Cloud+ Practice Tests

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Cross-service

_ database migrations convert databases from two different database engines, such as MS SQL Server and Oracle. A cross-service migration would not be appropriate in this case.

File integrity monitoring Hashing Digital signatures

A storage administrator is researching various ways to protect data integrity. Which of the following should the administrator research? (Select all that apply.) File integrity monitoring Data loss prevention (DLP) Hashing Digital signatures

`Stop-Computer`

Which PowerShell cmdlet is used to shut down local or remote computers? `Stop-Computer` `StopComputer` `Shutdown-Computer` `ShutdownComputer`

Snapshots

What is a common use for runbooks? Patching Snapshots Backing up Creating a new VM

curl

The _ command, similar to wget, downloads files from specified web URLs.

Swarm

is a Docker service used to create a cluster of Docker Engine hosts.

retain

A _ cloud migration type occurs when the administrator will leave the application as-is and retain it in the traditional on-premises deployment.

Live cutover In a live failover or cutover, the disaster recovery procedure is tested on the production environment where real customers and/or employees reside. The goal is to prove zero interruption of services using real accounts and services

A hybrid cloud environment hosts web services on both on-premises and the cloud. A similar network is set up in an isolated environment for testing disaster recovery scenarios. If IT management wants to test their disaster recovery procedures with the participation of a limited amount of real user accounts, what type of test would be most appropriate to carry out? Paper test Live cutover Table-top Walk-through

System state System state backups duplicate the essential OS configurations. These configurations can then be restored quickly to the same machine in the event of corrupted system files or misconfigurations.

A server administrator for a small company is running a handful of servers on older equipment that hasn't been allocated budgeting for maintenance. The administrator is worried about file corruption affecting system files or configurations. Which of the following backups is most suited for the administrator's concerns? System state Application level File level Database dump

OpenLDAP NetIQ eDirectory Active Directory

A server technician is setting up directory services for the environment. Which of the following solutions could the technician use? (Select all that apply.) OpenLDAP NetIQ eDirectory Active Directory X.500

LUKS BitLocker

A systems technician is enabling drive encryption for devices in the enterprise. What are the tools available for the technician to achieve this? (Select all that apply.) Encrypting File System LUKS gzip BitLocker

IP Country A web application firewall can be configured to provide access restrictions to a system or service. One such way is to limit access to a particular IP address. Access restrictions can be configured in a web access firewall. One such way is to configure access based on the country traffic is coming from.

A web application firewall requires configuration to protect a group of cloud services. Which parameters would protect the services if access is required only from a particular source location? (Select all that apply.) IP Country Protocol Port

Replatform

An application that requires some modification before it migrates to the cloud represents a _ or "lift, tinker, and shift" cloud migration type.

ISP outage As traffic is not passing between the cloud and on-premise servers, an outage likely exists. Because the local physical gateway is pingable, but anything beyond is not an Internet service provider (ISP) outage.

An organization that uses a hybrid cloud deployment experiences issues with Active Directory synchronization between cloud-based and on-premise servers. What might the issue be if engineers determine that they cannot ping devices beyond the local physical gateway? CSP Outage ISP outage On-premise outage Server outage

RPO

An organization would like to calculate the necessary quantity and frequency of its backup operations. Which metric would best provide insight into how the organization should configure its backups? MTBF MTTR RTO RPO

On premises-to-cloud, Private cloud As the organization considers a move to the cloud, the migration type would be an on premises-to-cloud. As the need is for internal and proprietary, the cloud type would be a private cloud.

Engineers at an organization prepare for cloud migration. The initial services that will move are internal and proprietary in nature. What migration type and cloud type result from this move? Cloud-to-on premises, Private cloud On premises-to-cloud, Hybrid cloud On premises-to-cloud, Private cloud Cloud-to-cloud, Community cloud

Capacity planning Trend analysis

Engineers concern themselves with user density issues before moving to a cloud-based service. What approach can the engineers utilize to address any concerns? (Select all that apply.) Capacity planning Business needs Trend analysis Solution requirements

When the organization needs to isolate workloads When the organization needs to centralize the management and analysis of traffic

In which of the following circumstances would a hub-and-spoke SDN (Software Defined Networking) design be an appropriate choice? (Select all that apply.) When the organization needs to isolate workloads When the organization needs to centralize management of administrative tasks When the organization needs to delegate the management of Active Directory and DNS When the organization needs to centralize the management and analysis of traffic

network virtualization using generic routing encapsulation (NVGRE)

Microsoft primarily relies on _ to extend VLANs.

Patterns Baselines

Since a version update, a web application has turned in continuously slower performance ratings. To best fix this, which of the following components should the developer pay the most attention to? (Select all that apply.) Anomalies Patterns Outstanding licenses Baselines

CI/CD Pipeline

Speedier way to development; Testing/integration; Staging ;Production Code is rapidly tested, commit updates daily, resolves conflicts early and often App and platform requirements are frequently tested and validated for immediate avaliability

Service interruptions Data loss

Support technicians establish a plan of action to resolve a cloud server issue. What should the technicians consider in this plan? (Select all that apply.) Service interruptions Likely cause Problem scope Data loss

SLA agreement Proper monitoring capabilities

The CTO of an organization is considering upgrading the data plan on the company's VPC to improve availability and uptime. Which of the following factors should the CTO consider? (Select all that apply.) SLA agreement Application compatibility Hardware redundancy Proper monitoring capabilities

Auto-scaling configurations Storage capacity and type Network bandwidth

The performance of an organization's cloud network is degrading, and the administrator is troubleshooting possible causes. What are some items the administrator should investigate? (Select all that apply.) Auto-scaling configurations Storage capacity and type Automation tools Network bandwidth

git merge

Through popular use, Git has become standard for code management. When working with code, branches can be created. The _ command is used to merge the branches at a certain point.

301

Until the request is redirected, the status code _ is returned because the relevant resource has been permanently relocated.

Change from WEP to WPA2

You are asked to improve the security of a wireless network. It is an 802.11g wireless access point secured using MAC filtering and WEP. What can you change to best improve security? Disable SSID broadcasting Change to an 802.11ac wireless access point Disable MAC filtering Change from WEP to WPA2

OpenLDAP

a free, open source implementation of the Lightweight Directory Access Protocol

Composite indicators

combine multiple indicators and are often preferred since they filter more minor changes that may have no meaning and look for a broader series of events that point to a more significant issue.

Satellite

is Red Hat's central patching solution. The administrator would be able to use this for Red Hat specific hosts. These services also provide logging and reporting, ensuring all systems remain current.

Netstat

is a legacy command used to display current TCP connections, which can be used for performance troubleshooting and monitoring. The newer command ss is more commonly used.

C6g, C6gd, C6gn

AWS Compute optimized images, such as _, are usually selected for high-performance web servers, machine learning, video encoding, and dedicated game servers.

I3 and I3en

AWS Storage optimized images, however, are better for roles such as hosting relational and NoSQL databases and data warehousing (_ images, for example).

certificate of compliance

A _ is a formal notice from regulatory agencies that a service provider meets industry regulations and standards.

Memory ballooning

_ is a feature of hypervisors designed to make more efficient use of physical memory for virtual servers by reclaiming memory currently unused by the VMs. When the VM reaches back for the unavailable memory, swapping may occur if configured.

X.500

_ is a standard similar to Lightweight Directory Access Protocol (LDAP) and used with NetIQ eDirectory services, which permit administrators to find and manipulate objects, such as user accounts and groups.

Blob storage

_ is most useful for storing very large amounts of data in an unstructured manner. As the data remains massive and would not require frequent access, cool or archive-tiered _ storage makes the most sense.

Server Message Blocks (SMB)

_ is the standard Windows folder sharing protocol. _ allows machines to share files and printers. Samba software allows UNIX and Linux servers or NAS appliances to run _ services for Windows clients.

Block storage

_ organizes the data for the benefit of the data itself. It is very efficient and useful for frequently modified data.

Generic Routing Encapsulation (GRE)

_ protocol is a tunneling protocol that does not use encryption unless combined with IPsec and should be avoided for any secure communications.

Usability

_ testing provides direct feedback on the interface, features, and practical use of a system or program. It ensures the application or server meets requirements and will be useful upon initial release or future iterations.

Regression

_ testing verifies that software changes will not impact the product's existing functionality and ensure newer functionality, including bug fixes or any change in the existing feature. In this case, the update seems to have adversely impacted part of the application's functionality.

Trend analysis

_ works to predict future results based on previously observed results to help cloud administrators anticipate future issues or capacity requirements from observed utilization of applications or systems.

Discretionary access control Discretionary access control (DAC) uses ACL entries controlled by data owners or custodians to determine resource access.

You are creating ACL entries of resources manually. What type of access control model is this? Mandatory access control PKI Discretionary access control TPM

`ping` and `arp` are correct. You can use the `ping` tool against the host at 192.168.0.15 and then use the `arp` tool to find the MAC address associated with that IP address.

You are looking to find what MAC address has an IP of 192.168.0.15 on your local network. What tools could you use to find the MAC address? (Choose two.) `flushdns` `arp` `ping` `nslookup`

Roll back

You discover that some services have stopped working on one of your Linux virtual machines after you deployed a new patch to it. What can you do to easily fix this? Restart Reinstall Roll back Clone

Virtual machine extensions Virtual machine extensions are small programs that run in cloud virtual machines for enhanced functionality, such as virus scanning or centralized cloud logging.

You need to ensure that cloud virtual machines report security events to a centralized cloud logging service. What should be configured for each virtual machine? Log forwarding Virtual machine extensions IDS Firewall

Switched fibre channel

_ Storage Area Network (SAN) adds a layer of switches between the nodes and storage. The advantage is scalability and multiple paths between SAN components.

Point-to-point fibre channel

_ Storage Area Network (SAN) is simple but not fault-tolerant or scalable. It consists of a simple connection from the server to the storage device.

Wide column

_ databases use rows, columns, and tables like relational databases. However, the column naming and formatting can vary by row, even within the same table.

Solution templates

_ describe a complete template that includes multiple virtual servers, various services, and network configurations. Following deployment, the consumer will manage the structure themselves.

The hot access tier is a storage configuration for frequently accessed data offered by Azure Blob Storage. The archive level tier is also a storage option under Azure Blob but is meant for holding rarely accessed data.

A Microsoft administrator must reconfigure storage by access requirements for a company. Which of the following tiers are potential options for the administrator to utilize as storage segments? (Select all that apply.) Hot Archive Standard infrequent Glacier

business needs analysis (or assessment)

A _ identifies business needs to find solutions to help the organization achieve its strategic goals. This potentially includes decreasing costs, increasing revenue, increasing a customer base, or improving operational efficiency.

single-metric indicator

A _ indicator will only use one indicator to trigger an alert. Generally, these are not as popular as they provide less data and are unnecessarily more sensitive to activity fluctuations.

Network Packet Broker (NPB)

A _ is a networking device that performs intelligent packet filtering, manipulation, and distribution, allowing network traffic to be efficiently routed to the appropriate monitoring or security tools. _ are commonly used in data centers and other large networks to improve the performance of network monitoring and security tools, as well as to reduce the amount of traffic that these tools need to process. _ can also provide network visibility and analytics, helping network administrators to troubleshoot network issues and optimize network performance.

Business Impact Analysis (BIA)

A _ is a type of report that documents research findings into the financial and reputational consequences an organization may face after a service interruption.

rehost

A _ or "lift and shift" cloud migration type occurs when an application is cloud-ready and does not need any modification before migrating it to the cloud.

refactor

A _ or "rip and replace" cloud migration type occurs when the developers must completely rearchitect an application before migrating it to the cloud.

D. Blob storage

A cloud administrator configures a storage solution that requires high capacity but does not require a particular data model or definition and will not be accessed regularly. Which storage type would be best for this requirement? File storage Block storage Hybrid disks Blob storage

The administrator wanted to use the same tool for both the on-premises and cloud solutions. Burp Suite's integration into CI/CD pipelines. The administrator wanted to centralize the scanning results for auditing purposes.

A cloud administrator extended the on-premises network to a public cloud solution in AWS. Instead of using Amazon Inspector, the administrator opted to use Burp Suite with the AWS cloud. What are some possible reasons why the administrator made this decision? (Select all that apply.) The administrator wanted to use the same tool for both the on-premises and cloud solutions. Burp Suite is easier to implement. Burp Suite's integration into CI/CD pipelines. The administrator wanted to centralize the scanning results for auditing purposes.

The sequencing of the automated steps was incorrect. The systems required a reboot and had not completed the startup process before automation proceeded. Incorrect sequencing of the automated steps in the change management orchestration workflow is a possible reason why the workflow failed. Proper sequencing ensures that the workflow completes prerequisite steps before the workflow continues. The systems required a reboot and had not completed the startup process before the automation proceeded is a possible reason why the workflow failed.

A cloud administrator implemented a change management orchestration workflow for updating systems on the cloud network, but the orchestration workflow failed. What are some possible reasons why the orchestration workflow failed? (Select all that apply.) The sequencing of the automated steps was incorrect. The systems required a reboot and had not completed the startup process before automation proceeded. The SSH keys changed. The service account mapping was incorrect.

NVGRE

A cloud administrator is extending the use of virtual local area networks in their Azure cloud environment. Which solution should the administrator use? NVGRE STT VXLAN NVGRE, VXLAN, and STT can all be used together

The control node obtained an IP address from the DHCP (Dynamic Host Configuration Protocol) server. The administrator has not allowed traffic from the control node through the firewalls. The administrator moved the managed nodes to a different environment.

A cloud administrator is implementing a configuration management solution to ensure all nodes on the network meet requirements. However, when the administrator tests the solution, the control node is unable to reach the managed nodes. What are some possible reasons why? (Select all that apply.) The control node obtained an IP address from the DHCP (Dynamic Host Configuration Protocol) server. The administrator has not allowed traffic from the control node through the firewalls. The DNS servers have a resource record for the control node name and IP address. The administrator moved the managed nodes to a different environment.

Blob

A cloud administrator is migrating a significant amount of server data from company-controlled premises to a cloud environment. As such, capacity is a primary concern, but the company will access the data very infrequently and so, a specific data model will not be required. Which storage type would be best for this requirement? File Blob Block Hybrid disk

Maintenance

A cloud administrator is migrating services from the on-premises network to the cloud network. What phase of the lifecycle roadmap does this activity fall in? Maintenance Deployment Deprecation Development

Ansible The cloud administrator's best option is Ansible. Ansible is an agentless configuration management tool that connects to devices over Secure Shell (SSH) to manage nodes and configurations and supports both Windows and Linux.

A cloud administrator is researching tools that will ensure the configuration of servers, devices, and services. The administrator is responsible for both Windows and Linux operating systems and does not want to rely on a client-server structure. The administrator also does not want to install agents or enable special services on managed devices. What is the cloud administrator's best option? Chef Puppet Ansible PowerShell DSC

Update security group memberships Update name resolution

A cloud administrator is troubleshooting connectivity issues between Virtual Private Clouds (VPCs). Which of the following steps should the administrator perform? (Select all that apply.) Ensure HTTP header information is compatible Check for high packet retransmissions Update security group memberships Update name resolution

Check oversubscription of computing resources Check if correct templates are used to create instances

A cloud administrator is troubleshooting insufficient capacity and performance degradation. Which of the following troubleshooting steps should be part of the process? (Select all that apply.) Check oversubscription of computing resources Check if correct templates are used to create instances Check if cloud instance tags are accurate Check load balancer type and configuration

Document-oriented Wide column

A cloud administrator would like to devise a means of organizing a large amount of unstructured data. The organization scheme should remain scalable and maintain organizational integrity between teams. Which database models would suit this intent? (Select all that apply.) Document-oriented Azure MS SQL Server Wide column Object storage

Identify confidential data in use Apply protection automatically Monitor for exfiltration

A cloud architect establishes a Data Loss Prevention (DLP) program for their companies' cloud infrastructure. Which of the following are goals that they should architect towards? (Select all that apply.) Segment networks into logical data areas Identify confidential data in use Apply protection automatically Monitor for exfiltration

A. Rehosting

A cloud architect has a migration contract for a company who wants to keep the migration fast and simple. Which type of migration would work best for the company? Rehosting Replatforming Refactoring Retaining

C6g

A cloud architect is designing a solution for a development company that makes mobile games. The games reach out to dedicated cloud gaming servers. Which of the following AWS instances would be best suited for this situation? l3 C6g f1 sc1

Compute Compute resources encompass CPU, memory, storage, and network allocations. These areas rely on computing I/O functionality to accomplish tasks that require calculations. Administrators compute solutions to meet specific needs.

A cloud engineer configures virtualized services for a new cloud-based application rollout. Which resource area does the engineer focus attention on to determine general I/O functionality requirements? Data Compute Network Virtualization

VLAN IP GPS

A cloud service at an organization should only allow for logins based on a user's specific and authorized location. Which technologies do security engineers suggest using to comply with this requirement? (Select all that apply.) VLAN IP GPS SSH

Check that VM templates are configured properly. Check if automated scripts were used and were configured correctly. Check that instance tags are correct, allowing for proper firewall and routing setup.

A cloud service provider's (CSP) support team is helping a customer with resource access problems. When attempting to access a virtual machine (VM) instance, the customer discovers that they are unable to log in. Provide specific starting points for the agent's analysis. Check that the load balancer is configured correctly. Check that VM templates are configured properly. Check if automated scripts were used and were configured correctly. Check that instance tags are correct, allowing for proper firewall and routing setup.

io2 io1 and io2 are the highest performance options for transactional workloads like Microsoft Structured Query Language (MSSQL) and International Business Machines Corporation (IBM) DB2.

A cloud technician is analyzing storage tiers for a critical Structured Query Language (SQL) instance which requires high performance. Which of the following would best suit the technician's needs? gp3 st1 io2 sc1

D. Ansible Ansible is a declarative orchestration tool that uses YAML files called Ansible playbooks to define the desired configuration.

A cloud technician is attempting to look for pre-configured automated tasks that are already built. The technician finds some useful YAML files. Which of the following tools is the best option for the technician to use? Chef SDS PowerShell Ansible

Clustering Anti-Affinity Clustering servers together is a great way to improve high availability. Virtual machines (VMs) can be deployed to such a cluster. Anti-affinity is a deliberate scattering of virtual machines (VMs) across multiple physical hosts. This approach is used to avoid a single point of failure.

A cloud-based server infrastructure for an organization is currently not available. Engineers determine that all of the virtual machines (VM) on a host and the host itself are shut down. What VM management approach helps to avoid such a situation? (Select all that apply.) Clustering Affinity Replication Anti-Affinity

Check ISP Check logs

A colleague reported that the Virtual Machine migration to the cloud failed immediately after starting the process. A pop-up window showed a failed connectivity status. What can the team check on to troubleshoot this issue? (Select all that apply.) Check network latency Check ISP Check logs Check storage capacity

Hyperconvergence. With hyperconvergence, compute, storage, and network resources are inseparable and managed as a single unit. This is in contrast to converged resources, which an administrator can separate into their constituent parts. Hyperconverged storage allows the company to accomplish its intent of combined logical storage.

A company has asked an administrator to suggest options that would allow the company to have an almost entirely logical solution from the current physical hardware in place. The company has already procured a host of virtualization resources, including VMs, hypervisors, vCPUs, and vNICs. Which method would permit the company to add a virtual storage option to the entire solution? Persistent storage SDN Hyperconvergence SAN replication

A. Blue-Green model

A company is about to release a new accounting software. The company would like to begin follow-up versions of the software as the current version is immediately released to maximize development and market efficiency. What best characterizes how this company plans to iterate its software development and release schedule? Blue-Green model RPO Canary deployment DRP

Compensation Downtime

A corporate counsel reviews established service level agreements for cloud services a company offers. What areas do these agreements cover? (Select all that apply.) Escalation Troubleshooting Compensation Downtime

Older configuration files contain deprecated settings. The application build process is an automated process that applies configurations as an application is built. Since IT has recently upgraded the software and not the target's operating system, the issue lies with the software's configuration file.

A developer troubleshoots building a cloud-based application. The application build process has run smoothly in the past, but now automation attempts continue but return a deprecation message in the process. IT staff recently upgraded the configuration management software. What is the likely cause of the problem? Older configuration files contain deprecated settings. Configuration management is trying to use an OS feature that no longer exists. Configuration management tool version is incorrect. An API does not match requirements for an associated data source.

Maintenance The longest lifecycle phase is the production or maintenance phase. During this phase, the service or application provides functionality to fulfill its role in the business and is maintained while in operation

A lifecycle roadmap tracks the phases of a system or service. Which phase in the lifecycle does an IT department expect to last the longest? Maintenance Development Deprecation Deployment

With a static algorithm When using load balancing for resources, a static algorithm evenly distributes the workload among servers. This approach is best for workloads that rarely change.

A load balancer does not work as intended. All traffic should be evenly distributed amongst the servers. How should the engineer reconfigure load balancing? With a dynamic algorithm As round robin With a static algorithm With ACL filtering

D. iSCSI

A network administrator is building a Network Attached Storage (NAS) configuration. The administrator would like to provide storage for numerous hosts, however, the configuration cannot be overly complex for the IT staff to learn, and ideally, costs will be kept to a minimum. Which of the following is the best choice for this scenario? NVMe-of Fibre Channel SMB iSCSI

If the instance is not a member of the correct group If there is an error or typo in the Ansible Playbook If configuration is applied to the wrong group

A network administrator is managing the orchestration for a corporate hybrid network. The network administrator is using Ansible for configuration management, and the configuration of a single instance among many is not being correctly changed by the Ansible playbook. Propose possibilities for the administrator to consider as causes to troubleshoot the configuration problem. (Select all that apply.) If the virtualization server is down If the instance is not a member of the correct group If there is an error or typo in the Ansible Playbook If configuration is applied to the wrong group

Is the API trying to patch a file or function that no longer exists? Is the API version compatible with the backend data source? Is the OS version on the node correct?

A network administrator is patching software on a corporate network using automation utilizing an application programming interface (API) and Python scripts. However, processes start failing left and right. Recommend paths of investigation for the troubleshooting process. Are clients showing high memory utilization on the VM OS performance monitor? Is the API trying to patch a file or function that no longer exists? Is the API version compatible with the backend data source? Is the OS version on the node correct?

Check that the account associated with the SSH certificate matches the service account responsible for the automation tasks. Check that the system has completed the startup process before automation begins. Check that the sequence of the orchestration configuration is correct.

A network administrator oversees the orchestration of automation tasks for a government agency. The network administrator is remotely administering the network using an encrypted SSH link and using Chef to manage configuration; however, the Chef cookbook is not updating the configuration of certain instances correctly. Propose plausible causes for the administrator to explore when troubleshooting this configuration problem. (Select all that apply.) Check the VM OS performance monitor for high memory utilization of clients. Check that the account associated with the SSH certificate matches the service account responsible for the automation tasks. Check that the system has completed the startup process before automation begins. Check that the sequence of the orchestration configuration is correct.

Hypertext Transfer Protocol File Transfer Protocol Generic Routing Encapsulation

A network administrator reviews protocols in their companies' cloud environment to search for insecure protocols that should be removed. Which of the following protocols should not be used by themselves? (Select all that apply.) Hypertext Transfer Protocol Secure Shell File Transfer Protocol Generic Routing Encapsulation

Check that firewalls are not interfering with traffic. Check IP configurations on the load balancer and web servers. Check that web servers are not overwhelmed.

A network administrator working for an advertising company that uses multiple web server instances for their website is informed by a colleague that the load balancer attached to the network may not be functioning correctly, as users are complaining about low network bandwidth and high latency. The administrator investigates, determining troubleshooting is necessary. Consider possibilities for the administrator to check while troubleshooting the load balancer. (Select all that apply.) Check that firewalls are not interfering with traffic. Check VM OS performance monitor for high memory utilization of clients. Check IP configurations on the load balancer and web servers. Check that web servers are not overwhelmed.

Service Level Agreement

A network technician is investigating a resource access issue on a corporate network. Decide which corporate policy the technician should consult before implementing changes in order to determine whether the issue should be escalated to the cloud service provider (CSP). Disaster Recovery Plan Certificate of Compliance Service Level Agreement Business Impact Analysis

Data frames are tagged with VLAN information Functionality is at layer 2 in the OSI model Functionality is at the data link layer in the OSI model

A new virtual private cloud utilizes several virtual local area networks (VLANs). What should an administrator know in order to manage a VLAN? (Select all that apply.) Data frames are tagged with VLAN information Functionality is at layer 2 in the OSI model Functionality is at the data link layer in the OSI model Any device can communicate with a member of any VLAN

The engineer does not need to log in to the VM instances as an administrator. The engineer is using an incorrect login. The engineer's role assignment does not allow logging in to the VMs as an administrator.

A newly hired cloud administrator assigned an engineer to manage several virtual machine instances, but when the engineer attempts to log in to any of the instances as an administrator, the login fails. What are the most likely reasons why the engineer cannot log in? (Select all that apply.) The engineer does not need to log in to the VM instances as an administrator. The engineer's account does not exist. The engineer is using an incorrect login. The engineer's role assignment does not allow logging in to the VMs as an administrator.

REQUEST TIMED OUT

A ping response of "Fail: _" indicates that the on-premises computer was able to send the ping request but never received an answer.

Training Call trees Device documentation

A server administrator is drafting up a disaster recovery plan. Which of the following should the administrator include in the disaster recovery plan? (Select all that apply.) Training Restore backups Call trees Device documentation

Satellite Systems Manager Patch Manager Windows Server Update Services

A server administrator is looking for a solution to manage patching as the organization moves to the AWS cloud. Which of the following solutions could the administrator use? (Select all that apply.) VM Manager Satellite Systems Manager Patch Manager Windows Server Update Services

Increased compliance Reduced attack surface Increased containment of security breaches

A server administrator is reviewing advantages of microsegmentation if they move to cloud-based services. Which of the following would the administrator benefit from? (Select all that apply.) Increased compliance Increased bandwidth availability Reduced attack surface Increased containment of security breaches

Parallel recovery Walk through Table-top In a parallel recovery using a non-production test environment, the disaster recovery procedures are implemented in a non-production environment. Virtual machines work especially well for this kind of test. In a walk through, the disaster recovery procedures are stepped through to confirm their viability. No changes are made, and no data is restored. In a table-top or simulated failover, the disaster recovery procedures are implemented on a limited scale. Participants engage in role-playing to ensure comprehension and realism.

A server administrator was recently assigned the role of disaster recovery planning. They have developed a plan but are not quite ready for full scale testing. They do, however, want to include other people in the process. Which of the following will help the administrator at this point? (Select all that apply.) Parallel recovery Walk through Table-top Live failover

Warm site Cloud site

A solutions architect has performed a risk analysis for disaster recovery and has determined that the likelihood of needing to recover is very low. They also determined that needing some time to bring another center up is acceptable, but not too much time. Which of the following backup solutions would meet the company's needs? (Select all that apply.) Hot site Warm site Cold site Cloud site

Content delivery network replication Distributed file system replication

A storage administrator is architecting a solution that will provide quicker access to users. Which of the following replication strategies will support this? (Select all that apply.) Storage area network replication Content delivery network replication Virtual machine replication Distributed file system replication

Log file archiving Shutdowns and restarts Installations and upgrades -Log file archiving helps to keep a system healthy. This is due to the large file size that is common with such files. Large log files can be slow to load. Archiving them maintains a history. -Automation can benefit an organization by streamlining for efficiency. Scheduling shutdowns at designated times saves time for administrators and helps to complete an update installation. -Installations and upgrades are part of a maintenance routine. Automatic the process, including approvals, downloads, and implementation relieves administrators of the burden.

A team of administrators look for clever ways to automate cloud systems and services to streamline Windows-based cloud server maintenance activities. What options do the administrators consider for reliability and efficiency? (Select all that apply.) Log file archiving Shutdowns and restarts Installations and upgrades Deploying containers

Clones

A technical department has stood up a new server that will utilize virtualization to support a small team of specialists. Following the configuration of the VM's baseline settings and specifications, the team will eventually require further virtualization capabilities as they add more servers to form a cluster. What would be the most efficient means of configuring the virtualization capabilities as the technical department adds more servers? VM templates Software patches Clones Hypervisor

ACL not updated DNS configuration problem

A technician successfully pings the internet while configuring the public server component of a hybrid cloud. However, when an employee attempts to connect to the hybrid cloud's public servers, the connection fails. Which of the following might be potential causes? (Select all that apply.) Faulty internet connection ACL not updated Inadequate throughput DNS configuration problem

VM replication

A technician working in a software testing lab environment would like to verify various disaster recovery scenario responses. Currently, the needed recovery data is hosted virtually, and the technician would like to create mirrored backups for testing purposes. Which of the following best describes the method the technician is utilizing? Data buckets CDN replication VM replication Tenants

Determine the scope Once a problem has been identified,the next step of gathering additional information to determine the scope of the problem (such as how many systems might be impacted) should take place.

A user mentions that a cloud-based data entry portal is not accessible. Engineers identify the problem as a client-side issue. What step should the engineers take next to troubleshoot the issue? Establish a theory Question the obvious Establish a plan Determine the scope

Change virtual instance type. Power off virtual instance.

A virtual instance on the Amazon Web Services (AWS) platform has 64 virtual central processing units (vCPUs) and 432 (Gibibyte) GiB of memory. What can a cloud administrator do to make the virtual instance memory-optimized? (Select all that apply.) Change virtual instance type. Reduce vCPU count. Power off virtual instance. Use a hyperconverged system.

96 As the standard calculation for AWS is vCPU = number of cores x number of threads, then six servers with eight-core processors would produce 48 physical cores. With standard multi-threading, the calculation is 48 x 2 = 96. Therefore, the technician will utilize a total of 96 threads.

An AWS technician is provisioning six virtual processors to assist with an anticipated increase in workload. Each processor possesses eight cores. Using standard vCPU provisioning and multi-threading, how many total threads will the technician utilize in this effort? 96 48 24 72

C. Composite indicator

An AWS technician must configure a server to notify an administrator if an availability incident occurs. What would be the best way to configure this notification system? ANSWER Suspicious activity alert Single-metric indicator Composite indicator Default policy

The administrator can revert to the snapshot taken before patching.

An administrator applied an operating system patch to a cloud VM instance, but the patch broke some of the system's functionality. How can the administrator return the system back to pre-patch configuration? The administrator can roll the patch back. The administrator can revert to the snapshot taken before patching. The administrator can uninstall the patch. The administrator cannot return the system back to pre-patch configuration.

Multifactor authentication

An administrator has an organization's headquarters locked down so that users can only log in to the cloud network between 6 a.m. and 6 p.m. and only if they are in the headquarters building. What is this an example of? Authentication Multifactor authentication Authorization Auditing

Configuration management settings on the NAC Which network entry points are being checked

An administrator inadvertently discovered an unsecured device on the cloud network. What should the administrator check? (Select all that apply.) WAF rules meet requirements WAF positioned in front of web application servers Configuration management settings on the NAC Which network entry points are being checked

B. Replatform

An administrator is evaluating an application for migration to the cloud and determines that before migrating the application, the organization must first send it back to the developers to remove hard-coded IP addresses and make other minor modifications. What cloud migration type does this represent? Rehost Replatform Refactor Retain

Public cloud instance Hybrid cloud instance

An administrator is installing a vulnerability scanner. In which instances can the administrator use the standard administrative console provided by the CSP? (Select all that apply.) Standalone virtual machine Standalone cloud instance Public cloud instance Hybrid cloud instance

Run systemd start sshd and systemd enable sshd on a machine used for remote administration. Use the Nmap tool to scan the network.

An administrator is practicing security hardening. Which of the following software-based solutions will the administrator take to reduce the vulnerability of the network? (Select all that apply.) Run systemd start sshd and systemd enable sshd on a machine used for remote administration. Use the Nmap tool to scan the network. Install all firmware upgrades. Remove web proxies.

Implement segmentation Implement an edge network Implement an NPB

An administrator is receiving complaints from users that the network is too slow. What steps should the cloud administrator take to reduce network latency? (Select all that apply.) Eliminate replication Implement segmentation Implement an edge network Implement an NPB

An oversubscription of compute resources may cause issues with cloud performance degradation but will not cause an application not to run in a container.

An administrator is trying to determine why an application in a container is not running. Which of the following does NOT represent an item the administrator should troubleshoot to determine the cause? An oversubscription of compute resources Container images are valid Container engine is running Container hosting the app is running

Discretionary access control Windows New Technology File System (NTFS) permissions allow users to manage access levels for other users on resources they own. This is an example of discretionary access control.

An administrator is using Active Directory (AD) to manage permissions for users, permitting file and folder owners to manage other users' access to those resources. What kind of access control is this? Mandatory access control Discretionary access control Role-based access control Rule-based access control

The on-premises computer was not able to send the ping request because the connection is down. A ping response of "Fail: DESTINATION HOST UNREACHABLE" indicates that the on-premises computer was not able to send the ping request since the connection is down.

An administrator is using the ping command to test connectivity between the on-premises network and the cloud network. The response from the ping command is "Fail: DESTINATION HOST UNREACHABLE". What does this response indicate? The on-premises computer was not able to send the ping request because the connection is down. The on-premises computer was able to send the ping request but never received an answer. The on-premises computer has a problem. The cloud computer has a problem.

Deployment personnel The administrator will not see the deployment personnel on the lifecycle roadmap. The roadmap shows information about systems, budgeting, and planning, but not personnel.

An administrator is viewing the organization's lifecycle roadmap. What kind of information will the administrator NOT see on the Gantt chart? The status of deployments Deployment budgeting Deployment planning Deployment personnel

The administrator did not follow the correct procedures. The administrator applied inaccurate instance tags.

An administrator manually configured four new VM (Virtual Machine) instances in the public cloud. Three of the VM instances work, but the administrator is unable to connect to the fourth instance from the on-premises network. What might the administrator have done to cause the connection to the fourth instance to fail? (Select all that apply.) The administrator used a misconfigured VM template. The administrator did not follow the correct procedures. The administrator applied inaccurate instance tags. The administrator used a misconfigured script.

maintenance

An administrator migrating services from the on-premises network to the cloud network falls under the _ phase of the lifecycle roadmap.

D. git push

An administrator new to using Git tries to build a repository for a cloud application. Which command does the administrator use to place the code in the remote repository? git merge git clone git commit git push

Update security group memberships. Verify that peering routes are configured on each VPC. Check the name resolution.

An administrator of cloud services is assisting a customer with troubleshooting connectivity issues. When the user attempts to link two instances on different virtual private clouds (VPC), they discover that they are unable to do so. Provide suggestions for the administrator's investigation. (Select all that apply.) Update security group memberships. Verify that peering routes are configured on each VPC. Ensure that HTTP header information is compatible with the load balancer. Check the name resolution.

The version of the operating system is now incorrect.

An administrator upgraded the operating system on several servers and then ran the configuration management tool to ensure the nodes meet the established requirements. However, the configuration management process failed, even though it ran fine earlier that same day. What is a valid reason why the configuration management process may have failed? The version of the configuration management tool is now incorrect. The version of the operating system is now incorrect. The files provided for configuration don't match the deployment tool. The API version for the backend data source is now incorrect.

SSH remote If authentication is required by the automation process, use key-based authentication with tools such as SSH. A connection can be made to the remote system by using SSH. Key-based authentication would provide credentials without the need to manually enter them.

An automation tool uses scripts to configure and deploy new cloud services. In the past, credentials to apply configurations were contained in the scripts. Engineers now see this approach as a security flaw and decide to use key-based authentication. Which solution do the engineers integrate into the process? Remote desktop Password vault SSH remote Service account

Data With software-defined networking (SDN), the data plane operates at a computing level. It controls packet management tasks such as forwarding or filtering network traffic within and between segments.

An engineer manages a new cloud deployment. Network devices in the cloud infrastructure are configured by using a software-defined (SDN) network approach. What plane controls packet management tasks or filters network traffic within and between segments? MAC IP Control Data

Queue length The system queue tracks the processes that are waiting to be executed by the central processing unit (CPU). For improved performance, the queue length value should not exceed the number of logical CPUs.

An engineer monitors a system for excessive system load as it relates to processes. Which metric does the engineer record when considering the number of logical processors in the system? Queue length Period of time Physical CPUs CPU efficiency

Compute resources Operating system Storage resources

An engineer recommends that an administrator should deploy cloud-based virtual machines (VMs) for the first time by using templates. What advantages does the engineer say the template settings provide for rapid deployment? (Select all that apply.) Compute resources Operating system Storage resources Container services

Cloud bursting When an administrator configures an on-premises cloud to spill over into a public cloud to add more resources during times of high usage, this represents cloud bursting.

An on-premises cloud network usually has enough resources to handle all the online traffic for a busy department store. However, when the department store has special sales, the on-premises network becomes oversaturated with traffic. To mitigate this issue, the administrator configured the network to add virtual machines from a public cloud network as necessary. What type of right-sizing model does this represent? Horizontal scaling Vertical scaling Cloud bursting Auto-scaling

Use VRF Use VXLANs The organization can use VRF (Virtual Routing and Forwarding), a Layer 3 technology that is more scalable than VLANs. It allows a router to manage multiple routing tables that each directs traffic to a different route. The organization can use VXLANs (Virtual Extensible Local Area Networks) to manage the growth. VXLANs extend the scalability of VLANs and support up to 16 million separate networks.

An organization currently has a cloud network subnetted using Layer 2 technology to isolate separate networks. However, the organization is rapidly growing and will soon need to accommodate over 5000 separate networks, which is more than the current subnetting technology can handle. What can the organization do to manage the growth? (Select all that apply.) Add a load balancer Use VRF Use VLANs Use VXLANs

Search the cloud marketplace

An organization has a hybrid cloud environment with several virtual instances in the Microsoft Azure cloud and would like to ensure backup solutions are ran in the cloud entirely. If the organization prefers using the latest, compatible third-party backup application for these cloud instances, what could cloud administrators do to fulfill this requirement? Perform a test restore. Search the cloud marketplace. Run the Azure Backup service. Review the Azure Service Health dashboard.

Solution template

An organization has asked a network administrator to configure a departmental network that includes both storage and virtualization capabilities. The department maintains its own internal IT staff capable of managing the configuration, but it should come ready to deploy immediately across the entire department. What is the organization asking the administrator to configure? Solution template Container Serverless deployment Managed solution

RPO (Recovery Point Objective)

An organization has determined that they cannot lose more than 12 hours of data. What does this number represent? RPO MTTR RTO 3-2-1 backup rule

A. Legal hold

An organization has informed a server administrator to make sure to preserve the integrity of specific emails. What is this process called? Legal hold Records management Versioning Retention

Ask a series of "Why" questions. The best way for the organization to understand the root cause of the breach is to ask a series of "Why" questions to uncover what created the circumstances that allowed the breach to occur.

An organization has recently recovered from a data breach and is working to identify what created the circumstances that allowed the breach to occur. What is the best way for the organization to understand the root cause? Use forensic professionals. Provide appropriate training. Ask a series of "Why" questions. Implement targeted monitoring.

The organization should migrate the data using a CSP's proprietary solution that avoids the public Internet. The organization should migrate the data using a storage transfer service. Migrating data using a Content Service Provider's (CSPs) proprietary solution that avoids the public Internet is a good choice. As medical records are sensitive information, the organization must avoid transferring that data over the public Internet. Migrating data using a storage transfer service is a good choice. A storage transfer service can migrate large amounts of encrypted data.

An organization is evaluating options for migrating millions of medical records to a community cloud. The organization needs to migrate the records as quickly as possible and without any downtime. What are the best solutions for migrating the data? (Select all that apply.) The organization should migrate the data using an automated file transfer command like curl. The organization should migrate the data using a CSP's proprietary solution that avoids the public Internet. The organization should migrate the data using a storage transfer service. The organization should migrate the data using peering over the public Internet.

Smart cards Fingerprint scanners

An organization is planning to implement Multifactor Authentication (MFA). Currently, users must enter a password to access resources. What other valid forms of authentication can the organization implement to successfully achieve MFA? (Select all that apply.) Smart cards Fingerprint scanners Pin numbers Security questions

A. Parallel recovery

An organization is testing the cloud disaster recovery plan. The goal is to implement the recovery without disrupting production. What kind of test is the organization running? Parallel recovery Simulated failover Walk-through Live failover

Interrelated microservices Configuration items The administrator can expect the CMDB to be tracking the interrelated microservices that make up a larger application on the cloud deployment. The administrator can expect the CMDB to be tracking the relationship of configuration items on the cloud deployment.

An organization is using a configuration management database (CMDB). What items can the administrator expect the CMDB to be tracking on the organization's cloud deployment? (Select all that apply.) Asset tracking Interrelated microservices Inventory tracking Configuration items

Public With a public cloud model, a cloud service provider (CSP) owns the cloud deployment and allocates its resources to external, unaffiliated customers.

An organization looks to provide a cloud portal to an unaffiliated audience through a 3rd party service. Which cloud model does the organization deploy? Public Private Community Hybrid

The organization will use a direct migration, which migrates databases with the same database design between two Content Service Providers (CSPs), to migrate the relational databases from the AWS cloud to the Azure cloud.

An organization needs to migrate a number of large databases from an Amazon Web Services (AWS) cloud to an Azure cloud. The databases use tables to store the data and keys to link the data information. What solution will the organization use to migrate the data? Direct Cross-service Relational Non-relational

D. GENEVE (Generic Network Virtualization Encapsulation)

An organization recently acquired a new company. The organization has an on-premises network extended to the Azure cloud, and the newly acquired company is using an Amazon Web Service (AWS) cloud deployment. What can the network administrator implement to allow the organization's network to communicate with the new company's network? VLAN Stretching NVGRE STT GENEVE

Develop

An organization's developers currently have to put in a request to the IT department to have a development environment created on-premises for developing applications, but the organization is testing a cloud solution that will allow the developers to create their own development environments. What step of the change management process does this represent? Propose Approve Develop Deploy

Ruby

Chef configurations are written in the _ programming language and stored in recipes. The recipes automate processes, and multiple recipes are combined into cookbooks.

Independent governance The granularity of microsegmentation allows for independent and isolated workflows. As such, each segment that has been created can be governed independently with its own policies and rules.

Cloud engineers microsegment a network to secure sections from each other based on workload. When considering the granularity of the segments, which aspect is critical? Reduced attack surface Independent governance Increased compliance Scaling ability

Bursting Memory bursting reads the next memory address contents in an effort to speed up data retrieval.

Which memory management feature is used to help speed up data retrieval? Ballooning Paging Overcommitment Bursting

The engineers use transport mode The engineers use data encryption rules With transport mode, the original header is not encrypted, but the payload is. There are small bandwidth savings by not encrypting the entire packet. This mode is usually used with host-to-host connections. IPsec encapsulation can be configured with rules that define types of network communications that should be encrypted and those that should not. Not encrypting some traffic types saves bandwidth.

Engineers decide to use IPsec encapsulation to encrypt a portion of network communications between two cloud servers. As network bandwidth is a concern, how do engineers configure the encryption? (Select all that apply.) The engineers use tunnel mode The engineers use transport mode The engineers use data encryption rules The engineers implement key exchange

Lessons Learned Standard Operating Procedures Lessons learned would cover the area of communications. Stakeholders would document what went wrong and where improvement can be made. The standard operating procedure could cover many areas including a description and process for using communications and a communications chain.

Key stakeholders gather for a post-incident meeting after experiencing a service disruption in a crucial cloud application. Communication between the support team and management did not go well during the incident. Which topics do the stakeholders focus on during this meeting? (Select all that apply.) Lessons Learned Root Cause Analysis Standard Operating Procedures Service Level Agreement

git push

Git is the de facto standard for code management. When working with a repository, the _ command will place or update the code from the local machine.

git clone

Git is used to managing code or files in many different contexts. The _ command is used to grab a copy of the code from the repository and create a copy on the local machine.

git commit

Git software manages code versioning in collaborative development environments. When working with code, _ command is used to save local changes to a project.

It doesn't perceive it Once a host system maps the memory to the virtual machines, the system becomes unaware of how the VMs manage the memory or what information is stored there.

How does a host machine recognize memory used by virtual machines? It auto-configures swapping It doesn't perceive it It is seen as separate It hyperconverges

Check OS performance metrics. Check cloud management utilization reports.

If a cloud virtual instance is over-utilizing its CPU, what can a cloud administrator check to confirm it? (Select all that apply.) Check OS performance metrics. Check cloud management utilization reports. Check for unnecessary network traffic. Check cloud management replication errors.

Hyperthreading Simultaneous Multi-threading (SMT)

If a user purchases a CPU that houses 8 cores but is capable of managing up to 16 tasks at a time, which technology is the user leveraging? (Select all that apply.) Hyperthreading Ballooning SSO SMT

505

If the server does not accept HTTP, the error message code _ is returned, meaning that the server was unable to fulfill the request.

simulated

In a _ failover test, the organization would role-play the incident and implement the disaster recovery procedures on a limited scale.

live

In a _ failover, the goal is to have no interruption of service for users while the organization tests the disaster recovery procedures by implementing them in the production environment.

walk-through

In a _ test, the organization does not restore any data or make any changes, but the organization walks through the disaster recovery procedures to verify their viability.

The administrator failed to ensure that there was sufficient drive space available for the patch process. The administrator failed to disable antivirus during the patching process

In preparation for patching the operating systems on a cloud network, the administrator double-checked to make sure the correct patch was queued for the operating system, that it was the correct version, and that it tested successfully in the test environment. However, the patch still failed to install in production. What are some reasons why the patch installation may have failed? (Select all that apply.) The administrator failed to ensure that there was sufficient drive space available for the patch process. The administrator failed to ensure the patch matched the application version. The administrator failed to test the patch in the production environment. The administrator failed to disable antivirus during the patching process.

An expired certificate A revoked certificate A smart card is a physical device that is used with a reader to grant access control to a system or service. The smartcard contains a certificate that may have expired. Some authentication methods include ID cards which act as a smart card. As a smart card contains a digital certificate, the certificate may have been revoked.

Multifactor access to a cloud management workstation fails for a systems administrator. The system administrator reports that the system accepted a password but will not accept a smart card. What does a security team determine the problem to be? (Select all that apply.) An incorrect pin An expired certificate A revoked certificate A disabled account

System-state backup The administrator can use a system-state backup to restore the VM. Although the server houses a database, the misconfiguration corrupted the VMs operating system files.

One of the VMs that houses an organization's big data analytics database has become corrupted from an operating system misconfiguration. What kind of backup can the administrator use to quickly restore it to the previous state? Filesystem backup Database dump System-state backup Application-level backup

Static resource records Static resources resource records are DNS records that will not automatically update. If host names change, DNS will not be aware and the old host names will remain.

One organization acquires another organization. In combining cloud infrastructures from each, a directive to rename servers to a standard format is issued. After doing so, many servers are no longer reachable by host name. What configuration should support engineers check? Subnet masks Static IP addresses Static resource records Firewall ACLs

NetIQ eDirectory

is an X.500-compatible directory service software product from NetIQ. Previously owned by Novell, the product has also been known as Novell Directory Services and sometimes referred to as NetWare Directory Services.

single root input/output virtualization (SR-IOV)

The _ component permits direct access between virtual machines and the PCIe bus, including the NICs on the bus. This permits faster communication between the physical network connection and VMs on the host server.

staging

The _ environment (which is often also the quality assurance environment) is where QA testers validate cloud applications and services. This validation may include security and performance testing. The tests may be automated or manual (or both).

Business Requirements Document (BRD)

The _ is the document that defines a project's scope, success factors, constraints, and other information to achieve project goals.

deployment

The _ phase of the lifecycle roadmap documents when the administrator places a system into service. This phase of the lifecycle also includes staging.

development

The _ phase of the lifecycle roadmap includes applications that the organization has approved for development.

deprecation

The _ phase of the lifecycle roadmap occurs when the vendor or administrator announces the date for the end of support for a system or service and discourages new deployments.

GENEVE (Generic Network Virtualization Encapsulation)

The administrator would use _, a standard for defining data formats, to extend the organization's VLAN to the Azure and Amazon Web Service (AWS), or multi-cloud deployments.

Per user licensing

The company purchased a cloud-based application that all employees can access from a web browser. The application will be able to support new employees as the company grows. What type of licensing structure did the company most likely purchase for this application? Socket based licensing Per user licensing Volume based licensing Perpetual licensing

By user By group By partition

To control costs, an administrator needs to set storage quotas for file shares on a Windows cloud-based server. What options exist to set quotas? (Select all that apply.) By instance By user By group By partition

Network connectivity Application is running Users have permissions

Users are complaining that they cannot reach a cloud-hosted application. Which of the following items should the administrator check? (Select all that apply.) Application has enough memory Network connectivity Application is running Users have permissions

SCVMM Microsoft System Center Virtual Machine Manager (SCVMM) is used to manage hypervisors and virtual machine environments.

What Microsoft product is used to manage hypervisors and virtual machines? SCVMM SCCM Group Policy Command Prompt

CPU work is queued by the hypervisor. When a virtual machine is overallocated with vCPUs, the hypervisor will queue CPU work so the physical hardware can meet the demand.

What can result from overallocating vCPUs to a VM? vCPUs cannot be overallocated; the maximum is dictated by the hardware the VM is running on. The hypervisor crashes. The VM crashes. CPU work is queued by the hypervisor.

Retention Write once read many

What cloud records management feature or solution would be most beneficial in a use case where lawyers may want to go through years of data to convict a person suspected of money laundering? (Select all that apply.) Retention Versioning Destruction Write once read many

Proves identity

What does providing a username and password do? Performs MFA Enables ACLs Performs authorization Proves identity

Packet capture software

What kind of tool can you use to capture network traffic for later review? `curl` Packet capture software OpenSSL client Packet analyzer software

Streamlined processes for greater efficiency Faster deployments

What process improvement benefits would an organization realize by allowing developers to create their own development environments from templates in the cloud, rather than having to wait for on-premises administrators to create the environments for them? (Select all that apply.) Streamlined processes for greater efficiency Faster deployments Less infrastructure investment Greater collaboration opportunities

Hybrid

What sort of network setup would allow your services to function even if your external cloud provider was down? Hybrid Public Private Community

503

When a server fails, the status code _ is returned. When a status code that begins with a "5" is submitted, it means that there is a server-side problem.

Deactivate default account Default settings and accounts are a particular vulnerability for newly deployed servers and network devices. It is critical to change or reset the passwords for these accounts or completely disable the accounts, if possible.

When deploying a virtual appliance onto the Microsoft Azure platform, what action can prevent an unauthorized person from signing on to the system with elevated privileges? Deactivate default account Run Azure Defender Run Nessus scanner Install a hotfix

Business needs analysis Solution requirements

Which documents help client organizations relate capacity planning to business goals? (Select all that apply.) Business requirements document (BRD) Audits Business needs analysis Solution requirements

Centralized data storage Efficient application of software updates

Which of the following are considered benefits of server virtualization? (Choose two.) Faster network access Centralized data storage Efficient application of software updates Cheaper software licensing

Protection against natural disasters Scalability

Which of the following are defining benefits of migration to cloud service solutions? (Select all that apply.) Cost savings Colocation Protection against natural disasters Scalability

CPU frequency CPU frequency is not normally monitored to make sure it conforms to a baseline. CPU time and wait time are the normal metrics recorded related to the CPU.

Which of the following is NOT a metric that would be measured to confirm it meets the baseline? Virtual switch average bytes sent/received CPU frequency Peak memory usage Write IOPS

D. N -1

Which of the following is a best practice to avoid undiscovered vulnerabilities or zero-day attacks? Firmware update Rollback OS patches N -1

Public keys encrypt, private keys decrypt. File encryption systems normally use a public key to encrypt and a private key to decrypt.

Which statement regarding file system encryption is correct? Private keys encrypt, public keys decrypt. Hashing algorithms require a private key. Public keys encrypt, private keys decrypt. File encryption requires a symmetric key.

Vulnerability scan

Which type of security test passively identifies weaknesses of an unknown network? Vulnerability scan White-box test Subnet scan Penetration test

Missing dependencies In some cases, missing software dependencies that have not yet been updated can cause higher-level updates from applying correctly. This can sometimes result in the rolling back of failed updates.

While applying patches to similarly configured Linux virtual machines, you receive alerts that the patches failed to apply to some systems. What is the most likely reason for the failure? Missing dependencies Insufficient permissions Insufficient network bandwidth Missing baselines

Price fluctuations Service changes

While considering upgraded service to their current cloud model, a company's leadership consults a technical specialist regarding the best options. The company has concerns about being locked in with a single CSP. What are some of these concerns? (Select all that apply.) Price fluctuations Organization-wide resource integration Service changes Cloud-specific storage formats

RPO Recovery point objectives (RPOs) measure the amount of data an organization can acceptably lose. The RPO should be used to determine the appropriate backup job frequency.

While deploying an online eCommerce server, an organization states that in the event of a system crash, 8-10 hours of data loss is all that it can tolerate. When documenting a disaster recovery plan, engineers use this information for which metric? RPO RTO MTTR SLA

Vulnerability The N -1 approach to updates is based on the simple concept of determining a current update and utilizing one less. Not using the most current updates can expose vulnerabilities.

While practicing a patch management strategy, a systems administrator decides to follow a N -1 approach. What does the administrator document as a negative to this approach? Vulnerability Rollback Testing Automation

control

With software-defined networking (SDN), the _ plane is a layer of programmable or configurable control of multiple network devices. These devices are decoupled from the individual network devices.

3389

You are configuring a remote connection for a user workstation. What port must be allowed through the firewall for a Remote Desktop connection? 22 389 23 3389

Paging

_, like swapping, is a memory management method that stores and retrieves data from a secondary storage source to utilize in the primary memory system.

429 Some services may impose rate limits, resulting in a 429 response status code. Codes starting with "4" signify a client-side problem.

developer is working on a natural language processing application that uses application programming interface (API) requests via Python scripts in order to generate natural language responses. The developer believes the application may not be functioning as intended due to API requests exceeding limits imposed by the provider of the resource. What status response codes might the developer expect to receive when exceeding API call limits? 301 503 505 429

Generic network virtualization encapsulation (GENEVE)

is a combined standard for VXLANs and network virtualization using generic routing encapsulation. It accommodates differing capabilities/needs of devices in network virtualization. This can improve network efficiency, but not in the specific hardware-optimized manner prescribed.

Function as a Service (FaaS)

is a serverless application solution that offloads capacity planning, hardware, OS, and web server management tasks to the service provider. Examples include certain Azure functions and the Google Cloud App Engine.

Stateless transfer tunnel (STT)

is a third implementation. Another VLAN extension use case is for traffic mirroring. This feature permits network traffic to be sent on a second network, specifically one that contains network auditing, threat analysis, or troubleshooting appliances.

Virtual machine (VM) replication

is the creation of backup VM versions kept and used to restore the machine in the event that data gets corrupted or lost. _ the backup VMs for testing can assist with disaster recovery efforts.


Kaugnay na mga set ng pag-aaral

Auditing 05: Substantive Tests of Cash

View Set

accounting finalGAAP refers to guidelines for accounting information in the United States. The acronym GAAP in this statement refers to​ ________.

View Set

MKT 300 Exam 2, Exam 2- Chapter 7, MKTG 3832 Exam 2 Williams, Chapter 7: Business Marketing, Test 2 ch. 7-12

View Set

Chapter 14: Gays, People with Disabilities, and the Elderly

View Set

Sub-queries and MERGE statements

View Set

Chapter 7: Concepts of Bio Midterm

View Set