Halloween Special - 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dm70dm

CV0-004 CompTIA Cloud+ (2024) Questions and Answers

Questions 4

A company needs to deploy its own code directly in the cloud without provisioning additional infrastructure. Which of the following is the best cloud service model for the company to use?

Options:

A.

PaaS

B.

SaaS

C.

laaS

D.

XaaS

Buy Now
Questions 5

A cloud engineer needs to determine a scaling approach for a payroll-processing solution that runs on a biweekly basis. Given the complexity of the process, the deployment to each

new VM takes about 25 minutes to get ready. Which of the following would be the best strategy?

Options:

A.

Horizontal

B.

Scheduled

C.

Trending

D.

Event

Buy Now
Questions 6

A security engineer recently discovered a vulnerability in the operating system of the company VMs. The operations team reviews the issue and decides all VMs need to be updated

from version 3.4.0 to 3.4.1. Which of the following best describes the type of update that will be applied?

Options:

A.

Consistent

B.

Major

C.

Minor

D.

Ephemeral

Buy Now
Questions 7

An engineer made a change to an application and needs to select a deployment strategy that meets the following requirements:

• Is simple and fast

• Can be performed on two Identical platforms

Which of the following strategies should the engineer use?

Options:

A.

Blue-green

B.

Canary

C.

Rolling

D.

in-place

Buy Now
Questions 8

A company wants to combine solutions in a central and scalable environment to achieve the following goals:

• Control

• Visibility

• Automation

• Cost efficiency

Which of the following best describes what the company should implement?

Options:

A.

Batch processing

B.

Workload orchestration

C.

Containerization

D.

Application modernization

Buy Now
Questions 9

A cloud engineer is deploying a cloud solution that will be used on premises with need-to-know access. Which of the following cloud deployment models best meets this

requirement?

Options:

A.

Community

B.

Public

C.

Private

D.

Hybrid

Buy Now
Questions 10

An organization has been using an old version of an Apache Log4j software component in its critical software application. Which of the following should the organization use to

calculate the severity of the risk from using this component?

Options:

A.

CWE

B.

CVSS

C.

CWSS

D.

CVE

Buy Now
Questions 11

An administrator needs to provide a backup solution for a cloud infrastructure that enables the resources to run from another data center in case of a outage. Connectivity to the

backup data center is via a third-party, untrusted network. Which of the following is the most important feature required for this solution?

Options:

A.

Deduplication

B.

Replication

C.

Compression

D.

Encryption

E.

Labeling

Buy Now
Questions 12

Which of the following describes the main difference between public and private container repositories?

Options:

A.

Private container repository access requires authorization, while public repository access does not require authorization.

B.

Private container repositories are hidden by default and containers must be directly referenced, while public container repositories allow browsing of container images.

C.

Private container repositories must use proprietary licenses, while public container repositories must have open-source licenses.

D.

Private container repositories are used to obfuscate the content of the Dockerfile, while public container repositories allow for Dockerfile inspection.

Buy Now
Questions 13

A cloud security analyst is looking for existing security vulnerabilities on software applications. Which of the following describes this vulnerability management phase?

Options:

A.

Analyze

B.

Report

C.

Remediation

D.

identification

Buy Now
Questions 14

Which of the following are best practices when working with a source control system? (Select two).

Options:

A.

Merging code often

B.

Pushing code directly to production

C.

Performing code deployment

D.

Maintaining one branch for all features

E.

Committing code often

F.

Initiating a pull request

Buy Now
Questions 15

A newly configured VM fails to run application updates despite having internet access. The updates download automatically from a third-party network. Given the following output:

CV0-004 Question 15

Which of the following troubleshooting steps would be best to take?

Options:

A.

Checking DNS configurations

B.

Reconfiguring routing protocols

C.

Testing the IP address configuration

D.

Running a trace to the router

Buy Now
Questions 16

A cloud engineer hardened the WAF for a company that operates exclusively in North America. The engineer did not make changes to any ports, and all protected applications have

continued to function as expected. Which of the following configuration changes did the engineer most likely apply?

Options:

A.

The engineer implemented MFA to access the WAF configurations.

B.

The engineer blocked all traffic originating outside the region.

C.

The engineer installed the latest security patches on the WAF.

D.

The engineer completed an upgrade from TLS version 1.1 to version 1.3.

Buy Now
Questions 17

A highly regulated business is required to work remotely, and the risk tolerance is very low. You are tasked with providing an identity solution to the company cloud that includes the following:

  • secure connectivity that minimizes user login
  • tracks user activity and monitors for anomalous activity
  • requires secondary authentication

INSTRUCTIONS

Select controls and servers for the proper control points.

CV0-004 Question 17

CV0-004 Question 17

Options:

Buy Now
Questions 18

A systems engineer is migrating a batch of 25 VMs from an on-premises compute cluster to a public cloud using the public cloud's migration agent. The migration job shows data

copies at a rate of 250Mbps. After five servers migrate, the data copies at a rate of 25Mbps. Which of the following should the engineer review first to troubleshoot?

Options:

A.

The on-premises VM host hardware utilization

B.

The on-premises ISP throttling rate

C.

The IOPS on the SAN backing the on-premises cluster

D.

The compute utilization of the VMs being migrated

Buy Now
Questions 19

A cloud architect attempts to modify a protected branch but is unable to do so. The architect receives an error indicating the action cannot be completed. Which of the following should the architect try instead''

Options:

A.

Adding a new remote

B.

Creating a pull request

C.

Merging the branch

D.

Rebasing the branch

Buy Now
Questions 20

A cross-site request forgery vulnerability exploited a web application that was hosted in a public laaS network. A security engineer determined that deploying a WAF in blocking mode at a CDN would prevent the application from being exploited again. However, a week after implementing the WAF, the application was exploited again. Which of the following should the security engineer do to make the WAF control effective?

Options:

A.

Configure the DDoS protection on the CDN.

B.

Install endpoint protection software on the VMs

C.

Add an ACL to the VM subnet.

D.

Deploy an IDS on the laaS network.

Buy Now
Questions 21

You are a cloud engineer working for a cloud service provider that is responsible for an

IaaS offering.

Your customer, who creates VMs and manages virtual storage, has noticed I/O bandwidth issues and low IOPS (under 9000).

Your manager wants you to verify the proper storage configuration as dictated by your service level agreement (SLA).

The SLA specifies:

. Each SFP on the hypervisor host must be set to the maximum link speed

allowed by the SAN array. . All SAN array disk groups must be configured in a RAID 5.

. The SAN array must be fully configured for redundant fabric paths. . IOPS should not fall below 14000

INSTRUCTIONS

Click on each service processor to review the displayed information. Then click on the drop-down menus to change the settings of each device as necessary to conform to the SLA requirements.

CV0-004 Question 21

CV0-004 Question 21

CV0-004 Question 21

CV0-004 Question 21

Options:

Buy Now
Questions 22

A systems administrator notices a surge of network traffic is coming from the monitoring server. The administrator discovers that large amounts of data are being downloaded to an external source. While investigating, the administrator reviews the following logs:

CV0-004 Question 22

Which of the following ports has been compromised?

Options:

A.

Port 20

B.

Port 22

C.

Port 443

D.

Port 4443

E.

Port 8048

Buy Now
Questions 23

A manager wants information about which users signed in to a certain VM during the past month. Which of the following can the cloud administrator use to obtain this information?

Options:

A.

Retention

B.

Alerting

C.

Aggregation

D.

Collection

Buy Now
Questions 24

A DevOps engineer is performing maintenance on the mail servers for a company's web application. Part of this maintenance includes checking core operating system updates. The servers are currently running version 3.2 of the operating system. The engineer has two update options—one to version 4.1 and the other to version 3.7. Both versions are fully supported by the operating system manufacturer. Which of the following best describes the action the engineer should take?

Options:

A.

Upgrade to 3.7 in the development environment.

B.

Upgrade to 4.1 on one production server at a time.

C.

Read the release notes on version 4.1.

D.

Schedule a maintenance window and upgrade to 3.7 in the production environment.

Buy Now
Questions 25

A company uses containers to implement a web application. The development team completed internal testing of a new feature and is ready to move the feature to the production

environment. Which of the following deployment models would best meet the company's needs while minimizing cost and targeting a specific subset of its users?

Options:

A.

Canary

B.

Blue-green

C.

Rolling

D.

In-place

Buy Now
Questions 26

A log-parsing application requires significant processing power to ingest the logs streaming from web servers. The engineering team presents the cloud architect with four proposals

using the same underlying hardware. Which of the following should the cloud architect select in order to minimize the impact of an instance failure while keeping the cost as low as

possible?

Options:

A.

Four instances of 4vCPU, 8GB RAM, 80GB SSD

B.

Four instances of 4vCPU, 8GB RAM, 80GB HDD

C.

Two instances of 8vCPU, 16GB RAM, 80GB SSD

D.

Two instances of 8vCPU, 16GB RAM, 80GB HDD

Buy Now
Questions 27

The company's IDS has reported an anomaly. The cloud engineer remotely accesses the cloud instance, runs a command, and receives the following information:

CV0-004 Question 27

Which of the following is the most likely root cause of this anomaly?

Options:

A.

Privilege escalation

B.

Leaked credentials

C.

Cryptojacking

D.

Defaced website

Buy Now
Questions 28

A company that has several branches worldwide needs to facilitate full access to a specific cloud resource to a branch in Spain. Other branches will have only read access. Which of

the following is the best way to grant access to the branch in Spain?

Options:

A.

Set up MFA for the users working at the branch.

B.

Create a network security group with required permissions for users in Spain.

C.

Apply a rule on the WAF to allow only users in Spain access to the resource.

D.

Implement an IPS/IDS to detect unauthorized users.

Buy Now
Questions 29

A critical security patch is required on a network load balancer in a public cloud. The organization has a major sales conference next week, and the Chief Executive Officer does not want any interruptions during the demonstration of an application behind the load balancer. Which of the following approaches should the cloud security engineer take?

Options:

A.

Ask the management team to delay the conference.

B.

Apply the security patch after the event.

C.

Ask the upper management team to approve an emergency patch window.

D.

Apply the security patch immediately before the conference.

Buy Now
Questions 30

An organization needs to retain its data for compliance reasons but only when required. Which of the following would be the most cost-effective type of tiered storage?

Options:

A.

Warm

B.

Hot

C.

Archive

D.

Cold

Buy Now
Questions 31

A systems administrator needs to configure backups for the company's on-premises VM cluster. The storage used for backups will be constrained on free space until the company

can implement cloud backups. Which of the following backup types will save the most space, assuming the frequency of backups is kept the same?

Options:

A.

Snapshot

B.

Ful

C.

Differential

D.

Incremental

Buy Now
Questions 32

Which of the following storage resources provides higher availability and speed for currently used files?

Options:

A.

Warm/HDD

B.

Cold/SSD

C.

Hot/SSD

D.

Archive/HDD

Buy Now
Questions 33

A company operates a website that allows customers to upload, share, and retain tull ownership of their photographs. Which of the following could affect image ownership as the website usage expands globally?

Options:

A.

Sovereignty

B.

Data classification

C.

Litigation holds

D.

Retention

Buy Now
Questions 34

Which of the following provides secure, private communication between cloud environments without provisioning additional hardware or appliances?

Options:

A.

VPN

B.

VPC peering

C.

BGP

D.

Transit gateway

Buy Now
Questions 35

Which of the following is a difference between a SAN and a NAS?

Options:

A.

A SAN works only with fiber-based networks.

B.

A SAN works with any Ethernet-based network.

C.

A NAS uses a faster protocol than a SAN

D.

A NAS uses a slower protocol than a SAN.

Buy Now
Questions 36

An organization is hosting a seminar with eight individuals who need to connect to their own dedicated VM. The technician used the following VM configurations:

IP address: DHCP

NIC: 1Gbps

Network: 10.1.10.0/29

Several users are unable to access their VMs. Which of the following best describes the reason?

Options:

A.

Not enough addresses are available.

B.

The routes are misconfigured.

C.

Too much traffic is on the network.

D.

DHCP is not working correctly on the VM.

Buy Now
Questions 37

A SaaS provider introduced new software functionality for customers as part of quarterly production enhancements. After an update is implemented, users cannot locate certain transactions from an inbound integration. During the investigation, the application owner finds the following error in the logs:

Error: REST API - Deprecated call is no longer supported in this release.

Which of the following is the best action for the application owner to take to resolve the issue?

Options:

A.

Update the custom integration to use a supported function.

B.

Include the custom integration in the quarterly testing scope.

C.

Ask the users to monitor the quarterly updates.

D.

Revert the application to the last stable quarterly release.

Buy Now
Questions 38

A cloud solutions architect needs to have consistency between production, staging, and development environments. Which of the following options will best achieve this goal?

Options:

A.

Using Terraform templates with environment variables

B.

Using Grafana in each environment

C.

Using the ELK stack in each environment

D.

Using Jenkins agents in different environments

Buy Now
Questions 39

Which of the following is the best type of database for storing different types of unstructured data that may change frequently?

Options:

A.

Vector

B.

Relational

C.

Non-relational

D.

Graph

Buy Now
Questions 40

A cloud engineer is designing a high-performance computing cluster for proprietary software. The software requires low network latency and high throughput between cluster nodes.

Which of the following would have the greatest impact on latency and throughput when designing the HPC infrastructure?

Options:

A.

Node placement

B.

Node size

C.

Node NIC

D.

Node OS

Buy Now
Questions 41

A company's man web application is no longer accessible via the internet. The cloud administrator investigates and discovers the application is accessible locally and only via an IP access. Which of the following was misconfigured?

Options:

A.

IP

B.

DHCP

C.

NAT

D.

DNS

Buy Now
Questions 42

A cloud engineer is provisioning a new application that requires access to the organization's public cloud resources. Which of the following is the best way for the cloud engineer to authenticate the application?

Options:

A.

Access key

B.

API

C.

MFA token

D.

Username and Password

Buy Now
Questions 43

Which of the following would allow a cloud engineer to flatten a deeply nested JSON log to improve readability for analysts?

Options:

A.

Grafana

B.

Kibana

C.

Elasticsearch

D.

Logstash

Buy Now
Questions 44

Which of the following Al/ML technologies consumes text input to discern tone?

Options:

A.

Text recognition

B.

Computer vision

C.

Visual recognition

D.

Sentiment analysis

Buy Now
Questions 45

A cloud engineer is reviewing the following Dockerfile to deploy a Python web application:

CV0-004 Question 45

Which of the following changes should the engineer make lo the file to improve container security?

Options:

A.

Add the instruction "JSER nonroot.

B.

Change the version from latest to 3.11.

C.

Remove the EHTRYPOIKT instruction.

D.

Ensure myapp/main.pyls owned by root.

Buy Now
Questions 46

A systems administrator is configuring backups on a VM and needs the process to run as quickly as possible, reducing the bandwidth on the network during all times from Monday through Saturday. In the event of data corruption, the management team expects the mean time to recovery to be as low as possible. Which of the following backup methods can the administrator use to accomplish these goals?

Options:

A.

Incremental backup daily to the cloud

B.

Full backup on Sunday and incremental backups on all other days of the week

C.

Differential backup daily to the cloud

D.

Incremental backups during off-hours on Monday, Wednesday, and Friday

Buy Now
Questions 47

A company requests that its cloud administrator provision virtual desktops for every user. Given the following information:

• One hundred users are at the company.

• A maximum of 30 users work at the same time.

• Users cannot be interrupted while working on the desktop.

Which of the following strategies will reduce costs the most?

Options:

A.

Provisioning VMs of varying sizes to match user needs

B.

Configuring a group of VMs to share with multiple users

C.

Using VMs that have spot availability

D.

Setting up the VMs to turn off outside of business hours at night

Buy Now
Questions 48

A cloud engineer has provisioned a VM for a high-frequency trading application. After the VM is put into production, users report high latency in trades. The engineer checks the last six hours of VM metrics and sees the following:

• CPU utilization is between 30% to 60%.

• Networkln is between 50Kbps and 70Kbps.

• NetworkOut is between 3.000Kpbs and 5.000Kbps.

• DiskReadOps is at 30.

• DiskWriteOps is at 70

• Memory utilization is between 50% and 70%.

Which of the following steps should the engineer take next to solve the latency issue?

Options:

A.

Move to a network-optimized instance type as the network throughput is not enough.

B.

Modify the disk IOPS to a higher value as the disk IO is being bottlenecked at 100 IOPS.

C.

Increase the memory of the instance as the high-frequency trading application requires more RAM.

D.

Increase the instance size to allocate more vCPUs as the CPU utilization is very high.

Buy Now
Questions 49

Which of the following is a customer be responsible for in a provider-managed database service? (Select two).

Options:

A.

Operating system patches

B.

Table-level permissions

C.

Minor database engine updates

D.

Cluster configuration

E.

Row-level encryption

F.

Availability of hardware for scaling

Buy Now
Questions 50

A cloud networking engineer is troubleshooting the corporate office's network configuration. Employees in the IT and operations departments are unable to resolve IP addresses on all devices, and the IT department cannot establish a connection to other departments' subnets. The engineer identifies the following configuration currently in place to support the office network:

CV0-004 Question 50

Each employee needs to connect to the network with a maximum of three hosts. Each subnet must be segregated, but the IT department must have the ability to communicate with all subnets. Which of the following meet the IP addressing and routing requirements? (Select two).

Options:

A.

Modifying the subnet mask to 255 255 254.0 for IT and operations departments

B.

Configuring static routing to allow access from each subnet to 10.1.40.1

C.

Modifying the BYOD policy to reduce the volume of devices that are allowed to connect to the corporate network

D.

Configuring static routing to allow access from 10.1.30.1 to each subnet

E.

Combining the subnets and increasing the allocation of IP addresses available to support three hosts for each employee

F.

Modifying the subnet mask to 255.255.255.128 for the IT and operations departments

Buy Now
Questions 51

A company implements a web farm with 100 servers behind an application load balancer. Dunng scaling events, new web servers that are placed in service have not loaded all their modules, which causes some requests to the web farm to fail. Which of the following should the cloud engineer implement to address the scaling issue?

Options:

A.

Instance warm-up

B.

Scheduled scaling

C.

Event-based scaling

D.

Load balancer passthrough

Buy Now
Questions 52

Which of the following is used to deliver code quickly and efficiently across the development, test, and production environments?

Options:

A.

Snapshot

B.

Container image

C.

Serverless function

D.

VM template

Buy Now
Questions 53

Which of the following will best reduce the cost of running workloads while maintaining the same performance? (Select two).

Options:

A.

Instance size

B.

Tagging

C.

Reserved resources model

D.

Spot instance model

E.

Pay-as-you-go model

F.

Dedicated host model

Buy Now
Questions 54

For compliance purposes, a cloud developer at an insurance company needs to save all customer policies for more than ten years. Which of the following options is the most cost-

efficient tier to save the data in the cloud?

Options:

A.

Archive

B.

Hot

C.

Cold

D.

Warm

Buy Now
Questions 55

A cloud solution needs to be replaced without interruptions. The replacement process can be completed in phases, but the cost should be kept as low as possible. Which of the

following is the best strategy to implement?

Options:

A.

Blue-green

B.

Rolling

C.

In-place

D.

Canary

Buy Now
Questions 56

An administrator is creating a cron job that shuts down the virtual machines at night to save on costs. Which of the following is the best way to achieve this task?

A)

CV0-004 Question 56

B)

CV0-004 Question 56

C)

CV0-004 Question 56

D)

CV0-004 Question 56

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Buy Now
Questions 57

Which of the following industry standards mentions that credit card data must not be exchanged or stored in cleartext?

Options:

A.

CSA

B.

GDPR

C.

SOC2

D.

PCI-DSS

Buy Now
Questions 58

Between 11:00 a.m. and 1:00 p.m. on workdays, users report that the sales database is either not accessible, sluggish, or difficult to connect to. A cloud administrator discovers that during the impacted time, all hypervisors are at capacity. However, when 70% of the users are using the same database, those issues are not reported. Which of the following is the most likely cause?

Options:

A.

Oversubscription

B.

Resource allocation

C.

Sizing issues

D.

Service quotas

Buy Now
Questions 59

An organization's web application experiences penodic bursts of traffic when a new video is launched. Users are reporting poor performance in the middle of the month. Which of the following scaling approaches should the organization use to scale based on forecasted traffic?

Options:

A.

Scheduled

B.

Manual

C.

Event

D.

Load

Buy Now
Questions 60

Users have been reporting that a remotely hosted application is not accessible following a recent migration. However, the cloud administrator is able to access the application from

the same site as the users. Which of the following should the administrator update?

Options:

A.

Cipher suite

B.

Network ACL

C.

Routing table

D.

Permissions

Buy Now
Questions 61

A company hosts various containerized applications for business uses. A client reports that one of its routine business applications fails to load the web-based login prompt hosted in the company cloud.

CV0-004 Question 61

INSTRUCTIONS

Click on each device and resource. Review the configurations, logs, and characteristics of each node in the architecture to diagnose the issue. Then, make the necessary changes to the WAF configuration to remediate the issue.

Web app 1

CV0-004 Question 61

Web app 2

CV0-004 Question 61

Web app 3

CV0-004 Question 61

Web app 4

CV0-004 Question 61

Client app

CV0-004 Question 61

CV0-004 Question 61

CV0-004 Question 61

CV0-004 Question 61

Options:

Buy Now
Questions 62

An organization's security policy states that software applications should not exchange sensitive data in cleartext. The security analyst is concerned about a software application that uses Base64 to encode credit card data. Which of the following would be the best algorithm to replace Base64?

Options:

A.

3DES

B.

AES

C.

RC4

D.

SHA-3

Buy Now
Questions 63

A security engineer Identifies a vulnerability m a containerized application. The vulnerability can be exploited by a privileged process to read tie content of the host's memory. The security engineer reviews the following Dockerfile to determine a solution to mitigate similar exploits:

CV0-004 Question 63

Which of the following is the best solution to prevent similar exploits by privileged processes?

Options:

A.

Adding the USER myappuserinstruction

B.

Patching the host running the Docker daemon

C.

Changing FROM alpiner3.17 to FROM alpine:latest

D.

Running the container with the ready-only filesystem configuration

Buy Now
Exam Code: CV0-004
Exam Name: CompTIA Cloud+ (2024)
Last Update: Oct 26, 2024
Questions: 213

PDF + Testing Engine

$48  $159.99

Testing Engine

$36  $119.99
buy now CV0-004 testing engine

PDF (Q&A)

$30  $99.99
buy now CV0-004 pdf
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 31 Oct 2024