CompTIA CompTIA Certifications CV0-004 Questions & Answers

• Question 231:

  A company is developing a new web application that requires a relational database management system with minimal operational overhead. Which of the following should the company choose?

  A. A database installed on a virtual machine

  B. A managed SQL database on the cloud

  C. A database migration service

  D. A hybrid database setup

  Correct Answer: B

  For a new web application that requires a relational database management system with minimal operational overhead, the company should choose a managed SQL database on the cloud. Managed databases provide automated backups, patching, and other management tasks, reducing the administrative burden.References: The use of managed services, like managed databases, to minimize operational overhead is a strategic decision in cloud computing covered in CompTIA Cloud+.

• Question 232:

  A software engineer at a cybersecurity company wants to access the cloud environment. Per company policy, the cloud environment should not be directly accessible via the internet. Which of the following options best describes how the software engineer can access the cloud resources?

  A. SSH

  B. Bastion host

  C. Token-based access

  D. Web portal

  Correct Answer: B

  A bastion host is the best option described for accessing cloud resources without direct internet access. It acts as a secure gateway to access internal networks from external sources and is often used in conjunction with other security measures such as SSH for secure connections.References: The use of bastion hosts as a secure access point to cloud resources is a security best practice covered in the CompTIA Cloud+ certification's domain on cloud security.

• Question 233:

  A cloud security analyst is investigating the impact of a recent cyberattack. The analyst is reviewing the following information: Web server access log:

  104.210.233.225 - - [21/10/2022:11:17: 40] "POST /uploadfile.html?f=myfile.php" 200 1638674

  45.32.10.66 - - [21/10/2022:11:19:12] "GET /welcome.html" 200 5812

  104.210.233.225 - - [21/10/2022:11:21:19] "GET / .. / .. / .. / .. /conf/server.xml HTTP/1.1" 200 74458

  45.32.10.66 - - [21/10/22:11:22:32] "GET /admin.html HTTP/1.1" 200 9518

  Web application firewall log:

  "2022/10/21 11:17:33" "10.25.2.35" "104. 210.233.225" "userl" "File transfer completed successfully."

  "2022/10/21 11:21:05" "10. 25.2. 35" "104. 210.233.225" "userl" "Accessed application page."

  "2022/10/21 11:22:13" "10.25.2.35" "45. 32. 10. 66" "user2" "Accessing admin page. "

  Which of the following has occurred?

  A. The corporate administration page was defaced by the attacker.

  B. A denial-of-service attack was successfully performed on the web server.

  C. A new user was created on the web server by the attacker.

  D. Sensitive information from the corporate web server was leaked.

  Correct Answer: D

  The logs indicate that the IP address 104.210.233.225 made a GET request that appears to traverse directories (as indicated by the '/../../') to access 'server.xml', which is a configuration file for the server. This type of request is indicative of a directory traversal attack, which can lead to unauthorized access to sensitive files on the server. The successful 200 response code suggests that the file was accessed, implying that sensitive configuration data could have been leaked. References: CompTIA Cloud+ Certification Study Guide (V0-004) by Scott Wilson and Eric Vanderburg

• Question 234:

  A company wants to implement a work environment that will have low operational overhead and highly accessible enterprise resource planning, email, and data resources. Which of the following cloud service models should the company implement?

  A. laaS

  B. PaaS

  C. DBaaS

  D. SaaS

  Correct Answer: D

  A company that requires low operational overhead and highly accessible enterprise resources would benefit from implementing Software as a Service (SaaS). SaaS provides access to applications hosted in the cloud, eliminating the need for internal infrastructure or application development, which aligns with the requirement of having low operational overhead. References: CompTIA Cloud+ Study Guide (V0-004) by Todd Montgomery and Stephen Olson

• Question 235:

  Which of the following is the most cost-effective and efficient strategy when migrating to the cloud?

  A. Retire

  B. Replatform

  C. Retain

  D. Refactor

  Correct Answer: A

  The most cost-effective and efficient strategy when migrating to the cloud can often be to 'retire' or turn off legacy systems that are no longer useful or necessary. This avoids spending resources on migrating and maintaining systems that do not provide value in a cloud environment.References: Cloud migration strategies, including retiring outdated systems, are part of the decision-making process for cloud adoption in the CompTIA Cloud+ certification material.

• Question 236:

  An IT manager is migrating the production environment to the cloud but needs to keep control of the operating systems, patches, and settings of all resources. Which of the following deployment models will best meet the requirements?

  A. FaaS

  B. PaaS

  C. laaS

  D. SaaS

  Correct Answer: C

  Infrastructure as a Service (IaaS) is the deployment model that will best meet the requirements of retaining control over the operating systems, patches, and settings of all resources. IaaS provides the cloud infrastructure but leaves the management of the operating system and applications to the user.References: The cloud service models and the level of control they offer are fundamental topics in the CompTIA Cloud+ certification material.

• Question 237:

  A technician receives an email from a vendor who is requesting payment of an invoice for human resources services. The email contains a request for bank account numbers. Which of the following types of attacks does this behavior most likely indicate?

  A. MaIware

  B. Cryptojacking

  C. Ransomware

  D. Phishing

  Correct Answer: D

  The behavior described in the question indicates a phishing attack. Phishing typically involves an attacker masquerading as a legitimate entity to trick individuals into providing sensitive information, such as bank account numbers, through seemingly trustworthy communication channels like email.References: Understanding security concerns and measures is part of the Governance, Risk, Compliance, and Security domain of the CompTIA Cloud+ objectives.

• Question 238:

  A junior cloud administrator was recently promoted to cloud administrator and has been added to the cloud administrator group. The cloud administrator group is the only one that can access the engineering VM. The new administrator unsuccessfully attempts to access the engineering VM. However, the other administrators can access it without issue. Which of the following is the best way to identify the root cause?

  A. Rebooting the engineering VM

  B. Reviewing the administrator's permissions to access the engineering VM

  C. Allowing connections from 0.0.0.070 to the engineering VM

  D. Performing a packet capture on the engineering VM

  Correct Answer: B

  The best way to identify the root cause of why the new cloud administrator cannot access the engineering VM is by reviewing the administrator's permissions. It is possible that, despite being added to the cloud administrator group, the specific permissions to access the engineering VM were not properly configured.References: Permission issues are a common problem in cloud environments, andtroubleshooting such issues is part of the cloud management skills discussed in the CompTIA Cloud+ certification

• Question 239:

  Which of the following requirements are core considerations when migrating a small business's on-premises applications to the cloud? (Select two).

  A. Availability

  B. Hybrid

  C. Testing

  D. Networking

  E. Compute

  F. Logs

  Correct Answer: AD

  When migrating on-premises applications to the cloud for a small business, availability and networking are core considerations. Ensuring that applications are available and that the network is capable of handling the new cloud traffic are pivotal for a successful transition.References: The migration process and its core considerations, including availability and networking, are topics within the Business Principles of Cloud Environments in the CompTIA Cloud+ material.

• Question 240:

  A cloud infrastructure administrator updated the IP tables to block incoming connections and outgoing responses to 104.225.110.203. Which of the following vulnerability management steps is this an example of?

  A. Scanning scope

  B. Remediation

  C. Identification

  D. Assessment

  Correct Answer: B

  Updating the IP tables to block connections to a specific IP address as a response to vulnerabilities is an example of remediation. Remediation involves taking direct action to fixvulnerabilities, such as by applying patches, changing configurations, or, in this case, updating firewall rules to block potentially harmful traffic. References: CompTIA Cloud+ resources and vulnerability management processes