Summer Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

CV0-003 Questions and Answers

Question # 6

After a hardware upgrade on a private cloud system, the systems administrator notices a considerable drop in network performance. Which of the following is MOST likely the cause?

A.

The driver

B.

The memory

C.

The cluster placement

D.

The CPU

Full Access
Question # 7

A systems administrator is deploying a VM and would like to minimize storage utilization by ensuring the VM uses only the storage if needs. Which of the following will BEST achieve this goal?

A.

Compression

B.

Deduplication

C.

RAID

D.

Thin provisioning

Full Access
Question # 8

A systems administrator is trying to reduce storage consumption. Which of the following file types would benefit the MOST from compression?

A.

System files

B.

User backups

C.

Relational database

D.

Mail database

Full Access
Question # 9

A cloud security analyst needs to ensure the web servers in the public subnet allow only secure communications and must remediate any possible issue. The stateful configuration for the public web servers is as follows:

Which of the following actions should the analyst take to accomplish the objective?

A.

Remove rules 1, 2, and 5.

B.

Remove rules 1, 3, and 4.

C.

Remove rules 2, 3, and 4.

D.

Remove rules 3, 4, and 5.

Full Access
Question # 10

A company wants to check its infrastructure and application for security issues regularly. Which of the following should the company implement?

A.

Performance testing

B.

Penetration testing

C.

Vulnerability testing

D.

Regression testing

Full Access
Question # 11

A cloud administrator is configuring a CDN for an organization’s website to improve performance for users in remote regions. Which of the following CDN features will help achieve this goal?

A.

Compression of content.

B.

Content replication to edge locations.

C.

Dynamic request routing.

D.

Content deduplication.

Full Access
Question # 12

Over the last couple of years, the growth of a company has required a more complex DNS and DHCP environment. Which of the following should a systems administration team implement as an appropriate solution to simplify management?

A.

IPAM

B.

DoH

C.

VLAN

D.

SDN

Full Access
Question # 13

A systems administrator is about to deploy a new VM to a cloud environment. Which of the following will the administrator MOST likely use to select an address for the VM?

A.

CDN

B.

DNS

C.

NTP

D.

IPAM

Full Access
Question # 14

A cloud administrator set up a link between the private and public cloud through a VPN tunnel. As part of the migration, a large set of files will be copied. Which of the following network ports are required from a security perspective?

A.

22, 53, 445

B.

22, 443, 445

C.

25, 123, 443

D.

137, 139, 445

Full Access
Question # 15

A cloud administrator is setting up a new coworker for API access to a public cloud environment. The administrator creates a new user and gives the coworker access to a collection of automation scripts. When the coworker attempts to use a deployment script, a 403 error is returned. Which of the following is the MOST likely cause of the error?

A.

Connectivity to the public cloud is down.

B.

User permissions are not correct.

C.

The script has a configuration error.

D.

Oversubscription limits have been exceeded.

Full Access
Question # 16

A system administrator has provisioned a new web server. Which of the following, in combination, form the best practice to secure the server's OS? (Choose three.)

A.

Install TLS certificates on the server.

B.

Forward port 80 traffic to port 443.

C.

Disable TLS 1.0/1.1 and SSL.

D.

Disable password authentication.

E.

Enable SSH key access only.

F.

Provision the server in a separate VPC.

G.

Disable the superuser/administrator account.

Full Access
Question # 17

A systems administrator is trying to establish an RDP session from a desktop to a server in the cloud. However, the connection appears to be refused even through the VM is responding to ICMP echo requests. Which of the following should the administrator check FIRST?

A.

The firewall

B.

The subnet

C.

The gateway

D.

The services

Full Access
Question # 18

A systems administrator swapped a failed hard drive on a server with a RAID 5 array. During the RAID resynchronization, a second hard drive failed.

Which of the following actions will make the server fully operational?

A.

Restart the RAID resynchronization process

B.

Perform a P2V migration of the server

C.

Swap the failed hard drive with a fresh one

D.

Restore the server from backup

Full Access
Question # 19

A DevOps administrator is designing a new machine-learning platform. The application needs to be portable between public and private clouds and should be kept as small as possible. Which of the following approaches would BEST meet these requirements?

A.

Virtual machines

B.

Software as a service

C.

Serverless computing

D.

Containers

Full Access
Question # 20

A cloud administrator is working in a secure government environment. The administrator needs to implement corrective action due to recently identified security issue on the OS of a VM that is running a facility-management application in a cloud environment. The administrator needs to consult the application vendor, so it might take some time to resolve the issue. Which of the following is the FIRST action the administrator should take while working on the resolution?

A.

Shut down the server.

B.

Upgrade the OS

C.

Update the risk register.

D.

Raise a problem ticket.

Full Access
Question # 21

A systems administrator wants to ensure two VMs remain together on the same host. Which of the following must be set up to enable this functionality?

A.

Affinity

B.

Zones

C.

Regions

D.

A cluster

Full Access
Question # 22

A Chief Information Security Officer (CISO) is evaluating the company’s security management program. The CISO needs to locate all the assets with identified deviations and mitigation measures. Which of the following would help the CISO with these requirements?

A.

An SLA document

B.

ADR plan

C.

SOC procedures

D.

A risk register

Full Access
Question # 23

A cloud administrator is building a new VM for machine-learning training. The developer requesting the VM has stated that the machine will need a full GPU dedicated to it.

Which of the following configuration options would BEST meet this requirement?

A.

Virtual GPU

B.

External GPU

C.

Passthrough GPU

D.

Shared GPU

Full Access
Question # 24

Which of the following should be considered for capacity planning?

A.

Requirements, licensing, and trend analysis

B.

Laws and regulations

C.

Regions, clusters, and containers

D.

Hypervisors and scalability

Full Access
Question # 25

A company is considering consolidating a number of physical machines into a virtual infrastructure that will be located at its main office. The company has the following requirements:

High-performance VMs

More secure

Has system independence

Which of the following is the BEST platform for the company to use?

A.

Type 1 hypervisor

B.

Type 2 hypervisor

C.

Software application virtualization

D.

Remote dedicated hosting

Full Access
Question # 26

A systems administrator is analyzing a report of slow performance in a cloud application. This application is working behind a network load balancer with two VMs, and each VM has its own digital certificate configured. Currently, each VM is consuming 85% CPU on average. Due to cost restrictions, the administrator cannot scale vertically or horizontally in the environment. Which of the following actions should the administrator take to decrease the CPU utilization? (Choose two.)

A.

Configure the communication between the load balancer and the VMs to use a VPN.

B.

Move the digital certificate to the load balancer.

C.

Configure the communication between the load balancer and the VMs to use HTTP.

D.

Reissue digital certificates on the VMs.

E.

Configure the communication between the load balancer and the VMs to use HTTPS.

F.

Keep the digital certificates on the VMs.

Full Access
Question # 27

A company needs to access the cloud administration console using its corporate identity. Which of the following actions would MOST likely meet the requirements?

A.

Implement SSH key-based authentication.

B.

Implement cloud authentication with local LDAP.

C.

Implement multifactor authentication.

D.

Implement client-based certificate authentication.

Full Access
Question # 28

A company plans to publish a new application and must conform with security standards. Which of the following types of testing are most important for the systems administrator to run to assure the security and compliance of the application before publishing? (Select two).

A.

Regression testing

B.

Vulnerability testing

C.

Usability testing

D.

Functional testing

E.

Penetration testing

F.

Load testing

Full Access
Question # 29

A system administrator is migrating a bare-metal server to the cloud. Which of the following types of migration should the systems administrator perform to accomplish this task?

A.

V2V

B.

V2P

C.

P2P

D.

P2V

Full Access
Question # 30

A systems administrator is using a configuration management tool to perform maintenance tasks in a system. The tool is leveraging the target system's API to perform these maintenance tasks After a number of features and security updates are applied to the target system, the configuration management tool no longer works as expected. Which of the following is the MOST likely cause of the issue?

A.

The target system's API functionality has been deprecated

B.

The password for the service account has expired

C.

The IP addresses of the target system have changed

D.

The target system has failed after the updates

Full Access
Question # 31

A cloud engineer is responsible for managing a public cloud environment. There is currently one virtual network that is used to host the servers in the cloud environment. The environment is rapidly growing, and the network does not have any more available IP addresses. Which of the following should the engineer do to accommodate additional servers in this environment?

A.

Create a VPC and peer the networks.

B.

Implement dynamic routing.

C.

Enable DHCP on the networks.

D.

Obtain a new IPAM subscription.

Full Access
Question # 32

A VDI administrator has received reports from the drafting department that rendering is slower than normal. Which of the following should the administrator check FIRST to optimize the performance of the VDI infrastructure?

A.

GPU

B.

CPU

C.

Storage

D.

Memory

Full Access
Question # 33

A systems administrator in a large enterprise needs to alter the configuration of one of the finance department’s database servers.

Which of the following should the administrator perform FIRST?

A.

Capacity planning

B.

Change management

C.

Backups

D.

Patching

Full Access
Question # 34

A systems administrator adds servers to a round-robin, load-balanced pool, and then starts receiving reports of the website being intermittently unavailable. Which of the following is the MOST likely cause of the issue?

A.

The network is being saturated.

B.

The load balancer is being overwhelmed.

C.

New web nodes are not operational.

D.

The API version is incompatible.

E.

There are time synchronization issues.

Full Access
Question # 35

An organization is using multiple SaaS-based business applications, and the systems administrator is unable to monitor and control the use of these subscriptions. The administrator needs to implement a solution that will help the organization apply security policies and monitor each individual SaaS subscription. Which of the following should be deployed to achieve these requirements?

A.

DLP

B.

CASB

C.

IPS

D.

HIDS

Full Access
Question # 36

A cloud administrator is reviewing the annual contracts for all hosted solutions. Upon review of the contract for the hosted mail solution, the administrator notes the monthly subscription rate has increased every year. The provider has been in place for ten years, and there is a large amount of data being hosted. Which of the following is a barrier to switching providers?

A.

Service_level agreement

B.

Vendor lock-in

C.

Memorandum of understanding

D.

Encrypted data

Full Access
Question # 37

A company is migrating workloads from on premises to the cloud and would like to establish a connection between the entire data center and the cloud environment. Which of the following VPN configurations would accomplish this task?

A.

Site-to-site

B.

Client-to-site

C.

Point-to-site

D.

Point-to-point

Full Access
Question # 38

A product-based company wants to transition to a method that provides the capability to enhance the product seamlessly and keep the development iterations to a shorter time frame. Which of the following would BEST meet these requirements?

A.

Implement a secret management solution.

B.

Create autoscaling capabilities.

C.

Develop CI/CD tools.

D.

Deploy a CMDB tool.

Full Access
Question # 39

A cloud security engineer needs to ensure authentication to the cloud pro-vider console is secure. Which of the following would BEST achieve this ob-jective?

A.

Require the user's source IP to be an RFC1918 address.

B.

Require the password to contain uppercase letters, lowercase letters, numbers, and symbols.

C.

Require the use of a password and a physical token.

D.

Require the password to be ten characters long.

Full Access
Question # 40

An administrator needs to back up all the data from each VM daily while also saving space. Which of the following backup types will BEST fit this scenario?

A.

Differential

B.

Incremental

C.

Synthetic full

D.

Full

Full Access
Question # 41

A cloud administrator is setting up a DR site on a different zone of the same CSP. The application servers are replicated using the VM replication, and the database replication is set up using log shipping. Upon testing the DR site, the application servers are unable to access the database servers. The administrator has verified the systems are running and are accessible from the CSP portal.

Which of the following should the administrator do to fix this issue?

A.

Change the database application IP

B.

Create a database cluster between the primary site and the DR site

C.

Update the connection string

D.

Edit the DNS record at the DR site for the application servers

Full Access
Question # 42

An organization purchased new servers with GPUs for render farms. The servers have limited CPU resources.

Which of the following GPU configurations will be the MOST optimal for virtualizing this environment?

A.

Dedicated

B.

Shared

C.

Passthrough

D.

vGPU

Full Access
Question # 43

A systems administrator is troubleshooting performance issues with a Windows VDI environment. Users have reported that VDI performance has been slow since the images were upgraded from Windows 7 to Windows 10.

This VDI environment is used to run simple tasks, such as Microsoft Office. The administrator investigates the virtual machines and finds the following settings:

    4 vCPU

    16GB RAM

    10Gb networking

    256MB frame buffer

Which of the following MOST likely needs to be upgraded?

A.

vRAM

B.

vCPU

C.

vGPU

D.

vNIC

Full Access
Question # 44

A database analyst reports it takes two hours to perform a scheduled job after onboarding 10,000 new users to the system. The analyst made no changes to the scheduled job before or after onboarding the users. The database is hosted in an IaaS instance on a cloud provider. Which of the following should the cloud administrator evaluate to troubleshoot the performance of the job?

A.

The laaS compute configurations, the capacity trend analysis reports, and the storage IOPS

B.

The hypervisor logs, the memory utilization of the hypervisor host, and the network throughput of the hypervisor

C.

The scheduled job logs for successes and failures, the time taken to execute the job, and the job schedule

D.

Migrating from laaS to on premises, the network traffic between on-premises users and the laaS instance, and the CPU utilization of the hypervisor host

Full Access
Question # 45

A systems administrator is configuring a storage system for maximum performance and redundancy. Which of the following storage technologies should the administrator use to achieve this?

A.

RAID 5

B.

RAID 6

C.

RAID 10

D.

RAID 50

Full Access
Question # 46

A cloud administrator is troubleshooting an issue regarding users at one location who are reporting that their API access tokens have become invalid. The users are issued tokens based on their credentials in a federated cluster. Which of the following should the administrator check to determine the cause of this issue?

A.

SAML

B.

DNS

C.

SSL

D.

NTP

Full Access
Question # 47

A systems administrator automates a series of tasks in a playbook and receives the following error during testing:

"Unable to find any of pip2, pip to use. pip needs to be installed."

The administrator verifies that pip is installed correctly. Which of the following actions will most likely resolve this issue?

A.

Ensure pip is up to date.

B.

Create a firewall rule to allow pip.

C.

Refactor the automation code.

D.

Update the system path.

Full Access
Question # 48

In an existing IaaS instance, it is required to deploy a single application that has different versions.

Which of the following should be recommended to meet this requirement?

A.

Deploy using containers

B.

Install a Type 2 hypervisor

C.

Enable SR-IOV on the host

D.

Create snapshots

Full Access
Question # 49

A systems administrator is deploying a new virtualized environment. The setup is a three-server cluster with 12 VMs running on each server. While executing a vertical-scaling test of the vCPU on the VMs, the administrator gets an error. Which of the following issues is MOST likely occurring?

A.

Compute

B.

Storage

C.

Licensing

D.

Scripts

Full Access
Question # 50

A storage administrator is reviewing the storage consumption of a SAN appliance that is running a VDI environment. Which of the following features should the administrator implement to BEST reduce the storage consumption of the SAN?

A.

Deduplication

B.

Thick provisioning

C.

Compression

D.

SDS

Full Access
Question # 51

Users currently access SaaS email with five-character passwords that use only letters and numbers. An administrator needs to make access more secure without changing the password policy. Which of the following will provide a more secure way of accessing email at the lowest cost?

A.

Change the email service provider.

B.

Enable MFA with a one-time password.

C.

Implement SSO for all users.

D.

Institute certificate-based authentication

Full Access
Question # 52

A company is planning its cloud architecture and wants to use a VPC for each of its three products per environment in two regions, totaling 18 VPCs. The products have interdependences, consuming services between VPCs. Which of the following should the cloud architect use to connect all the VPCs?

A.

MPLS connections

B.

VPC peering

C.

Hub and spoke

D.

VPN connections

Full Access
Question # 53

A systems administrator is troubleshooting performance issues with a Windows VDI environment. Users have reported that VDI performance is very slow at the start of the workday, but the performance is fine during the rest of the day. Which of the following is the MOST likely cause of the issue? (Select TWO).

A.

Disk I/O limits

B.

Affinity rule

C.

CPU oversubscription

D.

RAM usage

E.

Insufficient GPI-J resources

F.

License issues

Full Access
Question # 54

A cloud engineer has deployed a virtual storage appliance into a public cloud environment. The storage appliance has a NAT to a public IP address. An administrator later notices there are some strange files on the storage appliance and a large spike in network traffic on the machine. Which of the following is the MOST likely cause?

A.

The default password is still configured on the appliance.

B.

The appliance's certificate has expired.

C.

The storage appliance has no firewall.

D.

Data encryption is enabled, and the files are hashed.

Full Access
Question # 55

A systems administrator is working on the backup schedule for a critical business application that is running in a private cloud. Which of the following would help the administrator schedule the frequency of the backup job?

A.

RPO

B.

MTTR

C.

SLA

D.

RTO

Full Access
Question # 56

A company with a worldwide presence wants to improve the user experience for its website. Which of the following can a systems administrator implement to improve download speeds and latency for the end users?

A.

A CDN solution

B.

An MPLS connection between data centers

C.

A DNS round robin

D.

A site-to-site VPN between data centers

Full Access
Question # 57

A systems administrator is helping to develop a disaster recovery solution. The solution must ensure all production capabilities are available within two hours. Which of the following will BEST meet this requirement?

A.

A hot site

B.

A warm site

C.

A backup site

D.

A cold site

Full Access
Question # 58

A company has two identical environments (X and Y) running its core business application. As part of an upgrade, the X environment is patched/upgraded and tested while the Y environment is still serving the consumer workloads. Upon successful testing of the X environment, all workload is sent to this environment, and the Y environment is then upgraded before both environments start to manage the workloads. Which of the following upgrade methods is being used?

A.

Active-passive

B.

Canary

C.

Development/production

D.

Blue-green

Full Access
Question # 59

A financial industry services firm was the victim of an internal data breach, and the perpetrator was a member of the company's development team. During the investigation, one of the security administrators accidentally deleted the perpetrator's user data. Even though the data is recoverable, which of the following has been violated?

A.

Chain of custody

B.

Evidence acquisition

C.

Containment

D.

Root cause analysis

Full Access
Question # 60

After initial stress testing showed that a platform performed well with the specification of a single 32 vCPU node, which of the following will provide the desired service with the LOWEST cost and downtime?

A.

One 32 vCPU node with CDN caching

B.

Two 8 vCPU nodes with load balancing

C.

Three to six 8 vCPU nodes autoscaling group

D.

Four 8 vCPU nodes with DNS round robin

Full Access
Question # 61

A company is using an laaS environment. Which of the following licensing models would BEST suit the organization from a financial perspective to implement scaling?

A.

Subscription

B.

Volume-based

C.

per user

D.

Socket-based

Full Access
Question # 62

A systems administrator needs to implement a service to protect a web application from external attacks. The administrator must have session-based granular control of all HTTP traffic. Which of the following should the administrator configure?

A.

IDS

B.

WAF

C.

DLP

D.

NAC

Full Access
Question # 63

A startup online gaming company is designing the optimal graphical user experience for multiplayer scenarios. However, online players have reported latency issues. Which of the following should the company configure as a remediation?

A.

Additional GPU memory

B.

Faster clock speed

C.

Additional CPU cores

D.

Dynamic allocations

Full Access
Question # 64

A production engineer is configuring a new application, which is running in containers, that requires access to a database. Which of the following methods will allow the application to authenticate to the database in the MOST secure way?

A.

Store the credentials in a variable on every worker node

B.

Store the credentials on a shared volume using whole-disk encryption

C.

Store the credentials in a configuration file using SHA-256 inside the container image

D.

Store the credentials using the orchestrator secret manager

Full Access
Question # 65

In an IaaS platform, which of the following actions would a systems administrator take FIRST to identify the scope of an incident?

A.

Conduct a memory acquisition.

B.

Snapshot all volumes attached to an instance.

C.

Retrieve data from a backup.

D.

Perform a traffic capture.

Full Access
Question # 66

Audit and system logs are being forwarded to a syslog solution. An administrator observes that two application servers have not generated any logs for a period of three days, while others continue to send logs normally. Which of the following BEST explains what is occurring?

A.

There is a configuration failure in the syslog solution.

B.

The application servers were migrated to the cloud as laaS instances.

C.

The application administrators have not performed any activity in those servers.

D.

There is a local firewall policy restriction on the syslog server.

Full Access
Question # 67

An organization has a public-facing API that is hosted on a cloud provider. The API performs slowly at times. Which of the following technologies should the cloud administrator apply to provide speed acceleration and a secure connection?

A.

WAF

B.

EDR

C.

IDS

D.

HIPS

E.

SSL

Full Access
Question # 68

A systems administrator wants to restrict access to a set of sensitive files to a specific group of users. Which of the following will achieve the objective?

A.

Add audit rules on the server

B.

Configure data loss prevention in the environment

C.

Change tine permissions and ownership of the files

D.

Implement a HIPS solution on the host

Full Access
Question # 69

A security audit related to confidentiality controls found the following transactions occurring in the system:

GET http://gateway.securetransaction.com/privileged/api/v1/changeResource?id=123 &user=277

Which of the following solutions will solve the audit finding?

A.

Using a TLS-protected API endpoint

B.

Implementing a software firewall

C.

Deploying a HIDS on each system

D.

Implementing a Layer 4 load balancer

Full Access
Question # 70

A cloud administrator has created a new asynchronous workflow lo deploy VMs to the cloud in bulk. When the workflow is tested for a single VM, it completes successfully. However, if the workflow is used to create 50 VMs at once, the job fails. Which of the following is the MOST likely cause of the issue? (Choose two.)

A.

Incorrect permissions

B.

Insufficient storage

C.

Billing issues with the cloud provider

D.

No connectivity to the public cloud

E.

Expired API token

F.

Disabled autoscaling

Full Access
Question # 71

A systems administrator needs to migrate email services to the cloud model that requires the least amount of administrative effort. Which of the following should the administrator select?

A.

DBaaS

B.

SaaS

C.

IaaS

D.

PaaS

Full Access
Question # 72

A company is using a method of tests and upgrades in which a small set of end users are exposed to new services before the majority of other users. Which of the following deployment methods is being used?

A.

Blue-green

B.

Canary

C.

Big bang

D.

Rolling

Full Access
Question # 73

A cloud administrator is responsible for managing a VDI environment that provides end users with access to limited applications. Which of the following should the administrator make changes to when a new application needs to be provided?

A.

Application security policy

B.

Application whitelisting policy

C.

Application hardening policy

D.

Application testing policy

Full Access
Question # 74

A cloud administrator is troubleshooting a highly available web application running within three containers behind a Layer 7 load balancer with a WAF inspecting all traffic. The application frequently asks the users to log in again even when the session timeout has not been reached. Which of the following should the cloud administrator configure to solve this issue?

A.

Firewall outbound rules

B.

Firewall inbound rules

C.

Load balancer certificates

D.

Load balancer stickiness

E.

WAF transaction throttling

Full Access
Question # 75

A security analyst is investigating incidents in which attackers are able to access sensitive data from a corporate application's database. The attacks occur periodically and usually

after the release of a new application's version. The following log confirms the compromise:

USER: WebApp access—key accepted

WebApp user assumed DBA role

GetData API call executed

The following actions are made after every incident occurrence:

• Validation of firewall rules

• Scripted rebuild of the database and web instances

• Application deployment from a cloud code repository

Which of the following actions will MOST likely prevent future compromises?

A.

Rotating the account credentials

B.

Migrating the database to be on premises

C.

Forbidding the use of API calls to retrieve data

D.

Implementing a new database service account

Full Access
Question # 76

An IaaS application has a two-hour RTO and a four-hour RPO. The application takes one hour to back up its data or restore from a local backup file. A systems administrator is tasked with configuring the backup policy.

Which of the following should the administrator configure to achieve the application requirements with the LEAST cost?

A.

Back up to long-term storage every night

B.

Back up to object storage every three hours

C.

Back up to long-term storage every four hours

D.

Back up to object storage every hour

Full Access
Question # 77

A global web-hosting company is concerned about the availability of its platform during an upcoming event. Web traffic is forecasted to increase substantially during the next week. The site contains mainly static content.

Which of the following solutions will assist with the increased workload?

A.

DoH

B.

WAF

C.

IPS

D.

CDN

Full Access
Question # 78

A systems administrator needs to configure an email client to ensure data integrity of the email messages.

Which of the following provides the BEST mechanism to achieve this goal?

A.

Cyclic redundancy check

B.

SHA-1 hashes

C.

SHA-256 hashes

D.

Digital signature

Full Access
Question # 79

A systems administrator is configuring RAID for a new server. This server will host files for users and replicate to an identical server. While redundancy is necessary, the most important need is to maximize storage.

Which of the following RAID types should the administrator choose?

A.

5

B.

6

C.

10

D.

50

Full Access
Question # 80

A SaaS provider wants to maintain maximum availability for its service.

Which of the following should be implemented to attain the maximum SLA?

A.

A hot site

B.

An active-active site

C.

A warm site

D.

A cold site

Full Access
Question # 81

A systems administrator is building a standardized OS template for the deployment of a web service. The image is intended for various autoscaling groups. Which of the following should be included in the image as best practice?

A.

Graphical user interface.

B.

Website configuration.

C.

System security hardening elements.

D.

Compute, memory, and storage capacity.

Full Access
Question # 82

A company uses multiple SaaS-based cloud applications. All the applications require authentication upon access. An administrator has been asked to address this issue and enhance security. Which of the following technologies would be the BEST solution?

A.

Single sign-on

B.

Certificate authentication

C.

Federation

D.

Multifactor authentication

Full Access
Question # 83

A company is utilizing a private cloud solution that is hosted within its datacenter. The company wants to launch a new business application, which requires the resources below:

The current private cloud has 30 vCPUs and 512GB RAM available. The company is looking for a quick solution to launch this application, with expected maximum sessions to be close to 24,000 at launch and an average of approximately 5,000 sessions.

Which of the following solutions would help the company accommodate the new workload in the SHORTEST amount of time and with the maximum financial benefits?

A.

Configure auto-scaling within the private cloud

B.

Set up cloud bursting for the additional resources

C.

Migrate all workloads to a public cloud provider

D.

Add more capacity to the private cloud

Full Access
Question # 84

A company wants to move its environment from on premises to the cloud without vendor lock-in. Which of the following would BEST meet this requirement?

A.

DBaaS

B.

SaaS

C.

IaaS

D.

PaaS

Full Access
Question # 85

A systems administrator has migrated an internal application to a public cloud. The new web server is running under a TLS connection and has the same TLS certificate as the internal application that is deployed. However, the IT department reports that only internal users who are using new versions of the OSs are able to load the application home page.

Which of the following is the MOST likely cause of the issue?

A.

The local firewall from older OSs is not allowing outbound connections

B.

The local firewall from older OSs is not allowing inbound connections

C.

The cloud web server is using a self-signed certificate that is not supported by older browsers

D.

The cloud web server is using strong ciphers that are not supported by older browsers

Full Access
Question # 86

A cloud administrator needs to implement a mechanism to monitor the expense of the company’s cloud resources.

Which of the following is the BEST option to execute this task with minimal effort?

A.

Ask the cloud provider to send a daily expense report

B.

Set custom notifications for exceeding budget thresholds

C.

Use the API to collect expense information from cloud resources

D.

Implement a financial tool to monitor cloud resource expenses

Full Access
Question # 87

A systems administrator would like to reduce the network delay between two servers.

Which of the following will reduce the network delay without taxing other system resources?

A.

Decrease the MTU size on both servers

B.

Adjust the CPU resources on both servers

C.

Enable compression between the servers

D.

Configure a VPN tunnel between the servers

Full Access
Question # 88

A systems administrator wants to have near-real-time information on the volume of data being exchanged between an application server and its clients on the Internet.

Which of the following should the systems administrator implement to achieve this objective?

A.

A stateful firewall

B.

DLP

C.

DNSSEC

D.

Network flows

Full Access
Question # 89

A cloud administrator recently noticed that a number of files stored at a SaaS provider’s file-sharing service were deleted. As part of the root cause analysis, the administrator noticed the parent folder permissions were modified last week. The administrator then used a test user account and determined the permissions on the files allowed everyone to have write access.

Which of the following is the best step for the administrator to take NEXT?

A.

Identify the changes to the file-sharing service and document

B.

Acquire a third-party DLP solution to implement and manage access

C.

Test the current access permissions to the file-sharing service

D.

Define and configure the proper permissions for the file-sharing service

Full Access
Question # 90

An OS administrator is reporting slow storage throughput on a few VMs in a private IaaS cloud. Performance graphs on the host show no increase in CPU or memory. However, performance graphs on the storage show a decrease of throughput in both IOPS and MBps but not much increase in latency. There is no increase in workload, and latency is stable on the NFS storage arrays that are used by those VMs.

Which of the following should be verified NEXT?

A.

Application

B.

SAN

C.

VM GPU settings

D.

Network

Full Access
Question # 91

An organization is running a database application on a SATA disk, and a customer is experiencing slow performance most of the time.

Which of the following should be implemented to improve application performance?

A.

Increase disk capacity

B.

Increase the memory and network bandwidth

C.

Upgrade the application

D.

Upgrade the environment and use SSD drives

Full Access
Question # 92

A systems administrator is tasked with configuring a cloud-based disaster recovery solution. The organization requires that the recovery point objective (RPO) be as low as possible while keeping costs manageable. Which of the following strategies best meets this requirement?

A.

Incremental backups with snapshots.

B.

Differential backups stored on a warm site.

C.

Replication of critical data to a cold site.

D.

Full backups stored offsite.

Full Access
Question # 93

Based on the shared responsibility model, which of the following solutions passes the responsibility of patching the OS to the customer?

A.

PaaS

B.

DBaaS

C.

laaS

D.

SaaS

Full Access
Question # 94

A company has decided to get multiple compliance and security certifications for its public cloud environment. However, the company has few staff members to handle the extra workload, and it has limited knowledge of the current infrastructure.

Which of the following will help the company meet the compliance requirements as quickly as possible?

A.

DLP

B.

CASB

C.

FIM

D.

NAC

Full Access
Question # 95

The human resources department was charged for a cloud service that belongs to another department. All other cloud costs seem to be correct.

Which of the following is the MOST likely cause for this error?

A.

Misconfigured templates

B.

Misconfigured chargeback

C.

Incorrect security groups

D.

Misconfigured tags

Full Access
Question # 96

A company has developed a cloud-ready application. Before deployment, an administrator needs to select a deployment technology that provides a high level of portability and is lightweight in terms of footprint and resource requirements.

Which of the following solutions will be BEST to help the administrator achieve the requirements?

A.

Containers

B.

Infrastructure as code

C.

Desktop virtualization

D.

Virtual machines

Full Access
Question # 97

Which of the following will mitigate the risk of users who have access to an instance modifying the system configurations?

A.

Implement whole-disk encryption

B.

Deploy the latest OS patches

C.

Deploy an anti-malware solution

D.

Implement mandatory access control

Full Access
Question # 98

A cloud engineer needs to perform a database migration_ The database has a restricted SLA and cannot be offline for more than ten minutes per month The database stores 800GB of data, and the network bandwidth to the CSP is 100MBps. Which of the following is the BEST option to perform the migration?

A.

Copy the database to an external device and ship the device to the CSP

B.

Create a replica database, synchronize the data, and switch to the new instance.

C.

Utilize a third-patty tool to back up and restore the data to the new database

D.

use the database import/export method and copy the exported file.

Full Access
Question # 99

A cloud administrator has deployed a website and needs to improve the site security to meet requirements. The website architecture is designed to have a DBaaS in the back end and autoscaling instances in the front end using a load balancer to distribute the request. Which of the following will the cloud administrator most likely use?

A.

An API gateway

B.

An IPS/IDS

C.

A reverse proxy

D.

A WAF

Full Access
Question # 100

The Chief Information Officer of a financial services company wants to ensure stringent security measures are maintained while migrating customer financial information from a private cloud to the public cloud. The cloud engineer must deploy automated validation and verification checks to prevent unauthorized disclosure of financial information. Which of the following should be configured during the migration?

A.

ACL

B.

VPN

C.

P2V

D.

VDI

Full Access
Question # 101

A cloud engineer is deploying a server in a cloud platform. The engineer reviews a security scan report. Which of the following recommended services should be disabled? (Select TWO).

A.

Telnet

B.

FTP

C.

Remote login

D.

DNS

E.

DHCP

F.

LDAP

Full Access
Question # 102

A systems administrator received a report stating resumes submitted through the company's website are being exposed at the URL https://careers.company.com/upload/. Which of the following actions should the administrator take to fix the issue?

A.

Remove write permissions to the folder /upload/.

B.

Implement file integrity monitoring.

C.

Reconfigure the folder /upload/ to request authentication.

D.

Implement a DLP solution.

E.

Implement encryption in transit.

Full Access
Question # 103

A systems administrator receives an alert that VDI performance on the cluster is poor. Opening any application takes one to two minutes. The administrator investigates and finds the following conditions:

    Cluster memory utilization: 65%

    Cluster SSD utilization: 70%

    Average VM CPU wait time: 14%

    Cluster CPU utilization: 75%

Which of the following actions should the administrator take to improve VDI performance?

A.

Add CPU resources to the cluster.

B.

Increase the number of vCPUs per VM.

C.

Add memory to the nodes in the cluster.

D.

Increase the amount of SSD storage in the cluster.

Full Access
Question # 104

A corporation is evaluating an offer from a CSP to take advantage of volume discounts on a shared platform. The finance department is concerned about cost allocation transparency, as the current structure splits projects into dedicated billing accounts. Which of the following can be used to address this concern?

A.

Implementing resource tagging

B.

Defining a cost baseline

C.

Consolidating the billing accounts

D.

Using a third-party accounting tool

Full Access
Question # 105

A newly deployed public cloud tenant has been billed five times the forecasted amount. Which of the following is the most likely cause of the issue?

A.

Incorrect billing by the cloud provider.

B.

Incorrect responsibility model.

C.

Incorrect tenant allocation.

D.

Incorrect resource selection.

Full Access
Question # 106

Which of the following lists includes examples of predeveloped AI/ML solutions?

A.

Natural language processing, forecasting, and VoIP

B.

Serverless application, image recognition, and speech recognition

C.

Code review, anomaly detection, and elasticity

D.

Image recognition, video analysis, and natural language processing

Full Access
Question # 107

A systems administrator is configuring a DNS server. Which of the following steps should a technician take to ensure confidentiality between the DNS server and an upstream DNS provider?

A.

Enable DNSSEC.

B.

Implement single sign-on.

C.

Configure DOH.

D.

Set up DNS over SSL.

Full Access
Question # 108

A systems administrator is deploying a new version of a website. The website is deployed in the cloud using a VM cluster. The administrator must then deploy the new version into one VM first. After a period of time, if there are no issues detected, a second VM will be updated. This process must continue until all the VMS are updated. Which of the following upgrade methods is being implemented?

A.

Canary

B.

Blue-green

C.

Rolling

D.

Staging

Full Access
Question # 109

Which of the following best describes a Type 1 hypervisor?

A.

Non-embedded.

B.

Software-driven.

C.

Bare-metal.

D.

Simple native.

Full Access
Question # 110

Which of the following provides groups of compute units that can horizontally scale according to a workload?

A.

Orchestrated container environment

B.

Cloud-reserved instances

C.

Autoscaling

D.

Cloud bursting

Full Access
Question # 111

A systems administrator notices several VMS are constantly ballooning, while the memory usage of several other VMS is significantly lower than their resource allocation. Which of the following will MOST likely solve the issue?

A.

Rightsizing

B.

Bandwidth increase

C.

Cluster placement

D.

Storage tiers

Full Access
Question # 112

A DevOps engineer needs to provide sensitive information to applications running as containers. The sensitive information will be updated based on the environment in which the container will be deployed. Which of the following should the engineer leverage to ensure the data remains protected?

A.

Secrets

B.

Tokens

C.

Image scanning

D.

Variables

Full Access
Question # 113

An organization is currently deploying a private cloud model. All devices should receive the time from the local environment with the least administrative effort. Which of the following ports needs to be opened to fulfill this requirement?

A.

53

B.

67

C.

123

D.

161

Full Access
Question # 114

A systems administrator is troubleshooting issues with audio lag during phone conferences. When looking at the core switch, the administrator notices its buffers are consistently full, and packets are being dropped due to the large number being sent and received. There is no room in the budget for new hardware, but it is critical that the audio lag be fixed immediately. Which of the following will most likely resolve the issue?

A.

Enable compression of audio traffic.

B.

Configure QoS rules for VolP traffic.

C.

Verify that the gateway uplink is not saturated.

D.

Add an exception to IPS for voice traffic.

Full Access
Question # 115

A company is using laaS services from two different providers: one for its primary site, and the other for a secondary site. The primary site is completely inaccessible, and the management team has decided to run through the BCP procedures. Which of the following will provide the complete asset information?

A.

DR replication document

B.

DR playbook

C.

DR policies and procedures document

D.

DR network diagram

Full Access
Question # 116

A systems administrator receives a ticket stating the following:

“The programming team received an error during the process deploying applications to the container platform. The error after the containerized applications were created”

Which the following should the administrator Check FIRST?

A.

The containers

B.

The application

C.

The Scripts

D.

The templates

Full Access
Question # 117

A systems administrator needs to provide information for a capacity-planning document. Which of the following is the most relevant baseline and capacity information?

A.

vCPU, vGPU, subscriptions, geographical, storage, user density, firewall settings.

B.

vGPU, storage, networking, user density, firewall, budgetary.

C.

vCPU, subscriptions, storage, DDoS, licensing, user density.

D.

vCPU, vGPU, subscriptions, storage, bandwidth, licensing.

Full Access
Question # 118

A systems administrator is planning to deploy a database cluster in a virtualization environment. The administrator needs to ensure the database nodes do not exist on the same physical host. Which of the following would best meet this requirement?

A.

Oversubscription

B.

Anti-affinity

C.

A firewall

D.

A separate cluster

Full Access
Question # 119

A company that performs passive vulnerability scanning at its transit VPC has detected a vulnerability related to outdated web-server software on one of its public subnets. Which of the following can the company use to verify if this is a true positive with the least effort and cost? (Select two).

A.

A network-based scan

B.

An agent-based scan

C.

A port scan

D.

A red-team exercise

E.

A credentialed scan

F.

A blue-team exercise

G.

Unknown environment penetration testing

Full Access
Question # 120

An integration application that communicates between different application and database servers is currently hosted on a physical machine. A P2V migration needs to be done to reduce the hardware footprint. Which of the following should be considered to maintain the same level of network throughput and latency in the virtual server?

A.

Upgrading the physical server NICs to support 10Gbps

B.

Adding more vCPU

C.

Enabling SR-IOV capability

D.

Increasing the VM swap/paging size

Full Access
Question # 121

Due to a policy change, a few of a customer’s application VMs have been migrated to synchronously replicated storage. The customer now reports that performance is lower. The systems administrator checks the resource usage and discovers CPU utilization is at 60% and available memory is at 30%.

Which of the following is the MOST likely cause?

A.

There is not enough vCPU assigned

B.

The application is not compatible with the new settings

C.

The new configuration is adding latency

D.

The memory of the VM is underallocated

Full Access
Question # 122

A systems administrator has finished installing monthly updates to servers in a cloud environment. The administrator notices certain portions of the playbooks are no longer functioning. Executing the playbook commands manually on a server does not work as well. There are no other reports of issues.

Which of the following is the MOST likely cause of this issue?

A.

Change management failure

B.

Service overload

C.

Patching failure

D.

Job validation issues

E.

Deprecated features

Full Access
Question # 123

A systems administrator is troubleshooting network throughput issues following a deployment. The network is currently being overwhelmed by the amount of traffic between the database and the web servers in the environment.

Which of the following should the administrator do to resolve this issue?

A.

Set up affinity rules to keep web and database servers on the same hypervisor

B.

Enable jumbo frames on the gateway

C.

Move the web and database servers onto the same VXLAN

D.

Move the servers onto thick-provisioned storage

Full Access
Question # 124

A company has deployed a new cloud solution and is required to meet security compliance.

Which of the following will MOST likely be executed in the cloud solution to meet security requirements?

A.

Performance testing

B.

Regression testing

C.

Vulnerability testing

D.

Usability testing

Full Access
Question # 125

A cloud administrator recently misconfigured the permission policy on a credential vault by granting public access to it. Which of the following should the administrator do? (Select two).

A.

Reduce the system resources.

B.

Delete the affected users.

C.

Revoke the misconfigured permission policy.

D.

Scan the systems for vulnerabilities.

E.

Change the affected credentials.

F.

Block public access to the application.

Full Access
Question # 126

A cloud administrator is managing an organization's infrastructure in a public cloud. All servers are currently located in a single virtual network with a single firewall that all traffic must pass through. Per security requirements, production, QA, and development servers should not be able to communicate directly with each other. Which of the following should an administrator perform to comply with the security requirement?

A.

Create separate virtual networks for production, QA, and development servers.Move the servers to the appropriate virtual network.Apply a network security group to each virtual network that denies all traffic except for the firewall.

B.

Create separate network security groups for production, QA, and development servers.Apply the network security groups on the appropriate production, QA, and development servers.Peer the networks together.

C.

Create separate virtual networks for production, QA, and development servers.Move the servers to the appropriate virtual network.Peer the networks together.

D.

Create separate network security groups for production, QA, and development servers.Peer the networks together.Create static routes for each network to the firewall.

Full Access
Question # 127

A cloud engineer is required to move legacy systems to a public cloud. The system configuration is provided below:

Server Name

Cores

OS Disk (Used)

Data Disk (Used)

Encryption

Web1

2

500GB (45%)

1TB (20%)

OS

Web2

2

500GB (40%)

1TB (90%)

OS

App1

4

250GB (90%)

2TB (65%)

No

App2

4

250GB (70%)

2TB (95%)

No

DB1

16

250GB (25%)

4TB (65%)

Data

The public cloud provider VMs support a maximum OS disk size of 250GB and a data disk size of 2TB. Which of the following tasks will contribute to a successful migration to the cloud environment? (Select two).

A.

Clean up Web1's OS disk.

B.

Shrink the OS disk for Web1 and Web2.

C.

Migrate DB1 to DBaaS.

D.

Clean up App1's OS Disk.

E.

Decrypt DB1.

F.

Convert DB1 to a clustered database.

Full Access
Question # 128

A cloud engineer is troubleshooting poor performance on a corporate website configured behind a cloud application load balancer. The following output was collected on the cloud console:

    CDN status: Configured and content replicated to edge locations.

    WAF status: 10 rules applied; 8,787,638 hits / 37,634 blocks.

    Listening on ports: 80/443.

    Forwarding traffic to instances: 5 (2 healthy).

    Autoscaling events: 25.

Which of the following is the most likely cause of the issue?

A.

The web servers are not responding properly.

B.

The web firewall is blocking legitimate traffic.

C.

The CDN should not be used during high loads.

D.

Autoscaling events are too high.

Full Access
Question # 129

A storage array that is used exclusively for datastores is being decommissioned, and a new array has been installed. Now the private cloud administrator needs to migrate the data.

Which of the following migration methods would be the BEST to use?

A.

Conduct a V2V migration

B.

Perform a storage live migration

C.

Rsync the data between arrays

D.

Use a storage vendor migration appliance

Full Access
Question # 130

A systems administrator is reviewing two CPU models for a cloud deployment. Both CPUs have the same number of cores/threads and run at the same clock speed.

Which of the following will BEST identify the CPU with more computational power?

A.

Simultaneous multithreading

B.

Bus speed

C.

L3 cache

D.

Instructions per cycle

Full Access
Question # 131

A systems administrator is troubleshooting performance issues with a Windows VDI environment. Users have reported that VDI performance is very slow at the start of the workday, but the performance is fine during the rest of the day. Which of the following is the MOST likely cause of the issue? (Choose two.)

A.

Disk I/O limits

B.

Affinity rule

C.

CPU oversubscription

D.

RAM usage

E.

Insufficient GPU resources

F.

License issues

Full Access
Question # 132

Which of the following strategies will mitigate the risk of a zero-day vulnerability MOST efficiently?

A.

Using only open-source technologies

B.

Keeping all resources up to date

C.

Creating a standby environment with a different cloud provider

D.

Having a detailed incident response plan

Full Access
Question # 133

A systems administrator is deploying a GPU-accelerated VDI solution. Upon requests from several users, the administrator installs an older version of the OS on their virtual workstations. The majority of the VMs run the latest LTS version of the OS.

Which of the following types of drivers will MOST likely ensure compatibility will all virtual workstations?

A.

Alternative community drivers

B.

Legacy drivers

C.

The latest drivers from the vendor’s website

D.

The drivers from the OS repository

Full Access
Question # 134

An organization requires the following to be achieved between the finance and marketing departments:

    Allow HTTPS/HTTP.

    Disable FTP and SMB traffic.

Which of the following is the MOST suitable method to meet the requirements?

A.

Implement an ADC solution to load balance the VLAN traffic

B.

Configure an ACL between the VLANs

C.

Implement 802.1X in these VLANs

D.

Configure on-demand routing between the VLANs

Full Access
Question # 135

An organization has the following requirements that need to be met when implementing cloud services:

    SSO to cloud infrastructure

    On-premises directory service

    RBAC for IT staff

Which of the following cloud models would meet these requirements?

A.

Public

B.

Community

C.

Hybrid

D.

Multitenant

Full Access