C849 Practice Test C

Which of the following sections should you include while constructing a contract? Each correct answer represents a complete solution. Choose all that apply A Acceptable use policy B Service level agreement C Ingress terms D Privacy and automation policy

A Acceptable use policy B Service level agreement

Which term describes the process of automatic testing and deploying code to production? A Continuous delivery B Continuous integration C Infrastructure as code D Contiguous delegation

A Continuous delivery

Your organization enforces new data privacy laws, like general data protection regulation (GDPR) which significantly restricts that information should be converted and stored in binary digital form. Which of the following concepts does this law encompass? A Data sovereignty B Data remnants C Data sourcing D Data encryption

A Data sovereignty

Beatriz stops at her bank's ATM on her way home from work. She inserts her ATM card into the ATM and then enters her PIN on the keypad. What type of authentication is she using? A Single-factor B Multifactor C Federation D Single sign-on

B Multifactor

Carl is learning about how cloud service providers allocate physical resources into a group. These resources are then dynamically associated with cloud services, as demand requires. Which of the following cloud characteristics is he learning? A Elasticity B Resource pooling C On-demand D Availability

B Resource pooling

Maria, a network analyst, can connect to all the web services individually, but each requires a different password. She wants to access web services securely with a unique password by eliminating the overhead of entering the different passwords for different services. Which of the following should she configure? A Secure shell B Single sign-on C Server message block D Secure socket layer

B Single sign-on

What are the principles for constructing a request for information? Each correct answer represents a complete solution. Choose all that apply. A Provide points of contact for both the customer and the vendor. B Define recompense or remediation plans if performance levels are not maintained. C Be clear on the process, timelines, and next steps. DMake it as easy as possible for the vendor to complete

C Be clear on the process, timelines, and next steps. DMake it as easy as possible for the vendor to complete

Which of the following is a process of assigning costs of cloud resources to either individuals or departments that are responsible for the resources? A Autoscaling B Right-sizing C Chargeback D Resource tagging

C Chargeback

Your legal department wants to start using cloud resources. However, since all of their work will be associated with legal cases, they need accurate usage and billing breakdown to bill the clients. What are you being asked to implement? A Chargeback B Orchestration C Right-sizing D Maintenance

A Chargeback

What are the requirements for the International Organization of Standardization (ISO) 27018? Each correct answer represents a complete solution. Choose all that apply. A Customers of CSPs know where their data is stored. B CSPs will comply only with legally-binding requests for disclosure of customer data. C Customers of CSPs know what's happening with their PII. D Customer data is used for marketing without explicit consent.

A Customers of CSPs know where their data is stored. B CSPs will comply only with legally-binding requests for disclosure of customer data. C Customers of CSPs know what's happening with their PII.

Harry is a software developer for NiCo Inc. He is migrating the company's time and attendance application to the cloud. He only wants to be responsible for the application and would prefer that the public cloud company manage all underlying infrastructure and servers that are required to support his application. For that purpose, he asked one of the company's cloud architect for assistance in selecting a cloud service model that would meet his requirements. What would the cloud architect suggest to him? A Platform as a service B Network as a service C Communications as a service D Monitoring as a service

A Platform as a service

Which of the following should be included in the statement of work (SOW)? Each correct answer represents a complete solution. Choose all that apply. A Roles and responsibilities of the vendor and the client B Acceptable use policy C Key performance indicators D Points of contact for both parties E Egress terms

A Roles and responsibilities of the vendor and the client C Key performance indicators D Points of contact for both parties

Mark, a security administrator, observes multiple service interruptions caused by the company's cloud server. He investigated the cause of the interruption and found that several programs on the cloud server are affected by malware. To resolve this issue, he decided to test each program by safely executing it in an isolated environment. Which of the following should he use? A Sandboxing B Content filtering C Multitenancy D Vulnerability scanning

A Sandboxing

Fred is working as a security analyst at XYZ. The company uses Telnet for remote management. Fred recognizes a necessity to replace Telnet with an encrypted network protocol to ensure more secure client-server connections. Which of the following will be a suitable replacement as per his need? A Secure Shell B Hypertext Transfer Protocol C Secure Mail Transfer Protocol D File Transfer Protocol

A Secure Shell

Which of the following allows clients to remotely connect to a virtual Linux machine? A Secure Shell B Secure Socket Layer C Hypertext Transfer Protocol Secure D Remote Desktop Protocol

A Secure Shell

Which virtual machine backup method creates a file-based image of the current state of a VM including the complete operating system and all applications that are stored on it? A Snapshot B Full backup C Bootstrapping D Replication

A Snapshot

Peter, a security analyst, is asked to perform a security audit of the systems on a network to determine their compliance with security policies. Which of the following will he perform in the audit? A Vulnerability scanning B Sniffing C SCAP scanning D Port scanning

A Vulnerability scanning

Jack is a cloud+ professional researching data replication options for his MySQL database. For redundancy reasons, he decided to create a backup replica in a different availability zone that could become master should the primary zone go offline. For performance reasons, he has decided to update the replica in near real-time after the initial write operation on the primary database. What will he use? A Mirroring B Asynchronous replication C Synchronous replication D Transactional replication

B Asynchronous replication

You are working as a network administrator at NilCo. You have prepared an SLA and submitted it to the cloud assessment department of the company. The SLA defines the average server CPU utilization as 40 percent. What will the cloud assessment team use to determine if this is acceptable performance? A Federation B Benchmark C Containerization D Gap analysis

B Benchmark

How will you determine the practicality of migrating the on-premises data to the cloud? A By implementing blockchain B By running a feasibility study C By using a baseline D By conducting a gap analysis

B By running a feasibility study

Rachel is working as a cloud administrator at the XYZ company. The company has received multiple bugs from the employees as well as the users that they are facing problems in accessing the web pages and downloading images, videos, and so on. For this, management has asked Rachel to speed up access to web resources for users/employees. What should she use to fix this? A Software-defined networking B Content delivery network C Secure Shell D Demilitarized zone

B Content delivery network

Which of the following is a legally binding document that specifies the terms of service between two parties, such as a CSP and a client? A Pilot B Contract C Service level agreement D Proof of concept

B Contract

What are the services do managed service providers (MSPs) deliver? Each correct answer represents a complete solution. Choose all that apply. A Proof of concept B Daily management and troubleshooting C Performance testing D Enhanced license management

B Daily management and troubleshooting C Performance testing

What are the three key principles of a blockchain? A Transparency, resiliency, and availability B Decentralization, transparency, and immutability C Multitenancy, redundancy, and availability D Resiliency, multitenancy, and availability

B Decentralization, transparency, and immutability

How many nines of uptime should the CSP guarantee if the acceptable downtime per year is 52.6 minutes and downtime per day is 8.64 seconds? A Five B Four C Three D Six

B Four

Which of the following are the common infrastructure as a service (IaaS) use cases? Each correct answer represents a complete solution. Choose all that apply. A Providing business processes B Hosting of websites and web apps C Developing and deploying applications in a wide variety of languages D Data storage, backup, and recovery

B Hosting of websites and web apps D Data storage, backup, and recovery

Maria is a security analyst in the XYZ company. Management has asked her to implement a solution that helps users to authenticate themselves using two or more pieces of information. For that purpose, she is implementing multifactor authentication (MFA). Which of the following implementations should she deploy? A Usernames, strong passwords, and PIN B Smart cards, usernames, and strong passwords C Biometrics, smart cards, and strong passwords D Smart cards, usernames, and PIN

C Biometrics, smart cards, and strong passwords

Linda works in the IT security group at BigCo Inc. She has been tasked to reduce the cloud storage space without affecting the company's data. For that purpose, she has decided to remove redundant words or phrases from the storage and replace them with a shorter placeholder. Which of the following cloud storage solutions will she use? A Compaction B Sanitization C Compression D Deduplication

C Compression

You are working for a multinational public corporation. There are offices in China and Germany. You are helping to deploy a chat application to be used by all three offices. The accounting department wants to be able to use chat software. You will also be required to save all chat communications. Which regulations do you need to worry about? A General data protection regulation B Federal C Data sovereignty D Protected health information

C Data sovereignty

Which of the following storage solutions works at the file-level or block-level to eliminate duplicate data? A Sanitization B Encryption C Deduplication D Compaction

C Deduplication

Emma is working as a network administrator at BigCo. She has received multiple issues from the application department employees that they cannot access the company's website. For that purpose, she has decided to conduct some fact-finding. Upon her investigation, she found that the company's server cannot resolve the hostnames (or URLs) to IP addresses. Which of the following is responsible for this issue? A Firewall B Content delivery network C Domain Name System D Software-defined storage

C Domain Name System

Jillian is a senior cloud architect at BigCo. She is working on a project to interconnect her company's private data center to a cloud company that offers e-mail and other services that can provide burstable compute capacity. What type of cloud deployment model is she creating? A Community B Private C Hybrid D Public

C Hybrid

Liza is a new cloud+ architect for BigCo Inc. She is using a cloud service that provides computing hardware, but the operating system is not included. Which of the following cloud services is she using? A Software as a service B Communications as a service C Infrastructure as a service D Platform as a service

C Infrastructure as a service

Rhea, a network administrator, wants to create an entire virtual network with all of the virtual devices needed to support the service or application. Which of the following cloud models will she use to accomplish the task? A Monitoring as a service B Infrastructure as a service C Platform as a service D Software as a service

C Platform as a service

Which of the following quality assessment testing validates that new features and bug fixes don't cause a negative impact on the production code? A Load B Integration C Regression D Smoke

C Regression

Hazel is working as a cloud administrator at NilCo. The company has several departments and each department has a different cloud strategy. Management has asked Hazel to monitor the cloud resources used by each department such that the departments pay only for the resources they are using. What will she use to accomplish this task? A Right-sizing B Blockchain C Resource tagging D Orchestration

C Resource tagging

What are the three parts of orchestration in cloud configuration management? A Chargeback, storage, and pipeline B Instances, workflow, and log C Runbook, workflow, and pipeline D Chargeback, workflow, and compute

C Runbook, workflow, and pipeline

Shawn, a network administrator, wants to create a clone of two different virtual servers and place them in a new virtual network isolated from the production network. Which of the following will he use? A Splunk B Prototype C Sandbox D Snapshot

C Sandbox

Which of the following features of cloud computing is essential to ensure an e-commerce application can receive orders without any downtime? A Scalability B Pay-as-you-go C Elasticity D Availability

D Availability

Which of the following is an open and distributed ledger that can securely record transactions between two parties in a verifiable and permanent way? A Baseline B Containerization C Federation D Blockchain

D Blockchain

The company that you work for has decided to implement a new inventory management system that affects all departments. Which of the following management strategies should HR recommend? A Community of practice B Career management C Total quality management D Change management

D Change management

What type of scaling includes the addition of servers to a pool for handling system load? A Orchestration B Vertical C Round robin D Horizontal

D Horizontal

Which of the following is used in conjunction with a web browser and can be used to access cloud resources? A Secure Shell B Transmission Control Protocol C Simple Mail Transfer Protocol D Hypertext Transfer Protocol Secure

D Hypertext Transfer Protocol Secure

Which of the following security policies provides reasoning about goals and mission statements for the organization? A Advisory B Cumulative C Regulatory D Informative

D Informative

The only parking garage near your office building is across the street at a busy intersection, and all your employees must cross the intersection. There is a parking garage that is farther away on the same side of the street, but your employees either can't or don't want to use it because of the distance. The organization decides to purchase and offer a shuttle service from the distant parking garage free of charge to the employees. This is best described as what type of risk response technique? A Reject B Avoidance C Transference D Mitigation

D Mitigation

Stella has been directed by her employer's finance department that they cannot afford to lose any more than 30 minutes of data in the case of a database failure or other catastrophic event. Stella has updated her corporate business continuity and disaster recovery plans. What metric did she change? A Recovery point objective B Crash recovery C Instance recovery D Recovery time objective

D Recovery time objective

Bella is working as a cloud administrator at NilCo. Management has asked her to migrate the applications from on-premises to the cloud. For this, Bella investigated and found that all the applications need to be completely redesigned from scratch during migration. Which migration approaches will she use to accomplish this task? A Transactional replication B Rehosting C Lift and shift D Rip and replace

D Rip and replace

Which law requires publicly traded companies to have proper internal control structures in place to validate that their financial statements accurately reflect their financial results? A Gramm-Leach-Bliley Act B General Data Protection Regulation C Federal Information Processing Standard D Sarbanes-Oxley Act

D Sarbanes-Oxley Act

Who is responsible for defining the recovery point objective (RPO) and the recovery time objective (RTO) in a service level agreement (SLA)? A The cloud service provider (CSP) defines both the RPO and the RTO. B The client defines the RPO, and the cloud service provider (CSP) defines the RTO. C The client defines the RTO, and the cloud service provider (CSP) defines the RPO. D The client defines both the RPO and the RTO.

D The client defines both the RPO and the RTO.

Marry, a deployment manager works with a software development group to assess the security of a new version of the organization's internally developed tool. The organization prefers focusing on assessing security throughout the life cycle. Which of the following methods should she perform to assess the security of the product? A Regression testing B Unit testing C Content filtering D Vulnerability scanning

D Vulnerability scanning