Best October Special Limited Time 50% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4s50disc

CV0-002 PDF

$47.5

$94.99

3 Months Free Update

  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions

CV0-002 PDF + Testing Engine

$70

$139.99

3 Months Free Update

  • Exam Name: CompTIA Cloud+ Exam
  • Last Update: Oct 19, 2021
  • Questions and Answers: 328
  • Free Real Questions Demo
  • Recommended by Industry Experts
  • Best Economical Package
  • Immediate Access

CV0-002 Engine

$55

$109.99

3 Months Free Update

  • Best Testing Engine
  • One Click installation
  • Recommended by Teachers
  • Easy to use
  • 3 Modes of Learning
  • State of Art Technology
  • 100% Real Questions included

CV0-002 CompTIA Cloud+ Exam Questions and Answers

Question # 4

A company's security policy requires full disk encryption on all clients with preboot enabled. The encryption server is hosted, and the requirement is to push an update to all endpoints. Which of the following is the BEST method to test and apply the update with minimal disruption to end users?

A.

Access the API of the encryption server, develop a custom script, and then update all endpoints.

B.

Access the web UI portal of the encryption server, apply the update to the test group, validate, and then update all endpoints.

C.

Add the update to the standard desktop configuration image, apply the update to a test VM, and then reimage clients.

D.

Access the web UI of the encryption server and disable preboot, apply the update, test, and then deploy the update to all endpoints.

Full Access
Question # 5

Joe, a customer, wants to implement backup of his replicated VMs so production performance is not affected at the primary site.

Which of the following backup methods would be the MOST appropriate?

A.

Snapshot-based backup at the secondary site

B.

Mirroring to a third site from the primary site

C.

Agent-based backup at the primary site

D.

Agent-based backup at the secondary site

Full Access
Question # 6

A user cannot consume SaaS services while working remotely. IP whitelisting is implemented to connect to a SaaS provider as a security mechanism. Which of the following describes the MOST likely reason why the user cannot access the SaaS resources?

A.

The user is not utilizing VPN to connect to the home office.

B.

The user account does not exist in the SaaS provider.

C.

The user account is not assigned the correct role in RBAC policy.

D.

The user account has consumed all of the available subscriptions.

Full Access
Question # 7

A rural manufacturing company wants to move all IT services, including the industrial control systems, to the cloud.

Given this scenario, which of the following cloud services elements would be a challenge to the deployment?

A.

Computing capacity flexibility

B.

Industrial control system security

C.

Integrated service digital network

D.

Network broadband access

Full Access
Question # 8

A company is required to ensure all access to its cloud instance for all users to utilize two-factor authentication.

The QA team confirms all functional requirements successfully test. After deployment, all business users report the two-factor authentication is not enforced while accessing the instance. Which of the following would be the MOST likely reason the QA team did not catch the issue?

A.

The business users are using the wrong hardware token to log in.

B.

The administrator configured to use two-factor authentication by default.

C.

The QA team only tested functional requirements.

D.

The business users are accessing the instance located in their country.

Full Access
Question # 9

A company wants to ensure production data is not exposed during a functional and load testing exercise, as it will be the source of the data.

Which of the following techniques should the cloud administrator deploy to ensure testing requirements are met?

A.

Data masking

B.

Data Deduplication

C.

Data Mirroring

D.

Data replication

Full Access
Question # 10

A production IaaS database server contains PCI data and is a critical business capability. The CAB approved a normal code change release for QA and PROD to occur 30 minutes apart and to last a maximum of one hour. The cloud DBA team is 45 minutes behind schedule, so they miss the start time on QA. As the cloud DBA, which of the following is the BEST course of action to apply the code change?

A.

Skip QA and apply the code change to PROD to meet time requirements

B.

Resubmit another change request for another time for approval

C.

Submit an emergency CAB approval to change the time to after business hours

D.

Change the time in the CAB request and apply the code change at a more convenient time

Full Access
Question # 11

During the cloud provisioning process, a misconfiguration results in the requester being granted privileges to the underlying IaaS infrastructure.

Which of the following security principles has been violated?

A.

Authentication

B.

Authorization

C.

Privilege escalation

D.

Identification

Full Access
Question # 12

A technician receives a call from Joe, a user, who is unable to log into any of the company’s SaaS application. The applications are provided by multiple vendors. Joe reports his credentials were working previously, and he is able to log into the locally hosted applications with the same credentials.

Which of the following is the MOST likely cause of Joe’s issues?

A.

There is an error with the federation service.

B.

The user’s account is locked out.

C.

The user’s security token has expired.

D.

The user’s personal certificate has expired.

Full Access
Question # 13

A cloud engineer is provisioning a group of servers in a public cloud using a template. The template uses a custom image that includes all the hardening minimum security standards approved by the cybersecurity

department. The image is more than 30 days old and is updated on a quarterly basis.

Before deploying the servers in production, the cloud engineer should:

A.

ensure the servers are fully patched.

B.

enable all unneeded ports.

C.

enable NAT to the servers.

D.

apply server patches to the template.

Full Access
Question # 14

A multinational corporation needs to migrate servers, which are supporting a national defense project, to a new datacenter. The data in QUESTION NO: is approximately 20GB in size. The engineer on the project is considering datacenters in several countries as possible destinations. All sites in consideration are on a high-

speed MPLS network (10Gb+ connections). Which of the following environmental constraints is MOST likely to rule out a possible site as an option?

A.

Downtime impact

B.

Legal restrictions

C.

Peak time frames

D.

Bandwidth

Full Access
Question # 15

A cloud administrator is adding several accounts for new development team interns. These interns will need access to some, but not all, of the resources and will only be working over the summer. Which of the following user provisioning techniques should be used?

A.

Create a single account for the interns to share. Set the expiration date for the account to six months.

B.

Create a role labeled "interns" with the appropriate permissions. Create a separate account with an expiration date for each intern and add each intern to that role.

C.

Create one template user account with the appropriate permissions and use it to clone the other accounts.

Set an expiration date for each account individually.

D.

Create individual accounts for each intern, set the permissions and expiration date for each account, and link them to a temporary guests user group.

Full Access
Question # 16

A company changed its policy to have seven-year data retention in the public cloud. Which of the following would be the MOST cost-effective way to meet retention requirements?

A.

Site mirroring

B.

Automated archiving

C.

Replication

D.

Third-party sites

Full Access
Question # 17

Ann, a cloud administrator, is reporting on how the organization has adhered to its marketing of 99.99999% system availability SLA.

Given this scenario, which of the following should Ann include in her report?

A.

System clock time

B.

System idle percentage

C.

System response time

D.

System uptime

Full Access
Question # 18

An engineer is responsible for managing a private cloud environment at a software company. Company developers perform all programming in the cloud environment. There are two departments working on a highly classified product that now requires dedicated resources, which cannot be viewed or accessed by other departments in the cloud environment. Which of the following should the engineer perform to ensure the requirements are met? (Choose three.)

A.

Create a baseline

B.

Assign an ACL

C.

Verify segmentation

D.

Use thin provisioned storage

E.

Automate patch deployments

F.

Create a tenant

G.

Deploy a PKI solution

Full Access
Question # 19

A small clinic is moving its health and accounting systems to a SaaS solution. The clinic holds patient- and business-sensitive information. Which of the following is the company expected to do to protect its data?

A.

Document, configure, and enforce strong account management policies.

B.

Disable and document unneeded ports and protocols on the SaaS servers.

C.

Install antivirus and disable unneeded services on all SaaS servers.

D.

Harden the underlying infrastructure: servers, firewalls, and load balancers.

Full Access
Question # 20

Joe, a cloud administrator, is no longer able to SSH to his cloud management console after he returns from a two-week vacation. A coworker was able to connect from the management station with no issue. During the last two weeks, the desktop team replaced all administrator machines with newer ones. Which of the following must Joe do FIRST to troubleshoot his access?

A.

Rename the SSH key folder on his machine to keys_allow.

B.

Ensure he has the same host key as his coworker.

C.

Ensure his host is configured to use the correct load balancer.

D.

Ensure the management console is configured with the correct host key.

Full Access
Question # 21

A cloud administrator notices one of the servers in the public cloud environment has a non-compliant firewall policy. In reviewing the logs, the administrator notices a couple technicians made individual changes to the

firewall policy for a new project.

Which of the following is the BEST solution to reduce configuration drift for the firewall policy?

A.

Implement a configuration management solution that automatically applies the firewall policy.

B.

Implement a standard operating procedure in which cloud administrators manually review the firewall policy daily.

C.

Report the activity to the project lead and the technician's supervisor.

D.

Change the firewall policies on the other servers to match the changes.

Full Access
Question # 22

With increased traffic to a website, several outages have occurred due to a log files filling the root drive of the web servers. An administrator is considering several possible solutions to prevent future outages.

Which of the following techniques is MOST likely to impact server performance if implemented?

A.

Archiving logs.

B.

Clearing logs.

C.

Log redirection.

D.

Drive compression.

Full Access
Question # 23

The QA team is testing a newly implemented clinical trial management (CTM) SaaS application that uses a business intelligence application for reporting. The UAT users were instructed to use HTTP and HTTPS.

Refer to the application dataflow:

1A – The end user accesses the application through a web browser to enter and view clinical data.

2A – The CTM application server reads/writes data to/from the database server.

1B – The end user accesses the application through a web browser to run reports on clinical data.

2B – The CTM application server makes a SOAP call on a non-privileged port to the BI application server.

3B – The BI application server gets the data from the database server and presents it to the CTM application server.

When UAT users try to access the application using https://ctm.app.com or http://ctm.app.com, they get a message stating: “Browser cannot display the webpage.” The QA team has raised a ticket to troubleshoot the issue.

Full Access
Question # 24

An upgrade to a web application, which supports 400 users at four sites, is being tested. The application runs on four servers behind a load balancer.

The following test plan is proposed:

Have 50 users from site A connect to server 1 Have 50 users from site B connect to server 2 Have 50 users from site C connect to server 3 Have 50 users from site D connect to server 4

Which of the following parameters is being properly tested by this plan?

A.

Sizing

B.

Connectivity

C.

High availability

D.

Performance

Full Access
Question # 25

A cloud administrator has configured a connection between two virtual private cloud environments at a public cloud provider that are each in different accounts. The administrator has configured the accounts correctly so they can connect to each other’s resources. Both cloud environments have policies that allow anyone from 0.0.0.0/0 on TCP port 22. The following table shows the network configuration information:

However, the administrator is unable to establish an SSH connection from a server in 10.250.40.100 to 10.250.48.214. Which of the following is the MOST likely issue?

A.

The network ACL is not configured to allow SSH access.

B.

The IP configuration on one of the servers is incorrect.

C.

The administrator does not have sufficient credentials.

D.

The routing tables have not been updated correctly.

Full Access
Question # 26

A new browser version has been deployed to all users at a company. After the deployment, users report that they can no longer access the company's secure time-card system, which is hosted by a SaaS provider. A technician investigates and discovers a security error is received upon opening the site. If the browser is rolled back to the older version, the site is accessible again. Which of the following is the MOST likely cause of the security error users are seeing?

A.

SSL certificate expiration on the SaaS load balancers

B.

Federation issues between the SaaS provider and the company

C.

Obsolete security technologies implemented on the SaaS servers

D.

Unencrypted communications between the users and the application

Full Access
Question # 27

An entertainment company with a very large movie library is moving all of its production systems to an IaaS cloud. The current lease is expiring in the next month, and the company made a last-minute decision not to renew the lease.

Which of the following would be the MOST effective way to move all the data to the new cloud provider?

A.

Perform an offline storage migration.

B.

Perform an online storage migration.

C.

Perform an offline VM migration.

D.

Perform an online VM migration.

Full Access
Question # 28

A company is migrating its application to a cloud provider. Six months before going live, a representative from each stakeholder group validated the functionality and performance in the QA environment and did not identify any issues. After going live, the system response time is slower that the testing environment. Which of the following is the MOST likely gap in the testing plan?

A.

The test scenario audiences are different between QA and production.

B.

The application version deployed in production is different than the one deployed in QA.

C.

System configuration testing in QA and production is different.

D.

The test plan in QA is different than the production environment.

Full Access
Question # 29

A company has moved all on-premises workloads into a public cloud. After some time, the cloud engineer starts noticing time drifts on the VMs and suspects an NTP issue. Time drifts were not an issue when all the workloads were on-premises. Which of the following describes how the cloud engineer should resolve the issue?

A.

Implement Coordinated Universal Time on all workloads

B.

Point all workloads back to an on-premises NTP server

C.

Point all workloads to a stratum 2 within the public cloud provider

D.

Configure all of the VMs as NTP servers within the public cloud provider

Full Access
Question # 30

Following is a sample result from a recently completed load test.

Based on the information provided, which of the following would be the BEST recommendation?

A.

Use the test result as a benchmark and document it.

B.

Downsize the CPU and memory assignment.

C.

Decrease assigned storage capacity.

D.

Implement storage compression.

Full Access
Question # 31

A cloud engineer is required to ensure all servers in the cloud environment meet requirements for PCI compliance. One of the requirements is to make certain all administrator logins and commands are logged. Which of the following is the BEST approach to meet these requirements?

A.

Enable configuration change tracking for all servers in the public cloud provider’s dashboard.

B.

Enable detailed monitoring for all servers in the public cloud provider’s dashboard.

C.

Define and enable audit tracking rules on each server in the public cloud environment.

D.

Modify the cloud provider’s role-based authorization policies to log user session activity.

Full Access
Question # 32

A cloud administrator notices three additional servers running in the company's account at a new public cloud provider. After a discussion with the development team, the administrator is unable to determine who

deployed the servers, and a review of the change management board's minutes does not provide any additional insight.

Which of the following is the BEST approach for the administrator to take?

A.

Submit a change request to the change management board to add these servers.

B.

Migrate these servers to a different cloud region to reduce the impact to existing applications.

C.

Migrate these servers to the company's private cloud environment and disable the developer's account.

D.

Shut down these servers and enable the auditing service at the public cloud provider.

Full Access
Question # 33

A cloud administrator is receiving alerts that the disk on several systems is 90% full. Upon reviewing the systems, the administrator determines that the log directory is using 50% of the disk. The company has a 14- day retention policy for all logs. Which of the following is the BEST solution to implement to minimize future alerts?

A.

Orchestrate a job to rotate the logs and upload to external storage.

B.

Delete any log files in the directory that are larger than 20MB.

C.

Archive the existing logs in the directory and upload to external storage.

D.

Add additional storage space to the log directory for the servers.

Full Access
Question # 34

A cloud technology vendor has released an update to its product. A company providing cloud services need to quickly adopt the update to provide support to its customers.

Which of the following is the MOST efficient action to complete this task?

A.

Use a virtualization tool to apply patches to cloud resources.

B.

Use an automatic system restart to update the cloud resources.

C.

Use an orchestration tool to automate updates across cloud resources.

D.

Use custom scripts to distribute the release to the cloud resources.

Full Access
Question # 35

A consumer is performing a comparison between different IaaS providers for upcoming cloud migrations.

Which of the following is the MOST appropriate option to make a comparison for the selection process?

A.

Hardware technology used

B.

Virtualization platform

C.

Backup services

D.

SLA offerings

Full Access
Question # 36

A customer wants to remove a user’s access to the SaaS CRM system. Which of the following methods should be executed FIRST?

A.

User account removal

B.

User account lockout

C.

User account password change

D.

User account disablement

Full Access
Question # 37

A system's application servers need to be patched. The requirements for maintenance work are as follows:

System downtime is not allowed.

The application server in use must be in the sane patch status. System performance must be maintained during patching work.

Testing after patching must be done before the application server is in use. If any trouble occurs, recover the previous version in ten minutes.

Which of the following methodologies should be selected?

A.

Rolling update

B.

Patching directly

C.

Blue-green deployment

D.

Three staging environments

Full Access
Question # 38

Company A has just implemented a SaaS-based cloud storage solution. The SaaS solution provides services for both commercial and personal use. The IT department has been tasked to migrate all the on-premises file shares to the SaaS solution with the username being the corporate email address. The IT department is currently using am IAM solution to provision the accounts in the SaaS solution. Upon execution of the account creation process, the IT department is receiving multiple “unable to create account” alerts. Which of the following is the MOST likely cause?

A.

The automation task is misconfigured

B.

There is a false positive due to lack of testing

C.

There are compatibility issues between SaaS and IAM

D.

The user accounts already exist

Full Access
Question # 39

A company wants to leverage a SaaS provider for its back-office services, and security is paramount. Which of the following solutions should a cloud engineer deploy to BEST meet the security requirements?

A.

Firewall

B.

IPS/IDS

C.

Proxy gateway

D.

CASB

Full Access
Question # 40

A VM was deleted by mistake today at 11:05 a.m. Below are the backups currently available for the VM:

Crash-consistent restore is acceptable. Which of the following backups should be chosen?

A.

Snapshot from today at 11:00

B.

Full from three days ago at 00:00

C.

Incremental from today at 00:00

D.

Synthetic-full from yesterday at 12:00

Full Access
Question # 41

Which of the following solutions BEST complies with laws requiring secure data-at-rest for a critical application while keeping in mind the need for reduced costs?

A.

Install a new array with hardware encryption disks.

B.

Enable encryption on the back-end database.

C.

Use IPSec on the storage array.

D.

Enable HTTPS on the application.

Full Access
Question # 42

A cloud administrator reports a problem with the maximum number of users reached in one of the pools. There are ten VMs in the pool, each with a software capacity to handle ten users. Based on the dashboard metrics, 15% of the incoming new service requests are failing. Which of the following is the BEST approach to resolve the issue?

A.

Check compute, storage, and networking utilization in the dashboard and increase capacity by adding more resources.

B.

Check current licensed capacity and purchase additional licenses to add more users.

C.

Check the DHCP scope and increase the number of available IP addresses by extending the pool.

D.

Check the rate-of-load increase to determine if the cloud capacity boundary has been exceeded and enable bursting to the pubic cloud.

Full Access
Question # 43

A company uses SaaS and IaaS solutions from multiple cloud providers. Users report that this requires them to manage and remember multiple user accounts and passwords. Which of the following solutions should be implemented to fix this issue?

A.

SSO

B.

Federation

C.

Password synchronization

D.

Lowered password complexity

E.

Multifactor authentication

Full Access
Question # 44

A cloud engineer recently applied the troubleshooting process for a major connectivity issue. Which of the following is the FINAL step in the troubleshooting methodology?

A.

Document findings, actions, and outcomes.

B.

Establish a plan of action to resolve the problem and implement the solution.

C.

Confirm the root cause of the issue.

D.

Verify full system functionality and, if applicable, implement preventive measures.

Full Access
Question # 45

A cloud service provider wants to offer hardened virtual server images for provisioning purposes. This will enable users to use only the operating system services that are allowed by the provider. Which of the following tasks are MOST appropriate for the hardening process? (Select TWO).

A.

Disable automatic updates.

B.

Disable the command prompt.

C.

Disable unneeded ports and services.

D.

Disable the local administrator account.

E.

Disable the remote desktop connection.

F.

Disable complex passwords.

Full Access
Question # 46

A software solution must be deployed based on the most granular access level. Which of the following methods should be used to meet the requirements?

A.

Group

B.

RBAC

C.

File-based

D.

LDAP

Full Access
Question # 47

A customer recently provisioned a new server on the IaaS. The IP address assigned from the pool resolves to another hostname. Some user traffic is being dumped or is causing slowness because of this issue. Which of the following maintenance activities does the provider need to perform to prevent this issue?

A.

Use cloud provider tools to remove orphaned resources.

B.

Initiate resource reclamation.

C.

Run a script to remove stale DNS entries.

D.

Update outdated security firewall configurations.

Full Access
Question # 48

The CSA needs to install a patch on 58 virtual server instances during the Friday evening maintenance window. Which of the following is the MOST efficient way to get the patches installed?

A.

Use the patch management tool to automate and orchestrate the patch installation.

B.

Use a security vulnerability scanning tool to apply the patch automatically.

C.

Schedule the patch to install from a remote file server upon server reboot.

D.

Connect the server instances to the Internet to download the patch automatically.

Full Access