CompTIA CompTIA Certifications CV0-004 Questions & Answers

• Question 251:

  An organization wants to ensure its data is protected in the event of a natural disaster. To support this effort, the company has rented a colocation space in another part of the country. Which of the following disaster recovery practices can be used to best protect the data?

  A. On-site

  B. Replication

  C. Retention

  D. Off-site

  Correct Answer: D

  For an organization looking to protect its data in the event of a natural disaster, the best disaster recovery practice would be off-site replication. By renting a colocation space in another part of the country, the company can maintain copies of their data and critical systems in a geographically separate location, ensuring they are not affected by the same disaster. References: CompTIA Cloud+ Study Guide (V0-004) - Chapter on Disaster Recovery

• Question 252:

  A systems administrator needs to configure a script that will monitor whether an application is healthy and stop the VM if an unsuccessful code is returned.

  Which of the following scripts should the systems administrator use to achieve this goal?

  A. RESPONSE_CODE } string APP_URL bool RESPONSE_CODE string VM health checker (APP_URL, VM) { if [ http_probe (APP_URL) == 200] { echo RESPONSE_CODE } else{ stop (VM) echo

  B. else{ echo string APP_URL float RESPONSE_CODE string VM health_checker (APP_URL, VM) { if [ http_probe (APP_URL) == 200] { stop (RESPONSE_CODE) echo VM } stop (VM) RESPONSE CODE }

  C. else{ echo string APP_URL int RESPONSE CODE string VM health checker (APP_URL, VM) { if [ http_probe (APP_URL) == 200] { echo RESPONSE_CODE } stop (VM) RESPONSE_CODE }

  D. else{ echo string APP_URL int RESPONSE_CODE string VM health_checker (APP_URL, VM) { if [ http_probe (VM) == 200] { stop (VM) echo RESPONSE_CODE } RESPONSE CODE }

  Correct Answer: A

  Script A is designed to monitor the health of an application by checking its response code. If the application returns a 200 (OK) status, it indicates that the application is healthy. Otherwise, the script will stop the VM to address the issue, which is a common approach to handle unhealthy application states in automated environments. This script effectively achieves the goal of monitoring application health and taking corrective action when an unsuccessful code is returned. References: CompTIA Cloud+ resources and general scripting practices for cloud environments

• Question 253:

  A customer's facility is located in an area where natural disasters happen frequently. The customer requires the following:

  1.

  Data resiliency due to exposure to frequent natural disasters

  2.

  Data localization because of privacy regulations in the country

  3.

  High availability

  Which of the following cloud resources should be provisioned to meet these requirements?

  A. Storage in a separate data center located in same region

  B. An on-premises private cloud carrying duplicate data

  C. Storage in an availability zone outside the region

  D. Storage in the same availability zone as the primary data

  Correct Answer: C

  To meet the requirements of data resiliency, data localization, and high availability in a region prone to natural disasters, the customer should provision storage in an availability zone outside the region. This ensures that data is not affected by regional disasters and complies with data localization by remaining within the country's borders, while also providing high availability.References: Disaster recovery and high availability strategies, including the use of multiple availability zones, are discussed in the CompTIA Cloud+ certification material.

• Question 254:

  The change control board received a request to approve a configuration change 10 deploy in the cloud production environment. Which of the following should have already been competed?

  A. Penetration test

  B. End-to-end security testing

  C. Cost benefit analysis

  D. User acceptance testing

  Correct Answer: D

  Before a configuration change is deployed in the cloud production environment, it is crucial to conduct User Acceptance Testing (UAT). UAT involves testing the system by the end-users or clients to ensure it can handle required tasks in real-world scenarios, according to specifications. This testing is the final stage before the change is approved for production, ensuring that all functionalities meet user requirements and the system is ready for deployment.References: The CompTIA Cloud+ certification highlights the significance of various testing phases, including UAT, as part of the cloud deployment process to validate the system's readiness and functionality for end-users.

• Question 255:

  A cloud architect is preparing environments to develop a new application that will process sensitive data. The project team consists of one internal developer, two external consultants, and three testers. Which of the following is the most important security control for the cloud architect to consider implementing?

  A. Setting up private development, public development, and testing environments

  B. Segregating environments for internal and external teams

  C. Configuring DDoS protection to mitigate the risk of downtime

  D. Using IAM and ACL in order to bolster DLP

  Correct Answer: D

  In a project handling sensitive data with a mix of internal and external team members, implementing Identity and Access Management (IAM) and Access Control Lists (ACL) is crucial for Data Loss Prevention (DLP). These controls ensure that only authorized individuals have access to specific resources, and actions are governed according to the principle of least privilege, minimizing the risk of data leakage or unauthorized access.

• Question 256:

  A security engineer Identifies a vulnerability m a containerized application. The vulnerability can be exploited by a privileged process to read tie content of the host's memory. The security engineer reviews the following Dockerfile to determine a solution to mitigate similar exploits:

  FROM alpine:3.17 RUN apk update andand apk upgrade COPY ./myapp ENTRYPOINT ["/myapp/app"]

  Which of the following is the best solution to prevent similar exploits by privileged processes?

  A. Adding the USER myappuserinstruction

  B. Patching the host running the Docker daemon

  C. Changing FROM alpiner3.17 to FROM alpine:latest

  D. Running the container with the ready-only filesystem configuration

  Correct Answer: A

  Adding the "USER myappuser" instruction to the Dockerfile is the best solution to prevent similar exploits by privileged processes. This instruction ensures that the container runs as a non-privileged user instead of the root user, significantly reducing the risk of privileged exploits. Running containers with least privilege principles minimizes the potential impact of vulnerabilities, enhancing the overall security posture of the containerized environment.References: The CompTIA Cloud+ framework includes security concerns, measures, and concepts for cloud operations, highlighting the importance of container security practices, such as running containers as non-root users to prevent unauthorized access and exploitation.

• Question 257:

  A cloud engineer is troubleshooting an application that consumes multiple third-party REST APIs. The application is randomly experiencing high latency. Which of the following would best help determine the source of the latency?

  A. Configuring centralized logging to analyze HTTP requests

  B. Running a flow log on the network to analyze the packets

  C. Configuring an API gateway to track all incoming requests

  D. Enabling tracing to detect HTTP response times and codes

  Correct Answer: D

  Enabling tracing in the application can help determine the source of high latency by providing detailed information on HTTP request and response times, as well as response codes. This can identify which API calls are experiencing delays and contribute to overall application latency, allowing for targeted troubleshooting and optimization.

• Question 258:

  Which of the following strategies requires the development of new code before an application can be successfully migrated to a cloud provider?

  A. Refactor

  B. Rearchitect

  C. Rehost

  D. Replatform

  Correct Answer: A

  Refactoring requires the development of new code before an application can be successfully migrated to a cloud provider. It often involves restructuring and optimizing the existing code without changing its external behavior to fit into the new cloud environment.References: Application migration strategies and the requirements for each, like refactoring, are included in cloud migration best practices covered in CompTIA Cloud+.

• Question 259:

  A critical security patch is required on a network load balancer in a public cloud. The organization has a major sales conference next week, and the Chief Executive Officer does not want any interruptions during the demonstration of an

  application behind the load balancer.

  Which of the following approaches should the cloud security engineer take?

  A. Ask the management team to delay the conference.

  B. Apply the security patch after the event.

  C. Ask the upper management team to approve an emergency patch window.

  D. Apply the security patch immediately before the conference.

  Correct Answer: C

  Given the critical nature of the patch and the upcoming major sales conference, the cloud security engineer should seek approval for an emergency patch window. This approach balances the need for security with the business requirement of no interruptions during the conference.References: The strategy of managing critical updates in alignment with business operations is part of the governance and risk management topics in the CompTIA Cloud+ certification material.

• Question 260:

  A company requests that its cloud administrator provision virtual desktops for every user. Given the following information:

  1.

  One hundred users are at the company.

  2.

  A maximum of 30 users work at the same time.

  3.

  Users cannot be interrupted while working on the desktop.

  Which of the following strategies will reduce costs the most?

  A. Provisioning VMs of varying sizes to match user needs

  B. Configuring a group of VMs to share with multiple users

  C. Using VMs that have spot availability

  D. Setting up the VMs to turn off outside of business hours at night

  Correct Answer: D

  Setting up the VMs to turn off outside of business hours at night will reduce costs the most, especially since a maximum of 30 users work at the same time and users cannot be interrupted while working. This approach ensures that resources are used only when necessary.References: Cost management and efficient resource utilization strategies like scheduling VMs to turn off during idle times are discussed within the financial management aspects of cloud services in the CompTIA Cloud+ exam objectives.