Cloud+
A web-based dashboard is being deployed by your company. Hank has been tasked to defelop the application but is concerned that the application must pull data from many different cloud locations and devices. What is a good interface for him to use to meet his requirements?
API
During a disaster recovery switchover, what network services may need to be modified as part of a multisite failover to the backup site?
All of the above
JIm has added a new group of users to his IaaS-based NoSQL database. What license requirements does he need to investigate to ensure compliance?
All of the above
Jeff has been monitoring resource usage increases in his web server farm. Based on trending data he has collected, there will be regular requirements to increase CPU capacity for his web servers as usage increases. Jeff wants to use the automation capabilities of his private cloud to automatically use the orchestration software to add CPU cores as required. What can ne implement to automate this?
Autoscaling
Cloud capacity can be measured by comparing current usage to what?
Baseline
Tipofthehat.com's IT department wants to know what its normal day-to-day web hit count is so it can plan for the upcoming holiday selling season. Jim's job is to measure the incoming web requests and graph them against delay and missed connection counts. What type of data set is Jim Producing"
Baseline
Upgrading to a newer operating system may require that you update what?
Baseline
Storage area networks support which type of storage? (Choose the best option)
Block
Sarah manages user accounts for her company's cloud presence. she has a trouble ticket open with Jill to assist her in accessing an SSD storage volume in the San Paulo region of the public cloud. What kind of user issue is she investigating?
Authorization
Cloud dashboards allow for minitoring and sometimes configuring maintenance operations with the cloud provider. If you have regularly scheduled backups for your cloud storage volumes, you can configure the cloud provider to perform specific operations for you using what backend systems?
Automation
What technology was instrumental in the growth of cloud services?
Automation
Carl has been investigating stale records in his database that were added by ther applications but never deleted or timed out after they were no longer in use. This mappings application is now causing issues with the server addressing and troubleshooting. What system is he looking at?
DNS
Christina has been pinging a new web server by its URL and getting strange and seemingly unexplainable responses from unrecognized systems. She recalls that the new web farm is on a reclaimed subnet that was no longer in use in their cloud server fleet. What would you recommend she investigate to resolve the issue?
DNS
Jerry is expanding a public subnet in his company's e-commerce site. After performing the address change for all of his public-facing web servers, he tested connecting from a bastion host located offshore. He was unable to connect. What does he need to change to allow the remote site to connect ot the web server?
DNS
What is a common cloud-based GUI used to get an overview of your security operations?
Dashboard
What is a visual representation of your current cloud operations?
Dashboard
Large batch processing jobs are common for which type of application?
Databases
What it the ability to automatically and dynamically add additional resources such as storage, CPU, memory, and even servers referred to as?
Elasticity
Dawn has been working in the NOC and has been tasked with performing a root-cause analysis on a recent outage that affected the middle tier web stack in a private cloud. She is looking at the log files generated and notices that there are more than 430 logs that were generated around the timne the site failed. What function does Dawn need to perform to distill all of these log files into a meaningful report?
Event correlation
Jerry is doing a test cutover to his hot site as part of his hot site as part of his company's ongoing disaster recovery preparedness. He notices on his WAN monitoring dashboard that there are peaks of traffic flow from the primary to his hot site. What is he seeing take place?
File transfer
What type of scaling involves adding servers to a pool?
Horizontal
Donald has been tasked by the IT security group in his company to prevent dictionary login attacks to the company's VMs running in a private cloud at a remote data center. You have been brought in to offer him advice to deter the random but steady login attacks. What would you recommend be enabled to help perevent this type of cyber-attack?
Lockout
Harry is the cloud administrator for a company that stores object-based data in a public cloud. Because of regulatory restrictions on user access to sensitive security data, what type of access control would you suggest he implement to meet his company/s security policies?
Mandatory access control
Sarah has been asked to implement a strong user authentication strategy to secure dashboard access to her SaaS cloud services. She wants to use temporarily issued tokens to prevent unauthorized users from accessing her cloud administrator's account. What type of authentication would you recommend that Sarah implement?
Multifactor
Sharon posted a new software update to her company's popular smartphone application. After announcing the release, she has been monitoring her dashboard information and has noticed a large spike in activity. What cloud resource should she focus on?
Network Bandwidth
To collect metrics, you set up your mamagement application to measure what?
Objects
What backup solution requires an administrator or tape jukebox to make it available by inserting a tape or other media into a storage system for retrieval?
Offline
What type of backup system is intended to provide quick restore access of needed?
Online
These cloud-based systems abstract and hide much of the complexity of modern cloud systems and also reduce operational errors by execurting tested cloud systems, scripts, workflows, or runbooks to make sure the systems are configrued correctly.
Orchestration
What are complex software systems that automate cloud operations and are offered by companies such as Chef and Puppet called?
Orchestrations
Tom has been performing an ongoing inventory of his public cloud assets and has found a number of storage volumes, CPU allocations, VMs, and firewall instances that are not connected to any project and are not being used. What services is Tom collecting data on?
Orphaned resources
Judy is migrating a Linux OS from running on a dual-slot, eight-core server in a private cloud to a VMware-based server in the public cloud, what type of migration would she perform?
P2V
Jill logs into her NoSQL database server residing in a private subnet on a public cloud. She needs to verify network connectivity with the application tier. What utility can she use as a quick connectivity test?
PING
Harry is investigating cloud service modeels and wants to outsource the security responsibiltiy to the cloud company and not have to take responsibility for maintaining and patching the operating systems. Which service model will meet his requirements?
PaaS
Liza is reviewing the maintenance responsibilities between her company and its public cloud service provider. She notices that the cloud provider takes responsibility for the operating system, and hse needs to assume responsibility for any applications or services running on the operating system. What type of service model is she operating under?
PaaS
What cloud model delivers all services except the application?
PaaS
Harold's getting alarms from the public cloud's application load balancer about security failures. Harold reviews his problem resolution documentation to investigate, and there have been no troubles reported in the past year. The load balancer has been configured to offload port 443 web traffic from the backend fleet of web servers. As a Cloud+ consultant brought in to assist, what should he be the focus of the investigation?
Certificates
During a recent downtime window, the server team was applying patches to an application, and the networking team was upgrading a router's interface to 10Gbs. When the network was down for the upgrade, the server team complained that they could not download the needed software patches. During a post-downtime status meeting, it was determined that which process should be modified to prevent this from happening in the future?
Change Management
Allison is preparing to modify a network access control list and add three firewall rules to her private cloud HR systems. She is planning on submitting a detailed plan to accomplish these tasks. What process is Allison following?
Change management
Who does responsibility for stored data integrity in the cloud belong to?
Cloud Customer
Reports are generated where?
Cloud management and monitoring application
What are tightly cooupled computers that allow for software patching without incurring downtime called?
Cluster
Jack is preparing to update his company's business continutiy with details on its DR backup site. His plan is to have a facility ready with floor space, power, and colling that has facilities for him to load in his server racks to restore service. What type of DR implementation is Jack deploying?
Cold site
To promote consistent cloud monitoring and reduce configuration overhead, Lisa has created a number of policies to obtain baseline data. What type of policies is Lisa creating?
Collection
Elaine works in IT security and is reviewing user count policies. She needs to strengthen passwords by enforcing a mandatory minimum of a nondictionary word that is six or more characters in length, contains at least one uppercase letter, and contains a special character. What is she defining?
Complexity
cloud segmentation enhances security for cloud-based applications. What services is it a best practice to segment?
Compute
Robert has been tasked with creating an access control solution for his company's fleet of servers in a hybrid cloud configuration. He has been asked to define the requried tasks and then to put users, groups, and servers into this task-based implementation. What type of access control should Robert deploy?
Roles
You have been asked to update your entire fleet of Internet-facing web servers to remediate a critcal bug. Your supervisor has agreed to operate under reduced computing capacity during the process but stipulates that there can be no downtime. What upgrade approach should you recommend your company follow to meet these requiremts?
Rolling
Carrie is researching various remote access options to access her Linux servers in a public cloud. She has been asked to provide a standardized and secure solution that protects against snooping. As a Cloud+ architect, you have been asked to assist. What protocol would you advise she implement?
SSH
What backup method creates a file-based image of the current state of a VM including the complete operating system and all applications that are stored on it?
Snapshot
Will is running his backup DR site in a DNS load balancing rotation for testing. He needs to ensure that the databasee in the DR facility is updated in real time and current with the production replica in the primary data center. What type of updates should he define in his primary data center servers prior to enabling DNS load balancing?
Synchronous replication
What are software representations of a cloud network?
Templates
The remote disaster recovery location follows the warm site model. To configure the network switches, routers, and firewalls remotely, Mark will need serial port access from his company's operations center. He has 14 serial ports currently but needs to be prepared for any unplanned expansion requirements during a disaster recover cutover. What device would you recommend he implement at the warm site?
Terminal server
Databases capacity can be added by scaling horizontally
True
Hank goes to his local bank and inserts his card into the ATM and enters his PIN on the keypad. What type of authentication is he participating in?
Two-factor
Performance issues are measured by the load on a system. Which of the following should Jane be concerned about as she integrates her new marketing group into her PaaS cloud fleet?
Users
Mary is a Cloud+ certified security consultant for her company. She is researching enhanced security access systems. What could she suggest that requires something you have and something you know?
multifactor
What deployment system offers a strctured process for a series of actions that should be taken in order to complete a process?
Workflow
What application tracks a process from start to finish?
Workload
An intern at your company is asking about the mappings between the layer 2 MAC address and the gateway router. He wants to verify that the VM has the correct network mapping information. Which utiltiy would you tell him to use to gather this information?
arp
Pete is concerned about sotred data that is replicated to a standby zone but not immediately. The delay means there is going to be a short period of time where the data is not consistent. What storage replication service ensures eventual consistency?
asynchronous
What is the process of determining the identity of a client usually by a login process?
authentication
What backup method is used to create a master copy of an image that can be used as a template to create additional systems?
clone
A medical records company wants to take advantage of a complex application but wants to realize the cost savings by accessing a shared instance of the application hosted in the cloud. Because of regulatory requirements, what type of cloud delivery model would you recommend they use?
community
A national tax preparation firm is accessing industry-specific productivity applications in the cloud; many other tax preparation companies are also subsribing to the same service. What model of cloud are they accessing?
community
James is troubleshooting a DNS issue and wants to look at DNS frames being sent and received from his network adapter card on a web server. What utility would he use to collect the traces?
tcpdump
Sharon is unable to reach her Linux-based web server hosted in the Singapore zone of the cloud. She is located in Austin, Texas. What utility can she use to verify the connection path?
traceroute
You work in the financial services industry and are required to encrypt your data at rest in the public cloud to comply with securities regulations. You want to implement a strong encryption protocol that is widely approved by industry best practices. Which one of the followintg meets your requirements?
AES-256
Computer operating systems have mechanisms that grant rights to users for access to system objects like storage volume directories and files, administrator rights, and so on. What should you monitor to make sure that old or unused entries are deleted?
Access control
Christina is configuring her public cloud object storage bucker for granular access from a new Linux VM. She wants to set the permissions on the storage system. What would you recommend?
Access control list authorization
To meet regulatory requirements, Jill must sotre customer transaction records for seven years. The data will most likely never be accessed after the second year and can be stored offline if possible to reduce storage costs. What type of storage operation can Jill implement to achieve her goal?
Archive
Data replication is often used to store copies of real-time data in remote zones. When there is a need to have the master data immediately updated, and then on th backend, update the remote zones, what type of replication would you recommend your operations department to configure?
Asynchronous
Multiple users are complaining that they cannot access a cloud-based collaboration system. The operations center has been investigating and has, so far, verified that the MFA applications are operational. What user system are they troubleshooting?
Authentication
Your company's primary application is critical to the power generation industry and must be highly available. When critical patches need to be installed, downtime is not an option that your customers can tolerate. You have designed a web architecture to take this into account and that allows you to have an exact copy of your production fleet that can be brought online to replace your existing deployment for patching and maintenance. What type of model did you implement?
Blue-green
Ethel is the network architect for a hybrid cloud operation and has interconnected her private cloud to a community cloud in another province. She is investigating using the community cloud to supplement her private cloud operations during end-of-month processing. What operation is she going to perform?
Bursting
What is a long-standing text-based interface that is used to configure network services both locally and remotely?
CLI
Hank just completed running some security automation scripts on his new fleet of application virtual machines. After applying intrusion detection, virus, and malware protection on the Linux images, he notices an increase in which VM metric on his management dashboard?
CPU
API request capacity is measured with what metric?
Connections per seconds
What is a compliance requirement to be certified to meet the U.S. Deaprtment of Defense security requirements for contractors working with the U.S. Department of Defense?
DIACAP
To increase Tipofthehat.com's security posture, Allison is reviewing her company's user accounts that access the fleet cloud resources. Allison notices that the summer interns have left to go back to school but their accounts are still active. She knows they will return for the winter corporate announcements and new products rollouts to assist in the project over winter break. What would you suggest Allison do with these accounts?
Disable the accounts
What DR location can be used to cache data closse to your customer and ease access to lyour fleet of web servers?
Edge
These cloud facilities provide the ability to connect locally for fast, low-latency connections to the DR location. They can also store, or cache, data at these locations for very fast responses to local user requests.
Edge location
Dale has been monitoring storage volume utilization and is writing a change request to add capacity. He has decided to automate the volume allocation size. What cloud feature can he take advantage of?
Elasticity
What is the National Institute of Standards and Technology publication that coordinates the requirements and standards for cryptography modules?
FIPS 140-2
Christina is investigating obtaining compliance for her employer, which is a large public cloud company. She has been asked to provide a report on the process to enable her company to host a large US federal government database. Which compliance certification is she investigating?
FedRAMP
What identity system gives multiple descrete organizations access to your NoSQL community cloud database via your cloud-based application server?
Federations
What service provides permit and deny policies that require regular review to delete unused entries?
Firewalls
What backup type offers the advantage of a complete and up-to-date copy of your data in one operation?
Full
Jim has a critical slerlvelr in the application tier of his cloud-based deployment. He is looking at a device-specific security solution to add defaense-in-depth capabilities to his currently deployed network-based security defenses. He has been researching ways to mitigate potential hacking attempts. What is a good solution for him?
HIDS
Mary's boss has asked her to investigate moving the company's medical records to the cloud. What compliance mandate must the cloud provider meet for Mary to recommend deploying her company/s operations to the cloud?
HIPPA
Sharon has been directed to put together a disaster recovery plan based on directives from her company's executive management team. The company's core business is operating an e-commerce website selling winter apparel with 85 percent of its revenue received during the holiday season. If there was a prolonged outage, it would put the company"s ability to continue as a financially viable operation in peril. Sharon has been instructed to create a plan that will restore operations in the shortest amount of time possible. What DR model should she implement?
Hot Site
What type of software change is designed for rapid deployment and to correct a specific and critical issue?
Hotfix
Your company has decided to interconnect its cloud services with three different service providers. What type of cloud delivery model is it creating?
Hybrid
What systems monitor the network and report security issues?
IDS
Mike has been investigating multiple hacking attempts on his cloud e-commerce web servers. He wants to add a front end with a service that actively takes countermeasures to shut down the hacking attempts. What application would you suggest that Mike depoly?
IPS
You have been asked to investigate cloud-based VPN access from your corporate data center that offers data integrity and confidentiality. Your manager does not want to incur the costs of a dedicated circuit to the cloud provider. What connection protocol would you suggest be implemented that can offer a secure connection accross the unsecure internet?
IPSec
What cloud model delivers server hardware with no operating system?
IaaS
What type of backup operation is based on the change of the source data since thee last backup was performed?
Incremental
Your cloud provider's data center is in an industrial park with no company signage, extensive video cameras in the parking lot, and biometrics at the guard shack. What type of security is the provider implementing?
Infrastructure
When monitoring performaince metrics on one of your servers, you notice that the server is utilizing 100 pwercent of the network bandwidth available to it. What modification could you make to the server that will most likely address the problem?
Install a second network adapter
A constantly changing six-digit numerical token is used in what type of cloud service?
MFA
Which of the following is not included in the application life cyc le?
None of the above
Which of the followintg is not a statistic that you would typically find in a server?
OS update history
What is the process of complicating the ability to read stored data?
Obfuscation
SaaS orchestration systems are whose responsibility in the public cloud?
Provider
Before a new patch is released to the public, the release manager at a large software development house has requested a report that shows the pass/fail data to verify that the fix does, in fact, work. He is requesting data about the issue it was intended to fix and the results of the tests done to make sure that the fix does not interfere with other processes and that there are no memory or buffer issues experienced with the patched version of software. What process is he verifying?
QA
Terri is planning on implementing physical disk redundancy on her SQL database in th public cloud. she is creating specifications for her virtual machine image that will become the template for the database servers. What type of disk redundancy options could she implement to meet the needs of a SQL deployment?
RAID
Which storage type stripes file data and performs a parity check of data over multiple disks that can recover from a hard disk failure?
RAID 5
Nick is setting up a new fleet of IIS web servers in his IasS e-commerce site. The company has elected to use a hybrid approach and desires graphical connecttions to the Windows bastion hosts. What traffic must he permit through the external-facing firewall to the host?
RDP
James has been directed by his employer's finance department that they cannot afford to lose any more than 30 minutes of data in the case of a database failure or ther catastrophic event. James has updated his corporate business continuity plan and has had his cloud provider update its SLA. What was the metric that was changed?
RPO
Mark has been reviewing disaster recovery planning, and after receiving direction from his company's board of directors, it has been determined that they can only withstand a maximum of 36 hours of downtime. mark is updating his DR plan with this new metric. What part of the plan should he modify?
RTO
To meet regulatory requirements, your company must provide geographical separation between active and backup data of certain medical records your company collects and processes in Germany. The requirements stipulate that the data cannot leave the country and must be in two or more data centers. As the cloud professional for your company, what recommendations would you offer to meet these requirements?
Remote
To make sure that all users are allowed to access only apporved resources, Marie is auditing her public cloud identity systems. She wants to control specific access and operations. What is Marie defining?
Resource access definitions
A cloud service provider allocates resources into a group. These resources are then dynamically allocated and reallocated as the demand requires. What is this referred to as?
Resource pooling
Jerry is learning about cloud storage systems, she is interested in learning about high-speed network storage solutions, What would you recommend she focus her research on?
SAN
Jill is reviewing a document from her secondary community cloud provider, what is the document that outlines specific metrics and minimum performance that is offered by the cloud provider?
SLA
Object tracking should be aligned with which of the following?
SLA
What is a report for the public disclosure of financial controls and security reporting that does not contain sensitive and technical information called?
SOC 3
Brad has been tasked with encrypting data in flight into his e-commerce presence in a community cloud. He is investigating standards-based secure solution that web customers can easily implement to ensure transactions. What is a good solution that you would recommend to Brad?
SSL
Hank works in his e-commerce company's IT security group and has been tasked to investigate options that will allow customers to securely access their personal records stored on the cloud deployment from their smart phones. What is the most common in-flight e-commerce security posture on the market?
SSL/TLS
Jill is planning on optimizing and controlling user access by implementing a technology that will allow access to all allowed systems at the time of user authentication. She is implementing the LDAP protocol to enable this service. What is she planning on deploying?
SSO
Dimitry has been tasked to develop a cross-cloud provider migration plan as part of his company's business continuity plan. As he assesses the feasibgility of migrating applications from one public cloud provider to another, what does he find is the service model that has the most lock-ins and is the most complex to migrate?
SaaS
What cloud model delivers all services, including the application
SaaS
What is the process document that outlines your company's responsibilities in safely deploying your fleet of servers in the public cloud?
Security Policy
Connie has noticed an increase in the response time of the SQL database application she runs in her IaaS deployment. When comparing current results against her baseline measurements that she recorded when the database was deployed, she verified that there has been a steady increase in the number of read requests. What should she focus her troubleshooting on?
Storage
What determines the size of a groups of servers sharing the same network range?
Subnet
The backend fleet of web servers is intermittently failing load balancer health checks and dropping out of the pool. You are involved in troubleshooting and begin your investigation by making sure the web application is operational. What approach are you undertaking?
Top down
What system was developed to address the different types of storage needs a cloud consumer may require for availabliltiy, response times, backups, and economics?
Tiering
Kelly has picked up a trouble ticket that shows the connection between the Toledo fiield office and the Detroit cloud edge location has dropped. She confirms it is a secure Internet-based access solution. What type of connection is this?
VPN
Samantha has been monitoring her cloud web server dashboard and noticies that the CPU utilization on her company's database servers has been consistently at more than 80 percent utilization. She checked her baselines and reported that 57 percent utilization is normal. What is she noticing?
Variance
Your company has purchased a specialized intrusion prevention system that is virtualized and designed for cloud-based network microsegmentation deployments. When reading the documentation, Sam notices a link to download a Java-based application to monitor and configure the IPS. what kind of automation system is this?
Vendor based
What type of software update may offer new features and benefits in addition to bug fixes?
Version update
What type of scaling involves replacing an existing server with another that has more capabilities?
Vertical
Mindy has a SQL database back end that runs on a multi-CPU instance that has reached 100 percent utilization. The database supports a single server. What options does she have to support the requirements of this database?
Vertical scaling
Hank is preparing a disaster recovery test drill in advance of the upcoming hurricane season along the Gulf of Mexico. His plan is to create a DR location in the Midwest and have a database server running at that location with a synchronously refreshed data replica. His DR plan calls for activating all other services in the event of a hurricane causing an outage at his primary data center. What model is Hank going to deploy to meet his requirements?
Warm site
Allison is in the process of migration graphical vendor management utilities away form locally installed applications on her desktop and to an approach that does not require any local installations and will be easier to implement and use. What approach would meet these requirements?
Web
Cloud operations are the responsibility of both your organization and the cloud service provider. What model defines what you are responsible for and the responsibility of the provider?
shared responsibility
Donna logged into her cloud bastion host by making an SSH connection from her operations center desktop. She uses the Linux host to connect to other systems in the private cloud. She needs to add an access control list rule to allow the bastion server to access a new subnet. she needs the source IP address of her host. What command can she run on the server to collect this information?
ifconfig
Which cloud characteristic allows you to access a self-service portal to instantly create additional servers, storage, or other services?
on-demand
What systems do cloud providers implement for rapid deployment of customer-requested services?
orchestration
Which cloud characteristic allows you to pay for only the services used?
pay-as-you-grow
What is the process of testing your cloud access to determine whether there is any vulnerability that an attacker could exploit?
penetration testing
Carl is documenting his employers cloud deployments and needs to label the cloud delivery model is used by his single organization. As a Cloud+ consultant, what would you suggest he name his internal cloud?
private
Cloud service providers will often segment their operations to allow for resiliency, survivability, and geographic proximity. What are these geographical segmentations referred to as?
regions
Which of the following is not a valid pooled resource?
security
Server Interfaces are grouped together or aggregated into channel groups for additional throughput and fault tolerance. The LAN interfaces in the server are connected to what device in a hypervisor?
virtual switch