CompTIA Cloud+ Study Guide CV0-002 Exam Questions Updated

Regina2021-08-25T03:14:21+00:00

It is so good that CV0-002 exam questions have been updated with 328 questions and answers as the best study guide to help you complete CompTIA Cloud+ certification. CV0-002 exam is the old version of CompTIA Cloud+ certification, because the new version, CV0-003 exam has been available online. But it is still valid for getting CompTIA Cloud+ certification till this December. The updated exam questions for CompTIA Cloud+ CV0-002 exam are based on the exam description to help the individuals for incorporating and managing cloud technologies as part of broader systems operations. We ensure that you can pass CV0-002 exam successfully. Also, we have new CV0-003 exam guide for your preparation. You can choose as you require.

Come here to check the free questions to find the quality of CV0-002 exam questions.

Page 1 of 7

1. A company is required to ensure all access to its cloud instance for all users to utilize two-factor authentication.

The QA team confirms all functional requirements successfully test. After deployment, all business users report the two-factor authentication is not enforced while accessing the instance.

Which of the following would be the MOST likely reason the QA team did not catch the issue?

The business users are using the wrong hardware token to log in.

The administrator configured to use two-factor authentication by default.

The QA team only tested functional requirements.

The business users are accessing the instance located in their country.

2. A customer wants to remove a user’s access to the SaaS CRM system.

Which of the following methods should be executed FIRST?

User account removal

User account lockout

User account password change

User account disablement

3. IaaS users are reporting longer than expected wait times when accessing the virtual file repository. There are more than 2TB of free disk space, and vCPU and vRAM do not reach more than 75% utilization. In which of the following ways should the cloud systems administrator analyze this issue?

Access the cloud services portal and increase the amount of available disk space by 25%.

Access the cloud services portal and check the amount of CPU and RAM on the host machine.

Access the cloud services portal and look at the historical performance numbers.

Access the cloud services portal and check the security log for access denied requests.

4. A recent advertisement campaign has increased traffic to an e-commerce application that is hosted within a public cloud environment. Customers are reporting that it takes too long to load their pages and submit orders. A cloud administrator looks at the metrics from the environment and sees high utilization of the CPU and memory resources. The cloud provider offers several preconfigured sizes for server template: x-small, small, medium, large, x-large, and 2x-large.

Given an expected increase in workload, which of the following is the BEST solution to improve application performance?

Change the server template size for Inxpc003 to 2x-large.

Provision additional Inxpc servers using the 2x-large template.

Add memory to Inxpc002, Inxpc003, and Inxpc003.

Change the role of Inxw001 from web to application.

5. A consultant is helping a gaming-as-a-service company set up a new cloud. The company recently bought several graphic cards that need to be added to the servers.

Which of the following should the consultant suggest as the MOST cost effective?

Private

Public

Community

SaaS

6. A technician receives a report of system utilization:

Which of the following additional resources should the technician add FIRST given the trend data shown above?

CPU

Disk

Bandwidth

RAM

7. The administrator at a SaaS provider wants to improve security of the systems hosting the SaaS application. The administrator has created a script that monitors malware research sites and automatically creates and uploads signatures when new vulnerabilities are announced.

To which of the following security services is the script MOST likely to upload these signatures?

Proxy

VPN

Firewall

IDP

8. An automation performs the following on a monthly basis:

- Disable accounts that have not logged on in the last 60 days

- Remove firewall rules with zero hits in the last 30 days

- Remove DNS entries that have not been updated in the last 60 days

- Archive all logs that are more than 30 days old

Six weeks after this new automation is implemented, an internal client reports that quarterly replication failover testing has failed.

Which of the following is the MOST likely cause of the failed test?

Disabling accounts

Removing firewall rules

Removing DNS entries

Archiving logs

9. An organization is replacing its internal human resources system with a SaaS-based application. The solution is multi-tenant, and the organization wants to ensure ubiquitous access while preventing password replay attacks.

Which of the following would BEST help to mitigate the risk?

Implement destination resources authentication.

Require and implement two-factor authentication.

Remove administrator privileges from users’ laptops.

Combine network authentication and physical security in one card/token.

10. A cloud administrator has finished building a virtual server template in a public cloud environment. The administrator is now cloning six servers from that template. Each server is configured with one private IP address and one public IP address. After starting the server instances, the cloud administrator notices that two of the servers do not have a public IP address.

Which of the following is the MOST likely cause?

The maximum number of public IP addresses has already been reached.

The two servers are not attached to the correct public subnet.

There is no Internet gateway configured in the cloud environment.

The two servers do not have enough virtual network adapters attached.

Page 2 of 7

11. A company's security policy requires full disk encryption on all clients with preboot enabled. The encryption server is hosted, and the requirement is to push an update to all endpoints.

Which of the following is the BEST method to test and apply the update with minimal disruption to end users?

Access the API of the encryption server, develop a custom script, and then update all endpoints.

Access the web UI portal of the encryption server, apply the update to the test group, validate, and then update all endpoints.

Add the update to the standard desktop configuration image, apply the update to a test VM, and then reimage clients.

Access the web UI of the encryption server and disable preboot, apply the update, test, and then deploy the update to all endpoints.

12. A consumer is performing a comparison between different IaaS providers for upcoming cloud migrations.

Which of the following is the MOST appropriate option to make a comparison for the selection process?

Hardware technology used

Virtualization platform

Backup services

SLA offerings

13. A cloud administrator runs a maintenance script to remove unused resources. After the maintenance has been performed, users report they can no longer access the application website. The administrator confirms the server is up and responding on the proper ports.

Which of the following cleanup actions MOST likely caused the problem?

Removing inactive accounts

Removing outdated firewall rules

Removing stale DNS entries

Removing orphaned resources

14. A company is looking for a hardware feature with the least amount of downtime in terms of firmware upgrades.

Which of the following features BEST meet this requirement?

In-service upgrades

Rolling upgrades

Failover upgrades

User-mode upgrades

15. A company changed its policy to have seven-year data retention in the public cloud.

Which of the following would be the MOST cost-effective way to meet retention requirements?

Site mirroring

Automated archiving

Replication

Third-party sites

16. A SaaS customer reports that no one can access the application portal. After some troubleshooting, the cloud administrator finds a problem and provides a remedy by restarting the cluster. After documenting the solution, the support case is closed. Multiple tenants lose access to their hosts the following day.

Which of the following troubleshooting steps did the administrator miss?

Identify the problem.

Establish a theory.

Verify full system functionality.

Test the theory.

Establish a plan of action.

17. A company is migrating its application to a cloud provider. Six months before going live, a

representative from each stakeholder group validated the functionality and performance in the QA environment and did not identify any issues. After going live, the system response time is slower that the testing environment.

Which of the following is the MOST likely gap in the testing plan?

The test scenario audiences are different between QA and production.

The application version deployed in production is different than the one deployed in Q

System configuration testing in QA and production is different.

The test plan in QA is different than the production environment.

18. A company has deployed a four-node cluster in a COLO environment with server configurations listed below. The company wants to ensure there is 50% overhead for failover and redundancy. There are currently eight VMs running within the cluster with four vCPUs x32GB each.

The company wants to better utilize its resources within the cluster without compromising failover and redundancy.

Given the information above, which of the following should a cloud administrator do to BEST accommodate failover and redundancy requirements?

Ensure hyperthreading is being utilized with physical server CPUs.

Ensure dynamic resource allocation is being utilized.

Overcommit memory, and the systems will allocate resources as required.

Set hard limits for VM resources and turn on hyperthreading.

19. A cloud engineer recently applied the troubleshooting process for a major connectivity issue.

Which of the following is the FINAL step in the troubleshooting methodology?

Document findings, actions, and outcomes.

Establish a plan of action to resolve the problem and implement the solution.

Confirm the root cause of the issue.

Verify full system functionality and, if applicable, implement preventive measures.

20. A company needs to meet the security requirements for PII.

Which of the following cloud service models allows the company to have the MOST control to meet the security requirements?

SaaS

IaaS

PaaS

XaaS

Page 3 of 7

21. A company has implemented a change management process that allows standard changes during business hours. The company’s private cloud hardware needs firmware updates and supports rolling upgrades.

Which of the following considerations should be given to upgrade firmware and make the change as transparent as possible to users?

Implement the change as a standard change.

Notify users before applying the change during the day.

Fail the application over to perform the upgrade.

Perform the change during off-hours to minimize the impact on users.

22. The InfoSec team has directed compliance database activity monitoring without agents on a hosted database server in the public IaaS.

Which of the following configurations is needed to ensure this requirement is achieved?

Configure the agent configuration file to log to the syslog server.

Configure sniffing mode on database traffic.

Implement built-in database tracking functionality.

Implement database encryption and secure copy to the NA

23. A cloud-based web store is experiencing poor website performance and unavailability.

Which of the following approaches would prevent the issue without administrator intervention?

Install and deploy a load balancer in the front of the web server.

Increase the computing resources to the web server.

Increase the network’s bandwidth to handle the spike.

Partner with a cloud provider to scale the required resources as needed.

24. A cloud architect is tasked with isolating traffic between subnets in an IaaS platform. The networks should be able to statefully communicate with each other.

Given this scenario, which of the following should the architect implement?

Configure security groups.

Configure HIPS policies.

Configure IDS policies.

Configure a network AC

25. A cloud administrator configures a new web server for the site https://companyname.com. The administrator installs a wildcard SSL certificate for *.companyname.com. When users attempt to access the site, a certificate error is received.

Which of the following is the MOST likely cause of the error?

Certificate misconfigured

Certificate expired

Certificate revoked

Certificate not signed

26. A company uses its own private cloud, which has few available resources. Mission-critical systems and other information systems are running on it. A new system will be deployed on the private cloud.

The following tests are included in the test plan:

✑ Load test (2h)

✑ Backup/restore test (6h)

✑ Functional test (8h)

✑ Failover test (1h)

The work schedule of the existing system is shown below.

To minimize the effect to the existing system, which of the following schedules is MOST suitable for the load test?

02:00-04:00

09:00-12:00

18:00-20:00

22:00-00:00

27. A new private cloud platform is being deployed by an engineer. SLA requirements state that any clusters should have a baseline redundancy sufficient to handle the failure of at least two hosts.

The engineer records the following metrics after the deployment:

Which of the following metrics is MOST likely to represent a violation of SLA?

RAM utilization

NIC utilization

CPU utilization

Disk utilization

28. A CSA is reviewing the deployment of an e-commerce application in a public cloud provider. The CSA wants to ensure the sizing is optimal to keep the cost of the environment down.

The available server configurations are as follows:

A review of the current system shows the following utilization information:

Which of the following should the CSA implement to ensure the MOST optimal sizing?

Change the MW01, MW02, and MW03 servers to the MEDIUM instance type.

Change the PROXY01 server to the MEDIUM instance type.

Change the DB01 server to the LARGE instance type.

Change the WEB01 server to the SMALL instance type.

29. A rural manufacturing company wants to move all IT services, including the industrial control systems, to the cloud.

Given this scenario, which of the following cloud services elements would be a challenge to the deployment?

Computing capacity flexibility

Industrial control system security

Integrated service digital network

Network broadband access

30. A technician uses a workflow to create new virtual servers in a private cloud. The workflow reports that the process was successful, but the virtual servers do not appear in the cloud dashboard.

Which of the following is the MOST likely reason the servers were not created?

Job validation issue

Location changes

Version feature mismatch

Bandwidth limitations

Page 4 of 7

31. A user cannot consume SaaS services while working remotely. IP whitelisting is implemented to connect to a SaaS provider as a security mechanism.

Which of the following describes the MOST likely reason why the user cannot access the SaaS resources?

The user is not utilizing VPN to connect to the home office.

The user account does not exist in the SaaS provider.

The user account is not assigned the correct role in RBAC policy.

The user account has consumed all of the available subscriptions.

32. Email users report that it takes more than one minute to open emails, including those without attachments. There are three email instances in three different regions hosted by the same CSP. Other applications hosted by the same CSP have no reported issues.

Which of the following solutions BEST resolves the issue?

Confirm that the email instances have sufficient bandwidth.

Install monitoring software on the email instances.

Check the antivirus software settings and disable real-time message scanning.

Ensure the requested IOPS are being provided to the email instances.

33. An administrator defines a backup as follows:

✑ One weekly full backup

✑ Daily incremental backup

Which of the following BEST describes where the administrator would define this?

Backup SLA document

Backup orchestration workflow

Backup schedule

Provisioning schedule

34. A company is using storage-as-a-service from an IaaS provider for application services. The company has a mandate to protect personal information being stored on the cloud. The service provided includes encryption for in-transit data and requires a security solution for data-at-rest.

Which of the following should be deployed to secure the personal information?

Implement data tokenization.

Implement hardware-based encryption.

Implement centralized key management.

Implement database-embedded encryption.

35. Identify the problematic device(s).

Instructions:

If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

Simulation

36. After deploying a VM with a baseline CPU utilization below 80%, a cloud engineer notices the current CPU utilization stays in the 95% to 99% range.

Which of the following describes how this should be fixed to BEST meet the baseline?

Deploy an additional VM based on the baseline.

Enable CPU hyperthreading.

Increase the CPU amount on the V

Add more RAM to the VM to decrease CPU utilization.

37. Based on demand, an IaaS provider wants to deploy a security application for its customers.

Which of the following is the BEST technique for the IaaS provider to apply this to target systems?

Vendor application

Scripting

Orchestration

Custom programming

38. A cloud implementation engineer successfully created a new VM. However, the engineer notices the new VM is not accessible from another network. A ping test works from another VM on the same subnet.

Which of the following is the MOST likely problem?

Incorrect subnet

Incorrect host IP address

Incorrect VLAN

Incorrect gateway

39. A cloud engineer is deploying a new application to a multicloud platform. After running the script, the engineer sees the VMs were not created on one of the cloud providers. The engineer confirms the proper credentials are being used for all cloud providers and there is available capacity.

Which of the following is the MOST likely cause of the deployment failure?

The cloud provider was not available.

The application does not have an adequate number of licenses.

The additional cloud provider is in a separate time zone.

The script created to be deployed does not match the cloud provider AP

40. A cloud administrator is receiving alerts that the disk on several systems is 90% full. Upon reviewing the systems, the administrator determines that the log directory is using 50% of the disk. The company has a 14- day retention policy for all logs.

Which of the following is the BEST solution to implement to minimize future alerts?

Orchestrate a job to rotate the logs and upload to external storage.

Delete any log files in the directory that are larger than 20M

Archive the existing logs in the directory and upload to external storage.

Add additional storage space to the log directory for the servers.

Page 5 of 7

41. A new startup company is growing and wants to deploy a human resources management system on a private cloud that is only accessible to the human resources department.

Which of the following is the BEST method of access control?

Discretionary access control

Mandatory access control

Non-discretionary access control

Comprehensive access control

42. A cloud engineer is required to ensure all servers in the cloud environment meet requirements for PCI compliance. One of the requirements is to make certain all administrator logins and commands are logged.

Which of the following is the BEST approach to meet these requirements?

Enable configuration change tracking for all servers in the public cloud provider’s dashboard.

Enable detailed monitoring for all servers in the public cloud provider’s dashboard.

Define and enable audit tracking rules on each server in the public cloud environment.

Modify the cloud provider’s role-based authorization policies to log user session activity.

43. In a private cloud environment, which of the following is the BEST way to update 20 VMs with the same patch that has been regression tested and approved for rollout?

Automate the distribution of the patch and use an orchestration tool to roll it out.

Roll out the patch manually to the 20 VMs and reboot the system.

Deploy the patch to ten VMs for testing and then install it on the remaining VMs.

Install the patch on as many VMs as possible during the next maintenance window.

44. A cloud administrator for a state government agency is tasked with giving access to the voter registration application to a government agency in another state. Only authorized officials from each state should access the application. These agencies have a common environment where applications have been deployed in the past.

Which of the following should the cloud administrator do to give access to the application?

Deploy part of the application into a public cloud and establish secure connections to a private cloud environment.

Deploy the application to a community cloud that is shared with multiple state government agencies only.

Deploy the application to a public cloud and implement ACLs and security access policies to limit access.

Deploy the application to the state’s private cloud and give authentication credentials to the other state’s authorized officials.

45. A VM was deleted by mistake today at 11:05 a.m.

Below are the backups currently available for the VM:

Crash-consistent restore is acceptable.

Which of the following backups should be chosen?

Snapshot from today at 11:00

Full from three days ago at 00:00

Incremental from today at 00:00

Synthetic-full from yesterday at 12:00

46. While reviewing the auto-scaling events for a web application, a cloud engineer identified that the application upsized and downsized multiple times within the last hour.

Which of the following should the cloud engineer do NEXT?

Add more systems into the scaling group.

Review the load balancer configuration settings.

Review auto-scaling policies to detect a misconfiguration.

Monitor auto-scaling events for the next 24 hours.

47. A production IaaS database server contains PCI data and is a critical business capability. The CAB approved a normal code change release for QA and PROD to occur 30 minutes apart and to last a maximum of one hour. The cloud DBA team is 45 minutes behind schedule, so they miss the start time on QA.

As the cloud DBA, which of the following is the BEST course of action to apply the code change?

Skip QA and apply the code change to PROD to meet time requirements

Resubmit another change request for another time for approval

Submit an emergency CAB approval to change the time to after business hours

Change the time in the CAB request and apply the code change at a more convenient time

48. An administrator is implementing a new SaaS application. The administrator has been directed to enhance the user authentication experience.

Which of the following technologies BEST meets this requirement?

Federation Services

Multifactor authentication

Biometric authentication

Directory services

49. A customer has requirements for its application data to be copied into a second location for failover possibilities. Latency should be minimized, while RPO and RTO are over 15 minutes.

Which of the following technologies BEST fits the customer’s needs?

Data mirroring

Snapshot copies

Storage cloning

Asynchronous replication

50. A cloud administrator is managing a VPC within an IaaS service model and needs to install quarterly updates.

Which of the following cloud components should the administrator update? (Choose three.)

Network switches

Hypervisor

Storage array

Storage switches

Operating system

Application

Antivirus

Load balancer

Page 6 of 7

51. A company is seeking a new backup solution for its virtualized file servers that fits the following characteristics:

✑ The files stored on the servers are extremely large.

✑ Existing files receive multiple small changes per day.

✑ New files are only created once per month.

All backups are being sent to a cloud repository.

Which of the following would BEST minimize backup size?

Local snapshots

Differential backups

File-based replication

Change block tracking

52. In an IaaS environment, the security team issues a new signature file to prevent specific malware threats from infiltrating the company network.

Which of the following describes where the security team should deploy the updated signatures?

IDS

Spam filter

WAF

NIPS

HIPS

53. Ann, the lead product developer for a company, just hired three new developers. Ann asked the cloud administrator to give these developers access to the fileshares in the public cloud environment.

Which of the following is the BEST approach for the cloud administrator to take?

Clone Ann’s account to create three new developer accounts.

Distribute the credentials of Ann’s shared account to the three new developers.

Copy the fileshares to each new developer’s laptop.

Create a new role to access the fileshares and assign the three new developers.

54. A systems administrator created several new VMs on a private cloud and wants to ensure the new baseline still meets corporate guidelines.

The administrator finds the following new load numbers on the hosts:

If corporate policy requires N+1 host capacity, which of the following metrics is MOST likely to present a problem?

CPU

RAM

DISK

NETWORK

55. A company has hired a technician to build a cloud infrastructure for a massively parallel application.

Which of the following should the technician consider doing FIRST?

Add a GPU to the VMs

Configure the VMs to scale up automatically

Allocate maximum bandwidth to the VMs

Select the most compute cores for the VMs

56. Apply the network and security groups from the original region to the new VM.

57. An administrator is creating new severs in a public cloud. The workflow creates and application group with three VMs, one web server, one application server and one database server. The three VMs are all accessible via SSH, but the websites shows a 503-error referring to a database issue.

Which of the following is the MOST likely cause of the error?

Misconfigured VLAN

Misconfigured proxy

Misconfigured firewall rule

Misconfigure routing

58. A service engineer is trying to determine why one of the company’s SaaS solution is no longer available. The internal systems are responding and other online applications using the same SaaS solution are responding as expected.

Which of the following is the MOST common cause of the availability issue?

Cloud service provider outage

Automation/orchestration issue

Integration issue

Subscription issue

59. A university is running a DNA decoding project that will take seven years if it runs on its current internal mainframe. The university negotiated a deal with a large cloud provider, which will donate its cloud resource to process the DNA decoding during the low peak time throughout the world.

Which of the following is the MOST important resource the university should ask the cloud provider to donate?

A large storage for the DNA decoding results

A larger pipe to transfer the results

A closer datacenter to the university

Any available compute resource

60. A backup solution for a new cloud environment must meet the following requirements:

* Use no more than two backup sets for a complete restore.

* Minimize backup space used.

* Support physical and virtual machines.

Which of the following BEST meets these requirements?

Weekly full backups with daily incremental backups

Weekly clones with daily incremental backups

Weekly full backups with daily differential backups

Weekly and daily snapshots via the hypervisor

Page 7 of 7

61. A company has developed a SaaS product for the financial services industry. The Chief Executive Officer (CEO) of the SaaS company has engaged an independent third party to run tests against its platform.

Which of the following is the MOST likely test the third party has been engaged to perform?

Penetration testing

Load testing

Vulnerability testing

Functionality testing

62. A company moved its on-premises applications to several SaaS providers. As a result, the security team is concerned about accounts being compromised.

Which of the following should the security tem implement to reduce this risk?

Multifactor authentication

Single sign-on

Federation

Role-based access control

Virtual private network

63. An entertainment company with a very large movie library is moving all of its production systems to an IaaS cloud. The current lease is expiring in the next month, and the company made a last-minute decision not to renew the lease.

Which of the following would be the MOST effective way to move all the data to the new cloud provider?

Perform an offline storage migration.

Perform an online storage migration.

Perform an offline VM migration.

Perform an online VM migration.

64. An organization just went through a substantial audit, and the top findings were orphaned and inactive privileged accounts. Given the scenario, which of the following would be the BEST method for addressing these findings?

SSO with federation integration

ACLs and permissions verification

Multifactor authentication

Time-bound, just-in-time account provisioning

65. An administrator is deploying a new application platform with the following resource utilization:

Company policy requires that no resource utilization surpasses 80%.

Which of the following resources will need to be upgraded prior to deployment?

Disk

IOPS

CPU

Network

RAM

66. A cloud administrator has to migrate from an on-premises to a public cloud. The administrator has 20 physical servers and 600 virtual instances to migrate within a month.

Which of the following should the administrator analyze?

The maintenance window, network bandwidth, and virtual instances sizes.

The virtual instances sizes, archive repository size, and maintenance window.

The network bandwidth, systems restore point, and virtual instances sizes.

The backup window, network bandwidth, and virtual instances sizes.

67. A cloud provider wants to automate the installation of standard applications and services as part of the PaaS environment. The provider generates scripts for installation and configuration, taking into account the values provided by the users as input. The scripts need to be run automatically as part of the provisioning process and reused later for other purposes.

Which of the following would help the provider do this?

Provisioning

Orchestration

Self-service portal

Baselines

68. A cloud performance engineer is asked to review the usage and resource utilization from last quarter and then provide analysis and a recommendation. The data shown in the exhibit is collected and plotted for analysis.

In addition to investigating the alarms, which of the following is the BEST recommendation for the engineer to provide?

Migrate to a different cloud provider to improve performance.

Monitor utilization to ensure it does not exceed 80%.

Enable hyperthreading and add memory to allow for growth.

Add more CPUs to lower the utilization.

69. Recent feedback from an employee engagement survey stated that users are frustrated with multiple logins to different SaaS providers, and the cloud engineering teams is directed to address this issue and implement a solution. The security policy states that users must access the SaaS from approved IP addresses.

Which of the following is the BEST and most efficient solution to deploy?

Deploy an IPSec tunnel to each SaaS provider and enable biometric login.

Deploy a smart card login and change passwords to each SaaS vendor every 30 days.

Deploy a CASB solution and whitelist the approved SaaS applications.

Deploy SSO and enforce VPN access to the corporate domain.

70. A company is interested in a DRP. The purpose of the plan is to recover business as soon as possible.

The MOST effective technique is:

archiving.

network clustering.

site mirroring.

active/active.

Welcome To Choose Required IT Certification Exams Online

CompTIA Cloud+ Study Guide CV0-002 Exam Questions Updated

Come here to check the free questions to find the quality of CV0-002 exam questions.

Author