Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully.pdf

COMPTIA CLOUD+ Exam CV0-003 Questions V13.02 CompTIA Cloud+ Topics - CompTIA Cloud+ Certification Exam Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully 1.A company has decided to scale its e-commerce application from its corporate datacenter to a commercial cloud provider to meet an anticipated increase in demand during an upcoming holiday. The majority of the application load takes place on the application server under normal conditions. For this reason, the company decides to deploy additional application servers into a commercial cloud provider using the on-premises orchestration engine that installs and configures common software and network configurations. The remote computing environment is connected to the on-premises datacenter via a site-to-site IPsec tunnel. The external DNS provider has been configured to use weighted round-robin routing to load balance connections from the Internet. During testing, the company discovers that only 20% of connections completed successfully. INSTRUCTIONS Review the network architecture and supporting documents and fulfill these requirements: Part 1: - Analyze the configuration of the following components: DNS, Firewall 1, Firewall 2, Router 1, Router 2, VPN and Orchestrator Server. - Identify the problematic device(s). Part 2: - Identify the correct options to provide adequate configuration for hybrid cloud architecture. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. Part 1: Cloud Hybrid Network Diagram Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully Part 2: Only select a maximum of TWO options from the multiple choice question Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully Answer: Part 1: Router 2 The problematic device is Router 2, which has an incorrect configuration for the IPSec tunnel. The IPSec tunnel is a secure connection between the on-premises datacenter and the cloud provider, which allows the traffic to flow between the two networks. The IPSec tunnel requires both endpoints to have matching parameters, such as the IP addresses, the pre-shared key (PSK), the encryption and authentication algorithms, and the security associations (SAs) . According to the network diagram and the configuration files, Router 2 has a different PSK and a different address space than Router 1. Router 2 has a PSK of “1234567890”, while Router 1 has a PSK of “0987654321”. Router 2 has an address space of 10.0.0.0/8, while Router 1 has an address space of 192.168.0.0/16. These mismatches prevent the IPSec tunnel from establishing and encrypting the traffic between the two networks. The other devices do not have any obvious errors in their configuration. The DNS provider has two CNAME records that point to the application servers in the cloud provider, with different weights to balance the load. The firewall rules allow the traffic from and to the application servers on port 80 and port 443, as well as the traffic from and to the VPN server on port 500 and port 4500. The orchestration server has a script that installs and configures the application servers in the cloud provider, using the DHCP server to assign IP addresses. Part 2: The correct options to provide adequate configuration for hybrid cloud architecture are: Update the PSK in Router 2. Change the address space on Router 2. These options will fix the IPSec tunnel configuration and allow the traffic to flow between the on-premises datacenter and the cloud provider. The PSK should match the one on Router 1, which is “0987654321”. The address space should also match the one on Router 1, which is 192.168.0.0/16. B. Update the PSK (Pre-shared key in Router2) E. Change the Address Space on Router2 2.The QA team is testing a newly implemented clinical trial management (CTM) SaaS application that uses a business intelligence application for reporting. The UAT users were instructed to use HTTP and HTTPS. Refer to the application dataflow: 1A C The end user accesses the application through a web browser to enter and view clinical data. 2A C The CTM application server reads/writes data to/from the database server. 1B C The end user accesses the application through a web browser to run reports on clinical data. Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully 2B C The CTM application server makes a SOAP call on a non-privileged port to the BI application server. 3B C The BI application server gets the data from the database server and presents it to the CTM application server. When UAT users try to access the application using https://ctm.app.com or http://ctm.app.com, they get a message stating: “Browser cannot display the webpage.” The QA team has raised a ticket to troubleshoot the issue. INSTRUCTIONS You are a cloud engineer who is tasked with reviewing the firewall rules as well as virtual network settings. You should ensure the firewall rules are allowing only the traffic based on the dataflow. You have already verified the external DNS resolution and NAT are working. Verify and appropriately configure the VLAN assignments and ACLs. Drag and drop the appropriate VLANs to each tier from the VLAN Tags table. Click on each Firewall to change ACLs as needed. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully Answer: On firewall 3, change the DENY 0.0.0.0 entry to rule 3 not rule 1. Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully 3.A DevOps administrator is automating an existing software development workflow. The administrator wants to ensure that prior to any new code going into production, tests confirm the new code does not negatively impact existing automation activities. Which of the following testing techniques would be BEST to use? A. Usability testing B. Regression testing C. Vulnerability testing D. Penetration testing Answer: B Explanation: Regression testing is a type of testing that ensures that new code or changes to existing code do not break or degrade the functionality of the software. Regression testing is often used in software development workflows to verify that new features or bug fixes do not introduce new errors or affect the performance of the software. Regression testing can help prevent negative impacts on existing automation activities by checking that the new code is compatible with the existing code and does not cause any unexpected failures or errors. Reference: CompTIA Cloud+ Certification Exam Objectives, page 19, section 4.1 Reference: https://www.softwaretestinghelp.com/regression-testing-tools-and- methods/ 4.A marketing team is using a SaaS-based service to send emails to large groups of potential customers. The internally managed CRM system is configured to generate a list of target customers automatically on a weekly basis, and then use that list to send emails to each customer as part of a marketing campaign. Last week, the first email campaign sent emails successfully to 3,000 potential customers. This week, the email campaign attempted to send out 50,000 emails, but only 10,000 were sent. Which of the following is the MOST likely reason for not sending all the emails? A. API request limit B. Incorrect billing account C. Misconfigured auto-scaling D. Bandwidth limitation Answer: A Explanation: An API request limit is a restriction on the number of requests that can be made to a web service or application programming interface (API) within a certain time period. API request limits are often used by SaaS-based services to control the usage and traffic of their customers and prevent overloading or abuse of their resources. An API request limit can cause a failure to send all the emails if the marketing team exceeds Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully the number of requests allowed by the SaaS-based service in a week. The service may reject or block any requests that go beyond the limit, resulting in fewer emails being sent than expected. Reference: CompTIA Cloud+ Certification Exam Objectives, page 13, section 2.5 Reference: https://developers.google.com/analytics/devguides/config/mgmt/v3/limits- quotas 5.A VDI administrator has received reports of poor application performance. Which of the following should the administrator troubleshoot FIRST? A. The network environment B. Container resources C. Client devices D. Server resources Answer: A Explanation: The network environment is the set of network devices, connections, protocols, and configurations that enable communication and data transfer between different systems and applications. The network environment can affect the performance of a virtual desktop infrastructure (VDI) by influencing factors such as bandwidth, latency, jitter, packet loss, and congestion. Poor network performance can result in slow or unreliable application delivery, degraded user experience, and reduced productivity. Therefore, troubleshooting the network environment should be the first step for a VDI administrator who receives reports of poor application performance. Reference: CompTIA Cloud+ Certification Exam Objectives, page 17, section 3.4 6.Due to a policy change, a few of a customer’s application VMs have been migrated to synchronously replicated storage. The customer now reports that performance is lower. The systems administrator checks the resource usage and discovers CPU utilization is at 60% and available memory is at 30%. Which of the following is the MOST likely cause? A. There is not enough vCPU assigned B. The application is not compatible with the new settings C. The new configuration is adding latency D. The memory of the VM is underallocated Answer: C Explanation: Latency is the delay or time taken for data to travel from one point to another in a network or system. Latency can affect the performance of applications and processes that depend on fast and reliable data transfer. Synchronous replication is a method of data replication that ensures that data is written to two or more storage devices at the same time, providing high availability and consistency. However, synchronous Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully replication can also introduce latency, as the write operation has to wait for the confirmation from all the replicated devices before completing. The new configuration of migrating some application VMs to synchronously replicated storage is most likely adding latency, which can lower the performance of the applications. Reference: [CompTIA Cloud+ Certification Exam Objectives], page 10, section 1.5 7.An organization requires the following to be achieved between the finance and marketing departments: ? Allow HTTPS/HTTP. ? Disable FTP and SMB traffic. Which of the following is the MOST suitable method to meet the requirements? A. Implement an ADC solution to load balance the VLAN traffic B. Configure an ACL between the VLANs C. Implement 802.1X in these VLANs D. Configure on-demand routing between the VLANs Answer: B Explanation: An access control list (ACL) is a set of rules that defines which traffic is allowed or denied between different network segments or devices. An ACL can be used to filter traffic based on various criteria, such as source and destination addresses, ports, protocols, and applications. Configuring an ACL between the VLANs of the finance and marketing departments is the most suitable method to meet the requirements of allowing HTTPS/HTTP and disabling FTP and SMB traffic. An ACL can specify which ports and protocols are permitted or blocked between the VLANs, such as allowing port 80 (HTTP) and port 443 (HTTPS), and denying port 21 (FTP) and port 445 (SMB). Reference: [CompTIA Cloud+ Certification Exam Objectives], page 15, section 2.8 8.A systems administrator is building a new virtualization cluster. The cluster consists of five virtual hosts, which each have flash and spinning disks. This storage is shared among all the virtual hosts, where a virtual machine running on one host may store data on another host. This is an example of: A. a storage area network B. a network file system C. hyperconverged storage D. thick-provisioned disks Answer: C Explanation: Hyperconverged storage is a type of storage architecture that combines compute, storage, and network resources into a single system or appliance. Hyperconverged Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully storage uses software-defined storage (SDS) to pool and share the local storage of each node in the cluster, creating a distributed storage system that can be accessed by any node or virtual machine in the cluster. Hyperconverged storage can provide high performance, scalability, and efficiency for virtualized environments. The scenario of building a new virtualization cluster with five virtual hosts that share their flash and spinning disks among all the virtual hosts is an example of hyperconverged storage. Reference: [CompTIA Cloud+ Certification Exam Objectives], page 9, section 1.4 9.A company is utilizing a private cloud solution that is hosted within its datacenter. The company wants to launch a new business application, which requires the resources below: The current private cloud has 30 vCPUs and 512GB RAM available. The company is looking for a quick solution to launch this application, with expected maximum sessions to be close to 24,000 at launch and an average of approximately 5,000 sessions. Which of the following solutions would help the company accommodate the new workload in the SHORTEST amount of time and with the maximum financial benefits? A. Configure auto-scaling within the private cloud B. Set up cloud bursting for the additional resources C. Migrate all workloads to a public cloud provider D. Add more capacity to the private cloud Answer: B Explanation: Cloud Bursting can be used for both compute and storage. This question is about compute capability. "Compute Bursting" unleashes the high-performance compute capabilities of the cloud for processing locally created datasets. (reference: https://www.ctera.com/it-initiatives/cloud-bursting/) https://azure.microsoft.com/en- us/overview/what-is-cloud-bursting/ 10.A systems administrator recently upgraded the processors in a web application host. Upon the next login, the administrator sees a new alert regarding the license being out of compliance. Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully Which of the following licensing models is the application MOST likely using? A. Per device B. Per user C. Core-based D. Volume-based Answer: C Explanation: Core-based licensing is a type of licensing model that charges based on the number of processor cores in a system or server. Core-based licensing is often used by software vendors to align their pricing with the performance and capacity of modern hardware. Core-based licensing can also enable customers to optimize their licensing costs by choosing the appropriate hardware configuration for their needs. Upgrading the processors in a web application host can affect the core-based licensing of the application, as it may increase the number of cores that need to be licensed. This can result in an alert regarding the license being out of compliance if the license is not updated accordingly. Reference: CompTIA Cloud+ Certification Exam Objectives, page 20, section 4.2 Reference: https://download.microsoft.com/download/3/d/4/3d42bdc2-6725-4b29-b75 a-a5b04179958b/percorelicensing_definitions_vlbrief.pdf 11.A systems administrator is informed that a database server containing PHI and PII is unencrypted. The environment does not support VM encryption, nor does it have a key management system. The server needs to be able to be rebooted for patching without manual intervention. Which of the following will BEST resolve this issue? A. Ensure all database queries are encrypted B. Create an IPSec tunnel between the database server and its clients C. Enable protocol encryption between the storage and the hypervisor D. Enable volume encryption on the storage E. Enable OS encryption Answer: D Explanation: Volume encryption is a type of encryption that protects data at the storage level by encrypting an entire disk or partition. Volume encryption can provide strong security for data at rest, as it prevents unauthorized access to the data even if the storage device is lost, stolen, or compromised. Volume encryption can also support automatic booting without manual intervention, as it can use a pre-boot authentication mechanism that does not require user input. Enabling volume encryption on the storage is the best way to resolve the issue of having an unencrypted database server containing PHI and PII, as it can protect the sensitive data without relying on VM encryption or a key management system. Reference: CompTIA Cloud+ Certification Exam Objectives, page 14, section 2.7 Updated CompTIA CV0-003 Exam Questions - Clear Your Exam Successfully 12.An OS administrator is reporting slow storage throughput on a few VMs in a private IaaS cloud. Performance graphs on the host show no increase in CPU or memory. However, performance graphs on the storage show a decrease of throughput in both IOPS and MBps but not much increase in latency. There is no increase in workload, and latency is stable on the NFS storage arrays that are used by those VMs. Which of the following should be verified NEXT? A. Application B. SAN C. VM GPU settings D. Network Answer: D Explanation: The network is the set of devices, connections, protocols, and configurations that enable communication and data transfer between different systems and applications. The network can affect the performance of storage throughput by influencing factors such as bandwidth, latency, jitter, packet loss, and congestion. Poor network performance can result in low storage throughput in both IOPS and MBps, as it can limit the amount and speed of data that can be sent or received by the storage devices. Verifying the network should be the next step for troubleshooting the issue of slow storage throughput on a few VMs in a private IaaS cloud, as it can help identify and resolve any network-related problems that may be causing the issue. Reference: CompTIA Cloud+ Certification Exam Objectives, page 17, section 3.4 13.An organization has multiple VLANs configured to segregate the network traffic. Following is the breakdown of the network segmentation: ? Production traffic (10.10.0.0/24) ? Network backup (10.20.0.0/25) ? Virtual IP network (10.20.0.128/25) The following configuration exists on the server: The backup administrator observes that the weekly backup is failing for this server. Which of the following commands should the administrator run to identify the issue? A. ROUTE PRINT B. NETSTAT -A C. IPCONFIG /ALL