new locations, the operation is successful in some locations but fails in others. Which of the following is the most likely reason for this failure?

  A. Partial service outages

  B. Regional service availability

  C. Service quotas

  D. Deprecation of functionality

  Correct Answer: C

  If a cloud administrator can create additional instances in some locations but not others, the most likely reason for this failure is service quotas. Cloud providers often have quotas on the number of resources that can be created, and these limits can vary by region. References: CompTIA Cloud+ Study Guide (V0-004) - Chapter on Cloud Resource Management

• Question 217:

  A cloud engineer wants to deploy a new application to the cloud and is writing the following script: Which of the following actions will this script perform?

  

  A. Upload a new VM image.

  B. Create a new cloud resource.

  C. Build a local server.

  D. Import a cloud module.

  Correct Answer: B

  The script shown is written in Terraform, which is an infrastructure as code (IaC) tool used for building, changing, and versioning infrastructure safely and efficiently. This particular Terraform script specifies arequired provider and its version,

  the Terraform version, sets the cloud provider's region, and then defines a resource for a server instance with a specific AMI ID and instance type. It also includes tags for the instance. The action this script will perform is to create a new cloud

  resource, specifically a server instance on the cloud provider's platform.

  References: CompTIA Cloud+ Study Guide (V0-004) by Todd Montgomery and Stephen Olson

• Question 218:

  A cloud developer needs to update a REST API endpoint to resolve a defect. When too many users attempt to call the API simultaneously, the following message is displayed:

  Error: Request Timeout - Please Try Again Later

  Which of the following concepts should the developer consider to resolve this error?

  A. Server patch

  B. TLS encryption

  C. Rate limiting

  D. Permission issues

  Correct Answer: C

  To resolve the issue of a REST API endpoint timing out when too many users attempt to call the API simultaneously, the developer should consider implementing rate limiting. Rate limiting controls the number of requests a user can submit in a given amount of time, preventing overuse of the API resources and ensuring availability for all users. References: CompTIA Cloud+ Study Guide (V0-004) - Chapter on Cloud Service Maintenance and Management

• Question 219:

  Which of the following is the best type of database for storing different types of unstructured data that may change frequently?

  A. Vector

  B. Relational

  C. Non-relational

  D. Graph

  Correct Answer: C

  Non-relational (NoSQL) databases are best for storing different types of unstructured data that may change frequently. They are designed to handle a wide variety of data types and are not constrained by the fixed schema of relational databases, making them more flexible and scalable for unstructured data.References: The distinction between relational and non-relational databases and their use cases is part of the foundational knowledge for cloud databases discussed in the CompTIA Cloud+ certification.

• Question 220:

  A cloud solution needs to be replaced without interruptions. The replacement process can be completed in phases, but the cost should be kept as low as possible.

  Which of the following is the best strategy to implement?

  A. Blue-green

  B. Rolling

  C. In-place

  D. Canary

  Correct Answer: B

  A rolling strategy is the best to implement when needing to replace a cloud solution without interruptions and keeping costs low. This approach updates or replaces parts of the system gradually with minimal downtime and allows for a phased implementation. References: CompTIA Cloud+ Study Guide (V0-004) - Chapter on Cloud Deployment and Provisioning