CompTIA Cloud+ set 1

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

The ________________ layer of the PaaS model allows control over the deployed applications and configuration settings of the platform.

Management

In a PaaS model, which service stack is hosted and operated by the PaaS vendor and typically co-located to the PaaS environment inside the same infrastructure?

Native services

Jerry is learning about cloud storage systems and she is interested in learning about high-speed network storage solutions. What would you recommend she focus her research on? SSO NAT RBAC SAN

SAN

orchestration

Orchestration systems coordinate and process tasks, functions, and workflows of cloud operations without the need for human intervention.

data classification

Organizing data into different tiers or categories for the purpose of making data available as required and to meet regulatory requirements, mitigate risk, manage risk, and secure data.

Being able to create websites and web services quickly is an example of which of the following?

PaaS

Being able to create websites and web services quickly is an example of which of the following? (CLOUD CHARACTERISTICS)

PaaS

In the _________ cloud service model, the consumer makes use of the interfaces provided by the service provider and develops, implements, and deploys applications.

PaaS

Virtual Servers

Run in cloud data centers

Automated Tiering with Lifecycle Policy

S3 bucket --> archive after 30 days --> Glacier --> delete after 7 years

Maximum Transmission Unit (MTU)

The standard largest Ethernet frame size that can be transmitted into the network: 1,518 bytes.

The goal of ITSM is to ensure that IT functions efficiently and that its processes are also in alignment with the needs of the business.

True

The goal of ITSM is to ensure that IT functions efficiently and that its processes are also in alignment with the needs of the business. (CLOUD IMPACT ON BUSINESS)

True

True or False: A Private Cloud can be located at a service provider's data center .

True

Risk Avoidance

changes the organization's business practices Ex: if there's risk of flood, move the data center

Storage Units

1 megabyte = 1,000 kilobytes 1 gigabyte = 1,000 megabytes 1 terabyte = 1,000 gigabytes

IAM is part of what area of ITIL? A. Information Security Management B. Service Transition C. Change Management D. Incident Response

A

Redundant Array of Independent Disks, RAID level 1 (RAID 1)

A complete file is stored on a single disk, and then a second diskcontains an exact copy of the same file stored on the first disk.

default network

A router interface on the local subnet that connects to the outside world. It gives computers on one network a path to other networks.

maintenance window

A scheduled time that maintenance can be performed and outages are planned for ongoing support of operations.

demilitarized zone (DMZ)

A section of the network that often hosts systems and servers that need to be accessed by the outside world via the Internet as well as internally

workflow

A series of steps or activities required to complete a task.

consumer

A company or organization that purchases and uses cloud computing services.

Some forms of encapsulation being used in VPNs are:

- GRE- VXLAN- VLAN

Amazon launched in:

2006

Workloads in the Cloud

21% non-cloud 38% public cloud 41% private cloud

Data centers will use how many TWh of electricity by 2025?

915 TWh

A webmail service hosted by an MSP for which of the following is considered a private cloud? A. A single company ​B. Nonprofit companies ​C. Many companies D. Marketing companies

A

An IT organization tends to be more concerned about service reliability than resource availability when they move to the cloud. True or false? A. True B. False

A

warm site

A disaster recovery backup site where the remote is offline except for critical data storage, which is usually a database. The rest of the site infrastructure needs to be enabled.

security policy

A document that defines your company's cloud controls, organizational policies, responsibilities, and underlying technologies to secure your cloud deployment.

graphical user interface (GUI)

A graphical representation commonly used to create, configure, manage, and monitor cloud resources and services.

Python

A high-level programming language.

A webmail service hosted by an MSP for which of the following is considered a private cloud? A. A single company ​B. Nonprofit companies ​C. Many companies D. Marketing companies (Official Sample Questions provided by CompTIA)

A. A single company

Which of the following is the MOST widely used example of cloud computing? A. Business ratings ​B. Online email ​C. Online education ​D. Geo-caching

B

Security Groups

Allow us to modify firewall rules for our EC2 instances

Cybersecurity Triad

Confidentiality, integrity, availability Backups are the primary way we ensure availability of data

Which property is associated with thin provisioning? A. Compression B. Tiering C. Strict reservations D. Dynamic expansion

D

Within IT, what does CMDB stand for? A. Cloud Management Database B. Configuration Management Database C. Cloud Management Data Block D. Configuration Monitoring Database

B

What is the point of a Blue - Green deployment model? A. Both environments can serve requests increasing scalability B. To permit testing, one of the two deployments is not active C. Each deployment is in a different region to increase HA D. Each deployment always runs a different code version

B

What type of scaling includes adding additional servers to an existing pool? Horizontal Round robin Elasticity Auto-scale Vertical

Horizontal

What took place in the 1960s that was an early example of the cloud technology we see today? A. Web-based E-mail B. Expensive computer hardware was shared C. Application Service Providers D. Service-oriented Architecture

B

IaaS stands for? (CLOUD CHARACTERISTICS)

Infrastructure as a Service

What type of app might be an excellent first choice for migration? A. Monolithic B. Simple desktop productivity app C. Transaction-based D. Mission-critical

B

When it comes to performance, which of the following is critical when trying to ensure a successful cloud adoption? A. Replication B. SLA C. Time D. Rate per MB

B

Which AWS S3 technology allows for the cloning of original files before modification to them? A. Encryption B. Versioning C. Bucket Mirroring D. Object logging

B

Which of the following is NOT a recognized cloud classification model? A. IaaS ​B. QoS ​C. PaaS ​D. SaaS

B

Which of the following is a common measurement tool for performance statistics that provides a starting point? A. Set B. Baseline C. Group D. SLA

B

Which of the following is not a cloud deployment option? A. Public B. Open Standard C. Private D. Community

B

Server virtualization allows the underlying physical server hardware to be shared. (CLOUD CHARACTERISTICS)

True

Which of the following is not a negative indicator for a company moving to the cloud? A. Possessing a large data center B. Failing to meet increased demand C. Compliance issues D. The need for assured operational characteristics

B

cipher

Any method of encrypting data by concealing its readability and meaning.

Default Deny Principle

Anything that is not explicitly allowed should be denied

Which of the following automation tools is a defined means to programmatically access, control, and configure a device between different and discrete software components? Application Programming Interface Vendor-Based Solution Command Line Web Graphical User Interface

Application Programming Interface

Which of the following are consumers of PaaS? (Select all that apply) Application Users Application Testers Application Developers Application Administrators Cloud Service Providers Application Deployers

Application Users Application Testers Application Developers Application Administrators Application Deployers

In IaaS, which of the following components is NOT managed by cloud providers? Applications Servers Storage Networking

Applications

well-known port numbers

Applications that are assigned their own unique port number in the TCP/IP specification.

To meet regulatory requirements, a medical records company is required to store customer transaction records for seven years. The records will most likely never be accessed after the second year and can be stored offline to reduce expenses. What type of storage should they implement to achieve the goal? File transfer Archive Replication Data store

Archive

Which of the following is not a service phase in ITIL? A. Operation B. Disposal C. Transition D. Strategy E. Design

B

In the PaaS service model, the __________ layer is responsible for pushing, starting, and stopping of applications.

Management

The _______________ identifies customer requirements and makes sure that the cloud service provider meets the requirements before agreeing to deliver the service

Business Relationship Manager (BRM)

Which of the following is NOT a recognized cloud classification model? A. IaaS ​B. QoS ​C. PaaS ​D. SaaS (Official Sample Questions provided by CompTIA)

B. QoS

How can the internal IT department successfully react to cloud computing?

By becoming an internal cloud provider

How might an organization successfully implement a SaaS strategy?

By managing the risks that are associated with bringing in external providers

How does cloud computing help an organization as new opportunities arise? (Choose two.) A. Shifting operating expenses to capital expenses B. Speedy addition of computing resources C. Less cost for new server hardware D. Speedy removal of computing resources

BD

Regarding automation, why is the need to troubleshoot so common? (Choose two) A. Newness of the approach B. Level of complexity C. Stability of the Internet D. Lack of feedback

BD

What type of architecture is best suited if an application involves computationally intensive operations that requires work to be broken down into tasks that can run simultaneously?

Big Compute

Cloud Native

Born on the cloud, tech startups

What does Microsoft use as a virtualization product? A. vSphere B. Fusion C. Hyper-V D. ZenWorks

C

[Blank] and [blank] give cloud customers a competitive advantage. A. Integrity, confidentiality B. Availability, integrity C. Time to market, collaboration D. Collaboration, confidentiality

C

in-house computing

Computing systems hosted and managed by a company.

A service is ________ if it provides functionality that logically belongs together. Services are ___________ if you can change one service without changing the other.

Cohesive, loosely coupled

baseline

Collected data that provides trend analysis and capacity utilization information measured over time to determine average or expected metrics of a service in normal operation; a point-in-time view of operations that needs to be constantly tracked as part of your ongoing operations.

ping

Command-line utility used to verify that a device is available on the network and to get a reading of the response time at that moment in time.

List 2 advantages of layered architecture.

Consistency & standardization

You must ensure that your business computing resources can quickly grow as business demands change. Which of the following allows this? A. Confidentiality B. Integrity C. Availability D. Scalability

D

[Blank] protects data contents, while [blank] ensures that data has not been tampered with. A. Availability, scalability B. Integrity, confidentiality C. Scalability, availability D. Confidentiality, integrity

D

In using a structured approach to explore the potential impact of cloud computing in an organization undergoing the impact and changes that occur during Cloud service adoption, which of the following is an ITIL Service Lifecycle consideration? A. Service Occurrence ​B. Service Optimization ​C. Service Ownership D. Service Operation (Official Sample Questions provided by CompTIA)

D. Service Operation

Order these troubleshooting methodology steps with the first step on top to the last step on the bottom. A. Establish a theory B. Implement preventative measures C. Establish a plan of action D. Identify the problem

DACB

Cloud bursting can alleviate which of the following attacks? Brute force XSS Buffer overflow DDoS

DDoS

Data layer consists of: (Select all correct answers) Data Access Components Service Agents Business Workflow Data Helper and Utilities

Data Access Components, Service Agents, Data Helper and Utilities

What is the National Institute of Standards and Technology publication that coordinates the requirements and standards for cryptography modules? FISMA FedRAMP FIPS 140-2 PCI-DSS

FIPS 140-2

Louis is a DevOps engineer and is exploring the different options available to him to automate VM troubleshooting in a private cloud. What are common interfaces that you would suggest he investigate? Each correct answer represents a complete solution. Choose three. GUI SNMP API PaaS CLI

GUI API CLI Application programmable interfaces, command-line interfaces, and GUI-based interfaces are all commonly used tools to migrate, monitor, manage, and troubleshoot cloud-based resources.

Which of the following is the process of adding cloud capacity by expanding your current server fleet by adding systems? Horizontal scaling Elasticity Autoscaling Vertical scaling

Horizontal scaling

Harold is drafting a change document to migrate a back-office application from his company's private cloud to a global public cloud provider. As part of the migration, he plans on directly interconnecting the two clouds. What is this type of cloud? Public Hybrid Community Private

Hybrid

Network security

IP addresses Firewalls

Which of the following cloud computing services enables a consumer to outsource computing equipment purchases and running their own data center? NaaS IaaS SaaS IDaaS

IaaS

Which of the following cloud services would be used to pay for hardware when it is being used for computing, network space, and storage over the Internet?

IaaS

When monitoring performance metrics on one of your servers, you notice that the server is utilizing 100 percent of the network bandwidth available to it. What modification could you make to the server that will most likely address the problem? Add memory to the system Install a second network adapter Update the network adapter's firmware Install a second processor

Install a second network adapter

What is sandboxing?

Isolating each guest OS from the others and restricting what resources they can access and what privileges they have

Which of the following does the server virtualization layer do?

It allows the underling physical server hardware to be shared

Federal Information Security Management Act (FISMA)

It is a U.S. federal law that outlines the framework to protect federal government information, operations, and facilities.

Which of the following is indicated by a high number of variations of different virtual servers?

Lack of automation of virtual machine image manufacturing

mainframe computers

Large centralized computing systems.

Who uses horizontal scaling?

Large scale businesses Ex; big websites

Which of the following risk results if cloud computing providers limit their Service Level Agreement (SLA) liabilities?

Legal risk

Which of the following risk results if cloud computing providers limit their Service Level Agreement (SLA) liabilities? (CLOUD RISKS)

Legal risk

If your architecture involves a combination of on-premise systems and cloud components, what technology would you deploy to manage communication between them?

Message Broker

**Which of the following is a part of a sector header in a storage system that is used to identify the content of the data? Object ID Extended metadata Metadata Thick provisioning

Metadata -is a part of a file or sector header in a storage system that is used to identify the content of the data. It is used in big data applications to index and search for data inside the file.

netstat

Network statistics utility found in Windows and Linux used to see which network connections are open to remote applications.

quality assurance networks

Networks that are for ongoing offline maintenance to test a company's applications and software systems.

PaaS stands for?

Platform as a Service

PaaS stands for? (CLOUD CHARACTERISTICS)

Platform as a Service

Optimize Web Server

Optimize network

metadata

Part of a file or sector header in a storage system that is used to identify the content of the data.

Port Scanning

Probes systems for open ports

Auto Scaling

Programmatic horizontal scaling Feature of load balancing and can automatically add servers through a launch configuration

Which of the following is NOT a recognized cloud classification model?

QoS

Which of the following outlines specific metrics and the minimum performance or availability level and outlines the penalties for failing to meet the metrics? QOS RDP SLA VPC

SLA

Support

Technical support - when is support available? who is providing support?

load testing

Testing that puts a demand or load on your application or compute system and measures the response.

high availability

The ability of a resource to remain available after a failure of a system.

on-demand

The ability of consumers to access self-service portals to create additional cloud services on demand.

Moore's Law

The number of transistors per square inch on an integrated chip doubles every 18 months, so the price goes down every year

response time

The time to complete an operation.

After deploying new VMs, the system administrator notices that it is not possible to connect to them using network credentials. After logging in, the administrator notices that the NTP servers are not set. Which of the following is most likely causing this issue? Directory services requires the use of NTP servers. The VMs are insufficiently licensed. There is a time synchronization issue. There is a directory services outage.

There is a time synchronization issue.

Virtual Desktop Infrastructure (VDI)

This consists of cloud-hosted PC desktops accessed remotely.

Secure File Transfer Protocol (SFTP)

This is a network file exchange protocol that encrypts the data before sending it over the network.

Virtual private network (VPN)

This is a secure and usually encrypted connection over a public network.

Advanced Encryption Standard (AES)

This is a symmetrical block cipher. Approved and adopted by many governments, including the United States and Canada, to encrypt sensitive data. Adopted as a standard by the National Institute of Standards and Technology.

server capacity

Usually a measurement of the total number of CPUs, CPU frequency, RAM, and storage capacity.

What technology allows for a secure connection over an insecure network? Direct peering IDS VPN AES-256 RDP

VPN

**Physical resources are virtualized and presented as resources to virtual machines running on hypervisors. What common resources does the hypervisor consume? Each correct answer represents a complete solution. Choose two Bare-metal cores Virtual RAM Virtual CPUs RAID Virtual Storage

Virtual RAM Virtual Storage

Which of the following controls network traffic between VMs, including VMs hosted on the same server and VMs hosted on other servers on the physical network? NIC Virtual switch Firewall VPN

Virtual switch

What application tracks a process from start to finish? API NTP Workflow Orchestration

Workflow

RAID 0 RAID level 0 can be used to increase performance, but it does not provide any redundancy.

You have been tasked with configuring the drives on a server. The requirements are to increase performance of the server but redundancy is not required. Which RAID level should you recommend?

Verbose logging If you are troubleshooting an issue and the standard system logs do not seem to provide enough information, you can enable verbose logging. Verbose logging records more detailed information than standard logging and is only recommended to troubleshoot a specific problem.

You have been troubleshooting an operating system issue and have not been able to gain enough information to diagnose the exact problem. What can you enable to get more detailed information about the operating system issue?

HA High availability (HA) is a system design approach that ensures that a system or component is continuously available for a predefined length of time.

Your organization is looking to implement a system design approach that ensures a system or component is continuously available for a predefined amount of time. What type of system design would the organization be implementing?

Entire state of a server is stored on

a disk

IP Address

a number that uniquely identifies a system

Everything we do in cybersecurity is

about managing risk

Network ___________ is the amount of data that can be sent across a network link within a given time.

bandwidth

Network ___________ is the amount of data that can be sent across a network link within a given time. (TECHNICAL PERSPECTIVES)

bandwidth

Upgrading to a newer operating system may require that you update what? SOC 2 Baseline Benchmarking SLA

baseline

What type of cloud data set measures object metrics to determine normal operations? Metric Variance baseline smoothing

baseline

What is the term associated with using a second cloud to accommodate peak loads? Elasticity Vertical-scaling Auto-scaling bursting

bursting

After upgrading an accounting application in your IaaS fleet of servers, you notice that the newly installed features in the upgrade dramatically increase the local processing requirements for the servers. What virtual resource can be increased to account for the new application's added requirements? DMA BIOS IPSec CPU I/O

cpu

Cloud Computing

delivering computing resources to a remote customer over network

As a Cloud+ certified professional, you have been asked to review your company's hybrid servers to ensure they are properly hardened from a malicious attack. You review the servers' active user accounts and see that there are accounts that belong to consultants who review your operations once each year. They are not scheduled to return for 10 more months. What should you do with these accounts? Do nothing Delete the accounts Disable the accounts Change the resource access definitions Modify the confederation settings Change the access control

disable accounts

Likelihood

how likely is it that a risk will materialize?

Multitenancy

more than one client uses the same hardware

troubleshooting

process of diagnosing the cause of an impairment and resolving the issue.

A cloud's network must be _________ and ___________.

resilient and redundant

Private clouds are operated solely for _______________ organization(s)

specific

mean time system recovery (MTSR)

time for a resilient system to complete a recovery from a service failure.

Matts is preparing a change management plan to add CPU capacity to a busy database server used by his order entry department. What type of scaling involves replacing an existing server with another that has more capabilities? Horizontal Round robin Elasticity Auto-scale vertical

vertical

Which of the following is the process of upgrading or replacing a server with one that has greater capabilities? Horizontal scaling Elasticity Autoscaling vertical scaling

vertical scaling

Legal

what jurisdiction governs the relationship? Compliance issues - HIPPA, GDPR, COPPA, GLBA, PCI DSS

Cloud computing delivers IT capabilities that scale with demand, which is a huge benefit to organizations that want to quickly start out. (CLOUD IMPACT ON BUSINESS)

True

Cloud computing is typically based on open Internet technology

True

Cloud computing is typically based on open Internet technology (TECHNICAL PERSPECTIVES)

True

Cloud-related financial risks can be managed by making sure that cloud assets are generating revenue.

True

Cloud-related financial risks can be managed by making sure that cloud assets are generating revenue. (CLOUD RISKS)

True

Data integration is complex in private data centers and is even more so when it comes to the cloud.

True

Data integration is complex in private data centers and is even more so when it comes to the cloud. (CLOUD ADOPTION)

True

Federation is really a form of hybrid cloud technologies

True

Federation is really a form of hybrid cloud technologies (CLOUD ADOPTION)

True

If you do not already know the processes behind your current IT infrastructure, then making changes such as moving to the cloud can be detrimental.

True

If you do not already know the processes behind your current IT infrastructure, then making changes such as moving to the cloud can be detrimental. (CLOUD IMPACT ON BUSINESS)

True

Motion Picture Society of America (MPAA)

published best practices for storing,processing, and delivering protected media and content securely over the Internet.

A cloud's network must be _________ and ___________. (CLOUD ADOPTION)

resilient and redundant

Firewalls act as

security guards, blocking unwanted network traffic

Server Roles

servers generally have a single purpose The more things put on one server the more complex, harder to manage, and less efficient Good from security perspective

Identity and Access Management (IAM)

set of controls and processes that ensure systems have consistent method to identify entities authorized to access systems We want to make sure we know who people are and what they're supposed to be doing on our system

As stated by the National Institute of Standards and Technology, cloud characteristics include:

-Rapid elasticity -Broad network accessibility

Which of the following backs up everything since the last full backup? A. Differential B. Daily C. Read only replica D. Incremental

A

Which of the following commands provides measurements of round-trip network latency? A. ping ​B. route ​C. arp D. nslookup

A

Which of the following featured applications were built using component services that could be distributed across connected systems? A. SOA B. Virtualized APIs C. Distributed middleware D. ASP

A

Which of the following is not a major concern or risk when moving to the cloud? A. On-demand B. Integration C. Security D. Replication

A

Developers build these components in the cloud. A. Federation identity providers B. Cloud load balancers C. SaaS user mailboxes D. Web services

D

For software libraries, which of the following platforms play a vital role in cloud services? A. SaaS B. BPaaS C. IaaS D. PaaS

D

If you're engaged with a Google Cloud IaaS, which of the following should not concern you? A. Disabling unneeded ports and services B. Security patching for VMs C. Installation of anti-malware on the VM D. Physical security of the host

D

In a RAID 6 environment a technician is trying to calculate how many read operations would be made. How many read operations would be required in RAID 6? ​A. One ​B. Four ​C. Two ​D. Three

D

In using a structured approach to explore the potential impact of cloud computing in an organization undergoing the impact and changes that occur during Cloud service adoption, which of the following is an ITIL Service Lifecycle consideration? A. Service Occurrence ​B. Service Optimization ​C. Service Ownership D. Service Operation

D

Regarding cloud technology, what does BCP stand for? A. Backup Colocation Procedure B. Big Compute Processing C. Business Progress Planning D. Business Continuity Plan

D

The organized controlled collection, and execution of many tasks is what in the cloud? A. Scalability B. Scripting C. Automation D. Orchestration

D

To convey the identity of a user, which of the following is passed between a federation server and a domain? A. Username and password B. SID only C. Password only D. Token

D

What does GRE offer for security when it tunnels IP traffic? A. DES B. AES C. 3DES D. Nothing

D

What type of replication strategy copies data to a redundant storage location immediately as data is written? A. Asynchronous B. Intra-region C. Inter-region D. Synchronous

D

Which is not a typical step with virtual machine (server) creation in a public cloud? A. Selection of the OS B. Sizing of the hardware resources C. Securing access to the VM D. Downloading of OS software

D

Which of following is the MOST beneficial aspect of public cloud deployment for a startup company? A. Ease of infrastructure management ​B. Reduced Mean Time to Implement ​C. Shared company resources D. No upfront capital expenditure

D

Which of the following high availability solutions would a cloud service provider use when deploying Software as a Service? ​A. Virtual switches ​B. Multipathing ​C. Load balancing ​D. Clustering servers

D

Which of the following is a benefit of outsourcing? A. Immediate scalability B. Vendor lock-in C. Long contract renegotiation D. Tailor-made client solutions

D

Which of the following is a commonality between cloud and outsourcing? A. Tailor made solutions B. Contract length C. Both are very specific to IT D. Vendor lock-in

D

Which of the following is a traditional approach to application development? A. Agile B. Iterative C. Test and Run D. Waterfall

D

Which of the following is a valid advantage of server virtualization? A. Fully automated elasticity B. Unlimited virtual machine usage C. No need for a software layer D. Independent hardware

D

Which of the following allows cloud objects to synchronize to a central clock or time service? DNS NTP Databases Middleware

NTP

FIPS 140-2

National Institute of Standards and Technology (NIST) publication that coordinates the requirements and standards for cryptography modules.

National Institute of Standards (NIST)

National Institute of Standards. This is a U.S. federal organization that defines cloud computing standards and models.

patch

Software that is intended to update an application, operating system, or any other software-based system to fix or improve its operations.

Vulnerability Patching Process

Software vendor learns of vulnerability Developers analyze the issue and develop a patch Software vendor releases patch to customers Customers apply patch to remediate the vulnerability

Authentication Factors

Something you know Something you are Something you have

Managed Security as a Service (MSaaS)

Specialize in cloud-based managed security services.

Using Microsoft Word as a reference application, give two examples of microservices.

Spell-check, grammar check

S3 Storage Classes

Standard - active data Standard Infrequent Access Glacier - archived data

**Maria has noticed an increase in the response time of the NoSQL application she runs in her IaaS cloud deployment. When comparing current results against her baseline measurements that she recorded when the database was originally deployed, she verified that there has been a steady increase in the number of read requests. You have been asked to evaluate the baseline variances. Where should you focus your troubleshooting efforts? Memory CPU Storage Networking

Storage -Databases read and write requests utilize storage I/O and should be the focus for troubleshooting.

cloud object storage

Storage data such as a common file that is paired with metadata and combined into a storage object.

offline storage

Storage that requires an administrator to make it available by inserting a tape or other media into a storage system for retrieval. Offline storage can be transported to remote storage facilities or stored in vaults for protection.

ephemeral storage

Storage volumes that do not retain data if the virtual machine is removed or deleted.

nondurable storage

Storage volumes that do not retain data if the virtual machine is removed or deleted.

durable storage

Storage volumes that retain data if the virtual machine is removed or deleted.

Object Storage

Store files as individual objects managed by cloud service provider Much cheaper than block storage S3 - simple storage service

Redundant Array of Independent Disks, RAID level 0 + 1 (RAID 0+1)

Stripes data to be stored first (RAID 0); then the stripe set is written to the mirror (RAID 1).

change advisory board

Supports the change management team by reviewing, sequencing, and approving changes that have been requested; by determining the priorities; and by planning for all upcoming changes.

Which of the following is the process of replicating data in real time from the primary storage system to a remote facility? Synchronous ASynchronous Site mirroring RTO

Synchronous

Which of the following are components of Hybrid Cloud IT Operating Model? [Select 3] Traditional IT Management Group IT Service Broker Group User Management Control IT Quality Assurance Group Cloud Management Group

Traditional IT Management Group, IT Service Broker Group, Cloud Management Group

A data centre is a facility used to house computer systems and associated components, such as telecommunications and storage systems.

True

Amazon Machine Image - AMI

simplify the process of building new servers Provide information required to launch an instance Made up of EBS snapshots

network capacity

The available network capacity usually measured by bandwidth.

Risks

The combination of an internal vulnerability and an external threat

Software as a Service (SaaS)

The consumer can use the provider's applications running on a cloud infrastructure.

Platform as a Service (PaaS)

The consumer is able to deploy onto the cloud infrastructure applications created using programming languages and tools supported by the provider.

Infrastructure as a Service (IaaS)

The consumer is able to provision processing, storage, networks, and other fundamental computing resources and is able to deploy and run arbitrary software, which can include operating systems and applications.

A company is using an Internet-based cloud service provided by a third party. Which of the following can the third party NOT guarantee when providing cloud resources?

The cost of the services

A company is using an Internet-based cloud service provided by a third party. Which of the following can the third party NOT guarantee when providing cloud resources? (CLOUD RISKS)

The cost of the services

Redundant Array of Independent Disks, RAID level 1 + 0 (RAID 1+0)

The creation of two separate RAID 1 arrays using RAID 0 to mirror them.

What is the function of the data layer?

The data layer provides access to data hosted within the boundaries of the system, and data exposed by other networked systems. It exposes generic interfaces that the components in the business layer can consume.

network latency

The delay, or time, it takes for data to traverse a network; the time measurement of a network packet to travel from source to destination.

logging

The detailed transaction records generated by all elements in the cloud for the transactions and interactions of a device or system.

autoscaling

The dynamic process of adding and removing cloud capacity.

File Transfer Protocol Secure (FTPS)

The encrypted version of the File TransferProtocol used to securely send and receive encrypted data.

capacity

The end-to-end metric for maximum available network bandwidth and utilized capacity, or rate, from source to destination. It can also be the maximum amount that something can contain or, in the case of cloud resources, the maximum supported capacity of any object or service.

backup target

The endpoint or storage system where the backup data is to be stored.

A data centre is a facility used to house computer systems and associated components, such as telecommunications and storage systems. (CLOUD CHARACTERISTICS)

True

An application for internal-use only, on company-owned assets, would be best described as a private SaaS.

True

An application for internal-use only, on company-owned assets, would be best described as a private SaaS. (CLOUD CHARACTERISTICS)

True

Address Resolution Protocol (ARP)

The protocol that determines the mapping of an IP address to the physical MAC address on a local network.

The MOST important business continuity risk when selecting cloud service providers is:

The provider going out of business

The MOST important business continuity risk when selecting cloud service providers is: (CLOUD RISKS)

The provider going out of business

Which of the following automates the provisioning of cloud services and includes a self-service dashboard? off-premise Orchestration On-demand Load balancing

Orchestration

Administrative Services

Port 21 = File Transfer Protocol (FTP) Port 22 = Secure Shell (SSH) Port 3389 = Remote Desktop Protocol (RDP) Port 137, 138, 139 = NetBIOS

Mail Services

Port 25 = Small Mail Transfer Protocol (SMTP) Port 110 = Post Office Protocol (POP) Port 143 = Internet Message Access Protocol (IMAP)

Web Services

Port 80 = Hypertext Transfer Protocol (HTTP) Port 443 = Secure HTTP (HTTPS)

_____________ focuses on the fidelity of data and applications received from another system and whether they are useable or not.

Portability

Which of the following statements is FALSE for PaaS? Provides on-demand and self-service application development Provides standard application framework Portability between PaaS clouds is quick and easy Abstracts infrastructure and other configuration details from application developers

Portability between PaaS clouds is quick and easy

A cloud deployment that is off premises but for the exclusive use of a particular organization

Private

Carl is documenting his employer's cloud deployment needs to label the cloud delivery model which is used by a single organization. As a Cloud+ consultant, what would you suggest he name his internal cloud? Hybrid Public Private Community

Private

Which cloud delivery model is used by a single organization? Hybrid Public Private Community

Private

You have been hired as a cloud architect at a large corporation that maintains their own operations in six different data centers that are geographically diverse for high availability. What deployment model is this? Hybrid Public Private Community

Private

An enterprise would like to leverage cloud solution for managing highly classified data. Which of the following cloud deployment models would be most suitable? Public Cloud Private Cloud Community Cloud Hybrid Cloud

Private Cloud

The cloud infrastructure which is provisioned for exclusive use by a single organization comprising multiple consumers (i.e. business units)

Private Cloud

Applications that are easy to migrate and have some business value are great options when first piloting or doing a POC for migrating to the cloud.

True

A company's email software vendor charged them $500 a month to use software, licensed for the maximum number of active email addresses. The company switched to a cloud-based email software that charged based on the number of active email addresses each month. The company was billed $100 the first month, $200 the second month, and $100 for the remaining 10 months of the year. After a year, how much money did the company save by switching to cloud computing?

$4,700

A few security benefits in using the cloud are: (CLOUD ADOPTION)

- 24/7 staffing and monitoring - Increased availability and improved disaster recovery through redundancy and multiple locations

Cloud computing is what? (CLOUD CHARACTERISTICS)

- A kind of Internet-based computing that provides shared processing resources and data to computers and other devices on demand - A model for enabling ubiquitous, on-demand access to a shared pool of configurable computing resources such as networks, servers, storage, applications and services

When your organization has a compliance audit, which of the following might be included as part of the audit? (BUSINESS VALUE)

- Assessing what is used as identity management - Audit of the the access control list

Which terms best describe the following scenario? When the load on your web site goes up, the load balancer adds additional compute web servers to carry the load and then removes these servers when the load goes back down. (TECHNICAL PERSPECTIVES)

- Automation - Elasticity

Which of the following organizations is MOST likely to consider confidentiality requirements before implementing a backup and disaster recovery cloud solution?

-Organizations with legal or regulatory constraints -Government or emergency response

Applications that are easy to migrate and have some business value are great options when first piloting or doing a POC for migrating to the cloud. (CLOUD ADOPTION)

True

Capital tied up in hardware that might become obsolete over time is one limitations of owning your own servers instead of using the cloud.

True

Capital tied up in hardware that might become obsolete over time is one limitations of owning your own servers instead of using the cloud. (CLOUD RISKS)

True

What are some of the major differences between a private cloud and a public cloud?

-Private clouds are for use in a single organization -A public cloud is typically offered over the Internet

The three major cloud forms are:

-Public -Private -Hybrid

What makes up the CIA Triad? (BUSINESS VALUE)

- Confidentiality - Availability - Integrity

A few possible security risks when using the cloud: (CLOUD ADOPTION)

- Data loss - Data exposure - Shared technology

A few possible security risks when using the cloud:

- Data loss- Data exposure- Shared technology

A few cloud services that can be consumed are? (CLOUD CHARACTERISTICS)

- Email accounts - Websites - Data storage

Some forms of encapsulation being used in VPNs are: - GRE - NAT - VXLAN - VLAN (CLOUD ADOPTION)

- GRE - VXLAN - VLAN

Which of the following are ways of managing risk management? (CLOUD ADOPTION)

- Identify what the organizations assets are - Identify threats and vulnerabilities - Address the identified risk - Monitor risks

Cloud computing characteristics: (CLOUD CHARACTERISTICS)

- Managed by the provider - Managed through self-service on demand - Network accessible - Sustainable

Cloud providers and cloud software include: (CLOUD CHARACTERISTICS)

- Microsoft Azure - OpenStack - Amazon Web Services - Google Cloud Platform

Which of the following assets have risks related to a cloud provider going out of business? (CLOUD RISKS)

- Not using hybrid cloud federations to keep your data synced with multiple providers - Data stored at the provider

Which of the following assets have risks related to a cloud provider going out of business?

- Not using hybrid cloud federations to keep your data synced with multiple providers- Data stored at the provider

Which of the following are cloud providers or cloud software? (CLOUD CHARACTERISTICS)

- OpenStack - Microsoft Azure - Google Compute Engine - Amazon Web Services

Which of the following organizations is MOST likely to consider confidentiality requirements before implementing a backup and disaster recovery cloud solution? (CLOUD CHARACTERISTICS)

- Organizations with legal or regulatory constraints - Government or emergency response

What are some of the major differences between a private cloud and a public cloud? (TECHNICAL PERSPECTIVES)

- Private clouds are for use in a single organization - A public cloud is typically offered over the Internet

The three major cloud forms are: (TECHNICAL PERSPECTIVES)

- Public - Private - Hybrid

As stated by the National Institute of Standards and Technology, cloud characteristics include: (CLOUD CHARACTERISTICS)

- Rapid elasticity - Broad network accessibility

Variable cost business models are focused on: (BUSINESS VALUE)

- Responsiveness - Removing the need for hardware completely - Allowing for smaller operating expenses (OPEX) over time, instead of large initial capital expenditures (CAPEX) - Operating efficiencies that do not work anymore

What are the three primary scalability levels? (BUSINESS VALUE)

- Server Scalability - Scaling of the Network - Scaling of the Platform

Some of important steps in the evolution from virtualization to the cloud are: (CLOUD CHARACTERISTICS)

- Server virtualization - Distributed data centers - Private data centers - Hybrid data clouds and public clouds

Cloud scalability means? (BUSINESS VALUE)

- The ability of a particular system to fit a problem as the scope of that problem increases - The ability of an application to be scaled up to meet demand through replication and distribution of requests across a pool or farm of servers

Indications that your organization may be ready for the cloud are: (CLOUD CHARACTERISTICS)

- Tied-up capital - Costly excess capacity - Running out of capacity

Some of the ways to mitigate risks when using cloud data integration: (CLOUD ADOPTION)

- Understand the application design when moving to the cloud - Keep the applications, data, and the users as close as possible

Some of the ways to mitigate risks when using cloud data integration:

- Understand the application design when moving to the cloud- Keep the applications, data, and the users as close as possible

Some examples of using hardware standardization are: (CLOUD ADOPTION)

- Using the same architecture, such as X86 - Taking advantage of tier-based virtualization cloud technologies - VM sizes are pre-defined sizes, often known as flavors

Common technologies used to mitigate security concerns are: (CLOUD ADOPTION)

- Virtual firewalls - Virtual private networks

Indications that your organization may not be ready for the cloud are: (CLOUD CHARACTERISTICS)

- Your organization owns large data centers that often have enough scale to be as flexible and efficient as cloud computing providers - Legal and security (compliance) reasons can require an organization to know more details about the location of its data and servers than a cloud computing provider is able to provide - Predictable and fixed workloads can typically make optimal use of their hardware and do not need scaling

You company's data could become compromised by (CLOUD RISKS)

- phishing - social engineering - poor physical security

Cloud computing improves business flexibility by... (CLOUD IMPACT ON BUSINESS)

- providing easier access to users outside of the organization - rapidly growing and shrinking capacity - allowing for the faster deployment of applications

A few security benefits in using the cloud are:

-24/7 staffing and monitoring -Increased availability and improved disaster recovery through redundancy and multiple locations

Cloud computing is what?

-A kind of Internet-based computing that provides shared processing resources and data to computers and other devices on demand -A model for enabling ubiquitous, on-demand access to a shared pool of configurable computing resources such as networks, servers, storage, applications and services

When your organization has a compliance audit, which of the following might be included as part of the audit?

-Assessing what is used as identity management -Audit of the the access control list

Which terms best describe the following scenario? When the load on your web site goes up, the load balancer adds additional compute web servers to carry the load and then removes these servers when the load goes back down.

-Automation -Elasticity

What makes up the CIA Triad?

-Confidentiality -Availability -Integrity

A few cloud services that can be consumed are?

-Email accounts -Websites -Data storage

Which of the following are ways of managing risk management?

-Identify what the organizations assets are -Identify threats and vulnerabilities -Address the identified risk -Monitor risks

Cloud computing characteristics:

-Managed by the provider -Managed through self-service on demand -Network accessible -Sustainable

Cloud providers and cloud software include:

-Microsoft Azure -OpenStack -Amazon Web Services -Google Cloud Platform

Which of the following are cloud providers or cloud software?

-OpenStack -Microsoft Azure -Google Compute Engine -Amazon Web Services

Variable cost business models are focused on:

-Responsiveness -Removing the need for hardware completely -Allowing for smaller operating expenses (OPEX) over time, instead of large initial capital expenditures (CAPEX) -Operating efficiencies that do not work anymore

What are the three primary scalability levels?

-Server Scalability -Scaling of the Network -Scaling of the Platform

Some of important steps in the evolution from virtualization to the cloud are:

-Server virtualization -Distributed data centers -Private data centers -Hybrid data clouds and public clouds

Cloud scalability means?

-The ability of a particular system to fit a problem as the scope of that problem increases -The ability of an application to be scaled up to meet demand through replication and distribution of requests across a pool or farm of servers

Indications that your organization may be ready for the cloud are:

-Tied-up capital -Costly excess capacity -Running out of capacity

Some examples of using hardware standardization are:

-Using the same architecture, such as X86 -Taking advantage of tier-based virtualization cloud technologies -VM sizes are pre-defined sizes, often known as flavors

Common technologies used to mitigate security concerns are:

-Virtual firewalls -Virtual private networks

Which of the following is not a typical concern for your deployment plan regarding a key internal application? A. Dynamic IP address needs B. Direct access to HW requirement C. Large file transfers D. Legacy API usage

A

Which of the following might you need to adjust in order to ping test your EC2 instance? A. Security Group B. S3 C. IAM D. KMS

A

Which of the following should an administrator use when marking VLAN traffic? A. Virtual Local Area Network tagging ​B. Network Address Translation ​C. Subnetting D. Port Address Translation

A

Indications that your organization may not be ready for the cloud are:

-Your organization owns large data centers that often have enough scale to be as flexible and efficient as cloud computing providers -Legal and security (compliance) reasons can require an organization to know more details about the location of its data and servers than a cloud computing provider is able to provide -Predictable and fixed workloads can typically make optimal use of their hardware and do not need scaling

You company's data could become compromised by

-phishing -social engineering -poor physical security

Cloud computing improves business flexibility by...

-providing easier access to users outside of the organization -rapidly growing and shrinking capacity -allowing for the faster deployment of applications

Port Ranges

0-1,023 = well known ports 1,024-49,151 = registered ports 49,152-65,535 = dynamic ports

If the physical RAM installed on the motherboard is 64GB, and the 32 VMs running on that server are all configured for 4GB of RAM each, then with 128GB allocated and with 64GB physically available, what would be the overcommitment ratio? 8:1 2:1 16:1 1:2

2:1

As a developer for a software company, you have decided to build and test your web applications in a cloud environment. Which type of cloud service best meets your needs? A. PaaS B. SaaS C. IaaS D. Xaas

A

Cloud technologies often used a shared infrastructure? True or false? A. True B. False

A

Compliance in the context of the cloud means meeting regulatory or legal requirements. True or false? A. True B. False

A

Data that's been unaltered during transmission is an example of which of the following? A. Integrity B. Authentication C. Accounting D. Logging

A

For which of the following protocols will an administrator configure a trap to collect system state data? A. SNMP ​B. FTPS ​C. IPMI D. SMTP

A

In AWS, different Availability Zones are located in which construct? A. Regions B. Data Centers C. Areas D. Continents

A

Load Balancing can provide which of the following? A. Availability B. Troubleshooting C. Compliance D. Auditing

A

The client OS is virtualized with VDI. True or false? A. True B. False

A

True or false? Cloud computing is a form of outsourcing. A. True B. False

A

What is a benefit of PaaS? A. Rapid application development B. Replication C. High bandwidth D. Low latency

A

What is critical to have in place in the event your cloud provider ceases operations? A. Exit strategy B. SLA documents C. Security audit D. Compliance review

A

What is the measure of delay when using cloud services? A. Latency B. SLA C. Packet loss D. Attenuation

A

What protocol is recommended when connecting to virtual machines in your cloud provider? A. SSH B. HTTP C. Telnet D. FTP

A

When a company participates with others to provide cloud services, which of the following is this an example of? A. Community B. Hybrid C. Public D. Private

A

When a company uses its own internal cloud IaaS, which of the following deployment types is this an example of? A. Private B. Community C. Hybrid D. Public

A

When comparing cloud and outsourcing services, the cloud providers have more customers than outsourcing. True or false? A. True B. False

A

When using Hyper-V's TURN OFF feature, data loss could occur within the virtual machine. True or False? A. True B. False

A

Which migration type should be performed if you discover your app did not support virtualization properly? A. V2P B. V2V C. P2V D. P2P

A

Which option describes a benefit of virtualized servers? A. Shared hardware B. Individual hardware per virtual server C. Physical servers taking less room space than virtual servers D. Virtual servers taking less disk space than physical servers

A

Which term from the past describes the sharing of mainframe computing resources? A. Time-sharing B. Time division multiplexing C. Mainframe-sharing D. XaaS

A

Why is the phrase "noisy neighbor" often used in Cloud? A. Contention for shared resources B. SLA failures C. Lack of monitoring tools D. Global regions

A

You are the IT director for a retail clothing outlet. Your competitors are using Internet-delivered inventory, storage, and backup solutions from a specific provider. You conclude it is best that your company use the same services from the same provider. What type of cloud will you be subscribing to? A. Community cloud B. Retail cloud C. Private cloud D. Public cloud

A

_____ is an example of standardization with cloud adoption? A. API B. As a Service C. Patches and updates D. Private cloud

A

dig

A Linux command-line utility used to resolve hostnames to IP addresses using a DNS name server.

ifconfig

A Linux command-line utility used to verify and configure the local networkinterfaces.

Federal Risk and Authorization Management Program (FedRAMP)

A U.S. federal government-wide program that outlines the standards for a security assessment, authorization, and continuous monitoring for cloud products and services.

ipconfig

A Windows command-line utility used to verify and configure the local network interfaces.

Redundant Array of Independent Disks, RAID level 0 (RAID 0)

A block of data is stored across two or more disks. The file is stored across more than one hard drive. RAID 0 provides no redundancy or error detection, so if one of the drives in a RAID 0 array fails, all data is lost.

private cloud

A cloud model that is used by a single organization.

Quotas Quotas are the application of limits that have been defined for usage of a system's resources. The quotas that are typically defined for host systems have to do with allocation of the host computer resources to its guest machines. Quotas allow a cloud provider to limit the total amount of resources a cloud consumer can use.

A cloud provider needs to limit the total amount of computer resources that a cloud consumer can utilize. What would they use to limit the resources?

route command

A command-line utility that displays the workstation's or server's local routing tables.

tracert/traceroute

A command-line utility used for network path troubleshooting. This utility shows the routed path a packet of data takes from source to destination.

Hypertext Transfer Protocol (HTTP)

A communications protocol that is used primarily on web browsers to access World Wide Web servers in the cloud.

service provider

A company that hosts computing systems and sells computing to consumers.

What is SLA? Each correct answer represents a complete solution. Choose all that apply. A business continuity plan A document that defines all levels of service that the provider is promising to provide to the customer A binding contract, defining the service promised, that a customer can use for litigations whenever those promises are constantly missed A contract that defines how various IT groups within a company plan to deliver a service or set of services

A document that defines all levels of service that the provider is promising to provide to the customer A binding contract, defining the service promised, that a customer can use for litigations whenever those promises are constantly missed

service level agreement

A document that outlines specific metrics and the minimum performance or availability level and outlines the penalties for failing to meet the metrics.

data center

A facility housing computing systems.

swap file

A file on a hard disk used to provide space for programs that have been transferred from the processor's memory.

IP Security (IPsec)

A framework or architecture that uses many different protocols to provide integrity, confidentiality of data, and authentication of data on a TCP/IP network.

quality of service (QOS)

A general networking term for the ability of the network to provide differentiated services based on information in the Ethernet packet.

regions

A geographical area of presence for cloud service providers.

vulnerability scanning

A software application that is used to find objects in your cloud deployment that can be exploited that are potential security threats. The vulnerability scanner is an application that has a database of known exploits and runs them against your deployment.

hotfix

A software update type that is intended to fix an immediate and specific problem with a quick release procedure.

memory ballooning

A hypervisor function that allows the hypervisor to reclaim unused memory from a VM running on top of the hypervisor and allocates that memory for other uses.

JavaScript Object Notation (JSON)

A lightweight data-interchange format standard that is easily readable and for computing systems to parse and to generate.

What is a zone in the context of logical network design?

A logical entity containing one or more tiers, it segregates various parts of the network

obfuscation

A means to complicate, confuse, or bewilder. It is used to hide information in stored data in the cloud.

Random access memory (RAM)

A memory resource in a bare-metal server.

role-based access control (RBAC)

A method in which access rights are granted to, or restricted from, users based on which roles they perform in an organization.

scripting

A method of running configuration commands in the cloud to automate cloud deployments and security services.

event correlation

A method or process that make sense out of a large number of reported events from different sources and identifies the relationships between the events.

anomaly

A metric that is either above or below your expectations.

storage area network (SAN)

A network that is dedicated to storage traffic and is high speed and highly redundant.

virtual CPU

A physical CPU that has been re-imaged as a virtualized version of the physical CPU and assigned to a virtual machine or VM, in other words, the hardware abstraction of a physical CPU that is a virtualized representation of the CPU. VMs running on the hypervisor will use these virtual CPUs for processing.

business continuity plan

A plan that recognizes there are inherent threats and risks that can have a detrimental effect on a company and that defines how to protect the company assets and be able to survive a disaster. This gives an organization the ability to continue operations and to deliver products and services after an event that disrupts its operations.

object ID

A pointer to a stored piece of data that is a globally unique identifier.

network time protocol

A protocol that allows all devices to synchronize to a central clock, or time service.

Representational State Transfer (REST)

A protocol that communicates between devices over HTTP/HTTPS. This is a method of providing device communications over IP networks.

L2TP

A remote access communications protocol that is a common method to connect to a remote device over the Internet

co-location

A shared data center operation offered by a service provider.

A webmail service hosted by an MSP for which of the following is considered a private cloud?

A single company

mirrors

A site that is updated constantly with data files and server information in case of a primary site failure. The mirror can assume processing and availability. Also, with the use of mirroring, multiple sites can be active at the same time for availability, geographical proximity, capacity management, and high-demand purposes.

International Organization for Standardization (ISO) 27001

A standard for quality that ensures a cloud provider meets all regulatory and statutory requirements for its product and service offerings.

metric

A standard of measurement that defines the conditions and the rules for performing the measurement and for understanding the results of a measurement.

Generic Routing Encapsulation (GRE)

A standardized network tunneling protocol that is used to encapsulate any network layer protocol inside a virtual link between two locations. GRE is commonly used to create tunnels across a public network that carries private network traffic.

public key infrastructure (PKI)

A standardized set of roles, policies, and procedures used to create, manage, distribute, use, store, and revoke digital certificates and manage public/private key encryption.

online storage

A storage system that can be accessed at any time without the requirement for a network administrator to mount the media into a storage system.

Triple Data Encryption Standard (3DES)

A symmetrical cipher. Three encryption keys of various lengths are used. The first key is used to encrypt a block of data, a second key is then used to decrypt the block, and a third key is used to encrypt it again. This triple encryption function on each block of data is reversed to decrypt the data.

fault tolerance

A system that will remain operational even after there has been a degradation of its systems.

command-line interface (CLI)

A text-based interface tool used to configure, manage, and troubleshoot devices.

privilege escalation

A user or service receiving account privileges that they are not allowed to possess.

Telnet

A virtual terminal application that allows for command-line logins to a remote device.

Secure Shell (SSH)

A virtual terminal application that supports an encrypted connection to remote devices using a command-line interface.

What are two aspects of the service transition phase? (Choose two) A. Change Management B. Knowledge Management C. Information Security Management D. Service Level Management E. Financial Management

AB

When creating cloud virtual servers, which of the following must be specified? (Choose two.) A. Username and password B. Server name C. IP address D. Operating system licensing

AB

Which of the following are examples of SaaS? (Choose two) A. Twitter B. Gmail C. AWS S3 D. Azure

AB

Which of the following are often associated with cloud technologies? (Choose two) A. Web-based B. SOA C. Monolithic D. Client-only

AB

Which of the following are valid reasons for a firm's not adopting a cloud solution? (Choose two.) A. Local hardware is being fully utilized for unchanging IT workloads. B. The number of employees rarely changes. C. The number of employees changes often. D. The firm experiences unpredictable project spikes throughout the year.

AB

Which two of the following are often considered critical deployment steps for cloud? (Choose two) A. Risk assessment B. Pilot C. Scrum techniques D. Forklift upgrade

AB

Which of the following provide incentive for a company to adopt cloud solutions? (Choose three) A. Excess resources B. Large sunk expense costs C. Predictable and fixed workloads D. Variable user base

ABD

Regarding certificates and your cloud infrastructure, which of the following are common issues ? (Choose two) A. Expiration B. Corruption C. Misconfiguration D. Public key capture

AC

Which of the following are related to cloud computing costs? (Choose two.) A. Monthly subscription B. Server hardware costs C. Usage fees D. Software licensing costs

AC

Which of the following might govern how we need to report metrics for our cloud infrastructure? (Choose two) A. Based on SLA B. Public cloud vendor requirement C. Corporate policy D. Third party mandate

AC

For which businesses would cloud computing be best suited? (Choose two.) A. Waterfront marketplace that thrives during the summer tourist season B. Rural medical practice with four employees C. Law enforcement agency D. A new company start-up that manufactures watercraft

AD

Fluentes is a security consultant for a day trading company that must implement strong encryption of data at rest for their cloud storage tiers. What is the best option that meets most security regulations for the encryption of stored data? 3DES RSA AES-256 Rivest Cipher 5

AES-256

Which of the following can be classified as a TECHNICAL risk of cloud computing? [Select 3] API and management interface compromise Forced lock-in with the cloud provider Denial of Service due to misconfiguration or system vulnerabilities Storage of data in multiple jurisdictions along with lack of transparency Incomplete deletion of data

API and management interface compromise Denial of Service due to misconfiguration or system vulnerabilities Incomplete deletion of data

Data replication is often used to store copies of real-time data in remote zones. When there is a need to have the master data immediately updated, and then on the backend, update the remote zones. What type of replication would you recommend to configure? Synchronous ASynchronous Site mirroring RTO

ASynchronous

List 3 critical threats to cloud computing security.

Abuse and Nefarious Use of Cloud Computing Insecure Application Programming Interfaces Malicious Insiders Shared Technology Vulnerabilities Data Loss/Leakage Account, Service & Traffic Hijacking Unknown Risk Profile

Risk Acceptance

Accepts risk without taking any further action

**Maria, a cloud engineer, is working in an organization whose online wealth application resides in a community cloud environment. She notices that during peak times, users are unable to access their online wealth management applications in a timely fashion. What should she do first to resolve the issue? Access the cloud services portal and ensure there is adequate disk space available. Access the cloud services portal and ensure all users are accessing it through the same web service. Access the cloud services portal and ensure memory ballooning is enabled. Access the cloud services portal and ensure the ACLs are set correctly for the user community.

Access the cloud services portal and ensure memory ballooning is enabled. - The memory ballooning is a hypervisor function that allows the hypervisor to reclaim unused memory from a VM running on top of the hypervisor and allocates that memory for other uses. It is a memory management feature which is used in most virtualization platforms that allows a host system to artificially enlarge its pool of memory by taking advantage or reclaiming unused memory previously allocated to various virtual machines.

Vertical Scaling

Adding resources to one machine to accommodate additional work

A subscriber in an Infrastructure as a Service model can be ______ An individual A business unit A team All of the above

All of the above

In SaaS, which component(s) is(are) managed by cloud providers? Applications Storage Middleware All of the above

All of the above

Which of the following is NOT a typical component of an IaaS offering? Storage Self service interfaces Compute Instances Identify and Access Management All of the above are components of IaaS

All of the above are components of IaaS

How does scalability work with cloud computing? A. Servers and storage can be added quickly. B. Servers and storage can be released quickly. C. Users can be added and removed quickly. D. All of the above is correct.

All of the above is correct.

How are cloud computing and outsourcing similar? A. Immediate scalability B. Vendor lock-in C. Long contract renegotiation D. Tailor-made client solutions

B

EBS Volume Snapshots

Allow you to preserve backups of your drive content Stored in S3, providing durable backups

Point-to-Point Tunneling Protocol (PPTP)

Allows a remote PC or network to access a remote network, such as a cloud, by encapsulating PPP packets inside of GRE tunnels.

single sign-on (SSO)

Allows a user to log in just one time and be granted access rights to multiple systems.

virtual private network (VPN)

Allows for a secure encrypted network connection over an insecure network such as the Internet.

load balancing

Allows for many servers to share an application load, redundancy, and scalability by allocating traffic to many devices instead of to a single device.

Cloud Native Database Platform

Allows use of relational databases, key value stores, graph database High degree of cloud optimization Management burden on provider Requires retooling existing applications

multifactor authentication

An access control technique that requires several pieces of information to be granted access. Multifactor implementations usually require you to present something you know, such as a username/password combination, and something you have, such as a smart card, fingerprint, or a constantly changing token number off an ID card.

Reservations By creating a DHCP reservation, an administrator can assure that a computer gets the same IP address based on its MAC address.

An administrator needs to assign a specific IP address to a computer based on the computer's MAC address. What should be implemented?

Digital Signature Algorithm (DSA)

An asymmetrical encryption that uses a private key and a public key. PKI is the framework that uses protocols such as DSA for encryption. With PKI and DSA, the common implementation is an asymmetrical protocol using a public and private key pair such as DSA to set up an encrypted connection to exchange symmetrical keys. Then the symmetrical keys are used to perform bulk encryption and decryption since they are faster and require less processing.

RSA

An asymmetrical encryption that uses a private key and a public key. PKI is the framework that uses protocols such as RSA for encryption. With PKI and RSA, the common implementation is an asymmetrical protocol using a public and private key pair such as RSA to set up an encrypted connection to exchange symmetrical keys. Then the symmetrical keys are used to perform bulk encryption and decryption since they are faster and require less processing.

extended metadata

An extended list of data that can be attached to a data file for detailed index schemas.

snapshot

An instance-in-time image for rollbacks or backups.

What is an integration broker? What are the 4 components of its architecture?

An integration broker is used to manage data movement and system integration (integrates in-house applications and SaaS applications). 4 components: Security, Transform, Orchestrate, Route

object

An item that can be accessed and manipulated in the cloud. It is a cloud component where you can define the measurements that are sent to monitoring systems to collect operational data.

Pay-as-you-grow Pay-as-you-grow is the concept in cloud computing where an organization pays for cloud resources as they need them.

An organization is looking to adopt a cloud model to help save costs on hardware and pay only for the computing resources they use. Which of the following will allow the organization to accomplish this goal?

If a top-to-bottom troubleshooting approach is used, which layer of the OSI model should you start with? A. Physical B. Application C. Network D. Presentation

B

Reservations Reservations are similar to quotas, but they ensure that a lower limit is enforced for the amount of resources guaranteed to a cloud consumer for their virtual machine or set of virtual machines.

As a cloud consumer your organization needs a way to ensure they are receiving at least a certain amount of computer resources. Which of the following guarantees a cloud consumer a minimum amount of computer resources?

**Cheryl is deploying a new MySQL database in her private cloud. She needs a fault-tolerant solution and plans to create read replicas of the database in a different availability zone. For performance reasons, she has decided to update the replica in near real time after the initial write operation on the primary database. What type of solution is this? Synchronous Asynchronous Volume sync Remote mirroring RAID 5

Asynchronous -Asynchronous replication is when data is written to the primary first and then later a copy is written to the remote site on a scheduled arrangement or in near real time

The DevOps team is requesting read/write access to a storage bucket in the public cloud that is located in a backup region. What kind of services are they requesting? Authorization Authentication Federation SSO

Authorization

Alerts

Automate responses to changing conditions

Cloud Orchestration

Automates cloud management Hybrid environments add complexity to cloud operations Mix of public and private cloud -- access resources through the vendor's API (application programming interface)

Dynamic Host Configuration Protocol (DHCP)

Automatically downloads networkconfigurations to a device on request to avoid static configurations

What technology has been instrumental in the growth of on-demand cloud services? XML Python Automation Authentication

Automation

Jeff has been monitoring resource usage increases in his web server farm. Based on trending data he has collected, there will be regular requirements to increase CPU capacity for his web servers as usage increases. Jeff wants to use the automation capabilities of his private cloud to automatically use the orchestration software to add CPU cores as required. What can he implement to automate this? Elasticity Variance Autoscaling Trigger

Autoscaling

A network with higher 9's rating is used when which of the following is very important? Integrity Availability Security Confidentiality

Availability

If you are using AWS as your public cloud, it is your responsibility to ensure all aspects of compliance. True or false? A. True B. False

B

Incident management is part of what ITIL service phase? A. Service Strategy B. Service Operation C. Service Design D. Service Transition

B

____________ is a trusted third-party that can conduct independent assessment of cloud services, performance, and security of the cloud implementation.

Cloud Auditor

AWS is a classic example of which of the following? A. Private B. Public C. Community D. Hybrid

B

Cloud costs tend to be most comparable to what type of cost? A. A lease for a new building B. An electric utility bill C. A bill for initial server acquisitions D. None of these options are correct

B

Cloud services tend to feature much longer contract durations compared to traditional outsourcing. True or false? A. True B. False

B

Compared to Type II hypervisors, Type I hypervisors generally have lower: A. numbers of VMs per host ​B. requirements for host overhead ​C. numbers of hosts installed in datacenters D. costs

B

In the SaaS model, the public access point to the cloud is the:

Cloud Manager

Purchasing software and providing it to a third party that installs and manages that software is an example of which of the following? A. Virtualization B. Application service provider C. Platform as a service D. Private cloud

B

Regarding your disaster recovery method, which of the following should be a key consideration? A. Hypervisor type B. Bandwidth C. API selection D. Hardware vendor

B

S3 is an example of which type of storage technology? A. File-based B. Object-based C. Block-based D. Folder-based

B

There is often a single level of cloud service you should recommend. True or false? A. True B. False

B

True or false? Virtual servers are used only in public clouds. A. True B. False

B

Using AWS EC2 instances is an example of which of the following? A. BPaaS B. IaaS C. PaaS D. SaaS

B

What aspect of cloud computing allows you to save on costs in a direct fashion? A. Read-only replicas B. On-demand C. Resource metering D. Quickly expanding storage

B

What deployment model is the most popular today and allows companies to host their own cloud services while relying on cloud vendors for other services? A. Public B. Hybrid C. Community D. Private

B

What does "follow the sun" mean in terms of workload migrations? A. You can safely ignore time zone concerns when provisioning resources B. Services must be available at sun up in a certain region C. Always use GMT when scheduling services D. Never have a service running for more than 24 hours

B

What is not a common cloud component categorization? A. Application B. Legacy C. Compute D. Network E. Storage F. Security

B

Which CPU technology might be required by your VMware image in order for it to function properly? A. Ballooning B. VT-x C. Caching D. Bursting

B

Which cloud technique should be considered if you wanted to ease the administration required for a common, simple task? A. Elasticity B. Automation C. Load balancing D. Orchestration

B

Which of the following is a small update designed to fix a flaw and is often considered an emergency measure? A. Rollback B. Hotfix C. Update D. Patch

B

Which of the following is an example of PaaS? A. SalesForce B. Azure C. Gmail D. DropBox

B

Which of the following is an example of a resource pooling technology? A. Hotmail B. Cisco UCS C. Gmail D. Open standards

B

Which of the following is not a major concern you should have when thinking about cloud technologies and security? A. Consider applicable laws and regulations B. Always use the latest in security technologies C. Consider best practices for resources D. Consider your company security policy

B

Which of the following is the least critical to document? A. Findings B. Time per phase C. Actions D. Outcomes

B

Which of the following is the meaning of SaaS? A. Solutions as a Service ​B. Software as a Service ​C. Servers as a Service D. Security as a Service

B

Which of the following permits dynamic elasticity? A. Auto Encryption B. Auto Scaling C. Replication D. Auto Migration

B

Which of the following will allow an administrator to quickly revert a VM back to a previous state? A. Metadata ​B. Snapshots ​C. Extended metadata D. Cloning

B

Within AWS, which security structure should be used to control the traffic flowing between your subnets in your VPC? A. Security Group B. Network ACL C. Role D. WAF

B

You've decided to provide a web application and scale it by using many small Linux instances. Adding four instances and load balancing between them over the last month is an example of which of the following? A. Scaling up B. Scaling out C. Scaling down D. Scaling in

B

Your public cloud environment is configured such that additional cloud storage is allocated to a virtual server when the used disk space on that server reaches more than 80 percent of disk capacity. Which term best describes this configuration? A. Elasticity B. Automation C. Self-service D. Disk latency

B

Which of the following is the MOST widely used example of cloud computing? A. Business ratings ​B. Online email ​C. Online education ​D. Geo-caching (Official Sample Questions provided by CompTIA)

B. Online email

Which of the following statements are true? (Choose two.) A. Public clouds are for the exclusive use of a single organization. B. Private clouds are for the exclusive use of a single organization C. Public clouds are offered over an intranet. D. Public clouds are offered over the Internet.

BD

You've discovered that your theory of probable cause for a cloud issue is not correct. Which of the following are common next steps? (Choose two) A. Adopt the "divide and conquer" approach B. Escalate C. Document your results D. Establish a new theory

BD

Match the virtual network technology with the best definition. 1. VXLAN 2. DMZ 3. Microsegmentation 4. Subnet A. Each host in it's own domain B. 16 Million IDs C. Sizing for future expansion is important D. Services secured for outside network access

BDAC

replicas

Backup copies of data that can be stored either locally or remotely that can act as alternative data stores from your main production operations.

file backups

Backups of storage folders and files that you selected with your backup software to another storage location for later access.

Auto Scaling Process

Based on launch configuration Identify scaling thresholds based on resource utilization Monitor usage based on defined thresholds Trigger scaling action when appropriate

**Cloud capacity can be measured by comparing current usage to what? Orchestration Automation NTP Baseline APIs

Baseline

An organization's IT department wants to know what its normal day-to-day web hit count is so it can plan for the upcoming holiday selling season. Jim's job is to measure the incoming web requests and graph them against delay and missed connection counts. What type of data set is Jim producing? Baseline SOC 2 Benchmarking SLA

Baseline

Cloud capacity can be measured by comparing current usage to what? SSL Baseline Benchmarking SLA

Baseline

Why is there less maintenance effort using SaaS when managing the operating system?

Because the service provider manages the operating system in SaaS

Why is there less maintenance effort using SaaS when managing the operating system? (CLOUD ADOPTION)

Because the service provider manages the operating system in SaaS

You have designed a web architecture that allows you to have an exact copy of your production fleet that can be brought online to replace your existing deployment for patching and maintenance. What type of model did you implement? Cluster DevOps Blue-green Rolling

Blue-green

List the PaaS application lifecycle.

Build applications Land first release Maintain application Land releases End of life

Cloud Database Options

Build databases on virtual servers Use a managed database service Use cloud native database platform

Burstable instances

Build up CPU credit for times of peak use

IaaS

Building blocks -- compute, storage, and networking Customer does most, provider does least

When is public cloud deployment favorable? Auctioning data center Cost savings Scalability Business Agility

Business Agility

The layer that implements the core functionality of the system by encapsulating business logic

Business Layer

Which of the following consists of components, some of which may expose service interfaces that other callers can use? Presentation Layer Data Layer Business Layer Service Layer

Business Layer

The _______________ identifies customer requirements and makes sure that the cloud service provider meets the requirements before agreeing to deliver the service (CLOUD IMPACT ON BUSINESS)

Business Relationship Manager (BRM)

How might an organization successfully implement a SaaS strategy? (CLOUD ADOPTION)

By managing the risks that are associated with bringing in external providers

A community name is used by: A. WMI ​B. SMTP ​C. SNMP ​D. SMS

C

A company's email software vendor charged them $500 a month to use software, licensed for the maximum number of active email addresses. The company switched to a cloud-based email software that charged based on the number of active email addresses each month. The company was billed $100 the first month, $200 the second month, and $100 for the remaining 10 months of the year. After a year, how much money did the company save by switching to cloud computing? A. $1,300 ​B. $4,500 ​C. $4,700 D. $6,000

C

Following the deployment of your cloud resources, which of the following would you most likely not be monitoring? A. CPU utilization B. RAM utilization C. Root account access D. Storage utilization

C

In Microsoft Azure, which component of networking allows for easier management of cloud components? A. Virtual Partitions B. Virtual Collections C. Resource Groups D. Virtual Private Clouds

C

In keeping with organizational goals of a corporation when deploying an application to a cloud services provider, which of the following is NOT a selection criteria for choosing a pilot? A. Security of application data ​B. Usability in a cloud environment ​C. Successful completion D. Low impact of failure

C

In using a structured approach to explore the potential impact of cloud computing in an organization undergoing the impact and changes that occur during Cloud service adoption, which of the following is an ITIL Service Lifecycle consideration? A. Service Upgrade ​B. Service Disconnection ​C. Service Operation D. Service Continuance

C

The maintenance of software libraries is the most critical for a cloud vendor offering what type of cloud service? A. IaaS B. SaaS C. PaaS D. NaaS

C

What cloud computing characteristic ensures services and data are always reachable? A. Confidentiality B. Integrity C. Availability D. Scalability

C

When developing your plan of action, it is most important to consider which of the following? A. Speed of change B. Costs C. Potential effects D. Ease of documentation

C

Where is the most likely use of FC as the communication protocol in storage? A. DAS B. NAS C. SAN D. Object-based

C

Which is not a typical area of interaction between cloud and non-cloud resources? A. Firewalling B. Authentication C. Physical security D. Internet connectivity to the cloud

C

Which network component might cause an issue even though its design is to improve network performance? A. NAT B. SNMP C. QoS D. Virtualization

C

Which of the following cloud features increases the available IT infrastructure resources to meet the demands? A. Reliability B. Resource metering C. Scalability D. Broad network access

C

Which of the following hypervisor types requires the least overhead? ​A. Type II ​B. open source ​C. Type I ​D. hosted

C

Which of the following is NOT a major focus in this course? A. Business impacts B. Risk mitigation C. General networking concepts D. Technology options

C

Which of the following is not a recommended technique when migrating applications to the cloud? A. Consider a pilot B. Target non-mission critical apps first C. PaaS first D. Target easy apps to migrate first

C

Which of the following is not a typical account lifecycle event? A. Deletion B. Creation C. Move D. Deactivation

C

Which of the following is not an example of a maintenance task we would automate in a cloud environment? A. Cleanup of orphaned resources B. Clearing of log files C. Provision and deployment of a new firewall D. Removal of inactive accounts

C

Which of the following is the MOST likely reason for subscribing to PaaS? A. Virus protection ​B. Software application access ​C. Application development D. Infrastructure tuning

C

Which of the following is the meaning of IaaS? A. IT as a Service ​B. Information as a Service ​C. Infrastructure as a Service D. Identity as a Service

C

Which of the following might factor into an exit strategy for a cloud customer? A. Vendor lock-in B. Self-service C. Standardization D. Automation

C

Which of the following provisioning types is most suitable for a virtual hard disk with 200 GB of space, and ensures that disk storage can be flexibly allocated between virtual machines? A. Thick provisioning B. Random provisioning C. Thin provisioning D. Test provisioning

C

Which of the following recognized approaches for managing an organization's technology environment can be applied to cloud computing services? A. American National Standards Institute (ANSI) ​B. National Institute of Standards and Technology (NIST) ​C. Information Technology Infrastructure Library (ITIL) D. Project Management Institute (PMI)

C

Which of the following storage provisioning methods is implemented at the hardware level of a SAN and can be completed in either a soft or hard basis? A. LUN masking ​B. Network share creation ​C. Zoning D. Multipathing

C

Which of the following terms can be defined as the use of a third party to assist in authentication? A. Logging B. WAP C. Federation D. Encryption

C

Which type of cost tends to be variable? A. CAPEX B. Initial investment costs C. OPEX D. Sunk costs

C

While troubleshooting your cloud issue, you discover there are multiple problems. Which of the following should you do? A. Group the problems together and solve holistically B. Escalate C. Approach each individually D. Begin the establishment of a new theory

C

With cloud computing services, hardware purchases, software purchases, and IT support are the responsibility of whom? A. Internet service provider B. RraaS provider C. SaaS provider D. Application service provider

C

You are linking your company's Microsoft Active Directory user accounts to your cloud provider for federated identity management. What type of configuration must you create within your company? A. Identity trust B. XML provider C. Relying party trust D. JSON provider

C

Your company runs a virtualized web application server in-house. You decide to make the web applications available over the Internet through a cloud provider. Which method represents the quickest way to accomplish this? A. Create a new cloud server, install web services, and install and configure web applications. B. Create a new cloud server, install web services, and import web application data. C. Migrate your in-house web application server to the cloud. D. This cannot be done — only generic applications are available through the cloud.

C

Which component of IaaS cloud architecture is responsible for user accounts and high-level resource allocation within the overall cloud?

Cloud Manager

Cloud computing delivers IT capabilities that scale with demand, which is a huge benefit to organizations that want to quickly start out.

True

A company's email software vendor charged them $500 a month to use software, licensed for the maximum number of active email addresses. The company switched to a cloud-based email software that charged based on the number of active email addresses each month. The company was billed $100 the first month, $200 the second month, and $100 for the remaining 10 months of the year. After a year, how much money did the company save by switching to cloud computing? A. $1,300 ​B. $4,500 ​C. $4,700 D. $6,000 (Official Sample Questions provided by CompTIA)

C. $4,700

Which of the following recognized approaches for managing an organization's technology environment can be applied to cloud computing services? A. American National Standards Institute (ANSI) ​B. National Institute of Standards and Technology (NIST) ​C. Information Technology Infrastructure Library (ITIL) D. Project Management Institute (PMI) (Official Sample Questions provided by CompTIA)

C. Information Technology Infrastructure Library (ITIL)

In using a structured approach to explore the potential impact of cloud computing in an organization undergoing the impact and changes that occur during Cloud service adoption, which of the following is an ITIL Service Lifecycle consideration? A. Service Upgrade ​B. Service Disconnection ​C. Service Operation D. Service Continuance (Official Sample Questions provided by CompTIA)

C. Service Operation

Which of the following allows authentication based on something you are? (Select TWO) ​A. Passwords ​B. Access badge ​C. Retina scan ​D. Key fobs ​E. Voice recognition ​F. PIN

CE

Ichika is preparing a change management plan to increase the processing abilities of one of her middleware servers. What components can she upgrade to increase server performance? Each correct answer represents a complete solution. Choose three. CPU SLA RAM NETWORK I/O ACL DNS

CPU RAM NETWORK I/O

Jennifer is writing a change management plan to increase the processing abilities of one of her middleware servers. Which of the following components can she upgrade to increase server performance? Each correct answer represents a complete solution. Choose all that apply. CPU SLA RAM NETWORK I/O DNS

CPU RAM NETWORK i/O

Capacity and utilization reporting often contains data on which of the following objects? Each correct answer represents a complete solution. Choose three. CPU OS Version Volume tier RAM Network

CPU RAM Network

Vertical Scaling Constraints

CPU Memory Network Storage Need to pick the right instance for vertical scaling

How do servers differ physically?

CPU - processing Memory Storage Network

configuration management

Central repository where configurations are stored and archived. These systems also track any changes that were performed and who made the change.

Allison is preparing to modify a network access control list and add three firewall rules to her private cloud HR systems. She is planning on submitting a detailed plan to accomplish these tasks. Which process is Allison following? MTSR Patch management Change management Trigger

Change Management

**Jennifer plans to modify a firewall access control list to allow RDP connections from a new remote office into her private cloud data center. She is creating a document that details all the steps required to implement the new rule set. What process is she following? Cloud automation Change advisory Change management Rollout

Change management

In an organization, during a recent downtime window, the server team was applying patches to an application, and the networking team was upgrading a router's interface to 10 Gbps. When the network was down for the upgrade, the server team complained that they could not download the needed software patches. Which process should be modified to prevent this from happening in the future? Orchestration Patch management Change management API

Change management

**Harold will modify an NACL to modify remote access to a cloud-based HR application. He will be submitting a detailed plan that outlines all details of the planned change. What process is he following? Cloud automation Change advisory Change management Rollout

Change management Change management includes recording the change, planning for the change, testing the documentation, getting approvals, evaluating and validating, writing instructions for backing out the change if needed, and doing post-change review if desired.

What are common automation systems that are used for patch management? Each correct answer represents a complete solution. Choose three. Chef Cloud-patch Ansible DevOps Puppet Cloud deploy

Chef Ansible Puppet

At the cloud provider premises, which of the following is/are a part of the cloud ecosystem? (select 3) Clients that are currently accessing the cloud over a network Clients joining the cloud (initiating access) Service level agreements with clients New hardware

Clients that are currently accessing the cloud over a network, Clients joining the cloud (initiating access), New hardware

Ann has created a master image of a web server that she plans to use for adding new servers for her horizontally scaled e-commerce site. What VM backup method can be used to create an image to be used as a template to create additional systems? Full backup Snapshot Clone Replicate

Clone

**Which of the following creates an identical copy of the data that may be a storage volume, a filesystem, or the logical unit number (LUN) on a storage area network (SAN)? Full backup Cloning Snapshot replicate

Cloning Cloning creates an identical copy of the data that may be a storage volume, a filesystem, or the logical unit number (LUN) on a storage area network (SAN).

Which of the following is an application deployment model in which an application runs in a private cloud or data center and moves into a public cloud when the demand for computing capacity spikes? Cloud bursting Cloud automation Multitenancy Resiliency

Cloud bursting

Explain cloud bursting in your own words. Illustrate with an example.

Cloud bursting is the process of having a temporary need for more capabilities or resources, borrowing & consuming those resources from another cloud, and releasing them back when done An example of this is a web application receiving high amounts of traffic at a given time, so it decides to provision its server on another cloud in order to handle the current capacity of users.

Who is responsible for all regulatory and security compliance requirements for a cloud deployment when implementing operations in the cloud? Cloud provider Cloud customer Third-party agency Service provider

Cloud customer When implementing your operations in the cloud, the cloud customer is responsible for all regulatory and security compliance requirements for his cloud deployment.

Niko is generating baseline reports for her quarterly review meeting. She is interested in a public cloud application server's memory utilization. Where does she generate these reports? Hypervisor Databases Logging servers Cloud management and monitoring application

Cloud management and monitoring application

**Which of the following types of deployment is referred to as a multi-availability zone architecture? Storage segmentation Cloud segmentation Computing segmentation Multifactor segmentation

Cloud segmentation is the process of dividing your cloud deployment into sections to allow for granular security polices to be applied. It is referred to as a multi-availability zone architecture.

orchestration platforms

Cloud software used to deploy and manage cloud services.

In order to maintain strategic flexibility and the ability to bring a cloud system back internally, which of the following is the MOST important requirement in the contract?

Cloud subscriber maintains ownership of their data

What is measured service? List some examples of metrics

Cloud systems automatically control and optimize resource use by leveraging a metering capability (examples: storage, bandwidth, processing, active user accounts)

CBN stands for:

Cloud-Based Networking

CBN stands for: (CLOUD ADOPTION)

Cloud-Based Networking

CEN stands for:

Cloud-Enabled Networking

CEN stands for: (CLOUD ADOPTION)

Cloud-Enabled Networking

orphaned resources

Cloud-based services that are left over when a service terminates and are no longer needed or used.

Which of the following is NOT true about the cluster manager? Cluster Manager is responsible for the operation of a collection of computers that are connected via high speed local area networks A Cluster Manager receives resource allocation commands and queries from the Cloud Manager Cluster Manager queries the Computer Managers for the computers in the cluster to determine resource availability, and returns messages to the Cloud Manager on whether part, or all, of a request can be satisfied in a cluster Cluster Manager uses the command interface of its hypervisor to start, stop, suspend, and reconfigure virtual machines, and to set the local virtual network configuration

Cluster Manager uses the command interface of its hypervisor to start, stop, suspend, and reconfigure virtual machines, and to set the local virtual network configuration

A cloud deployment that is off premises but for exclusive use of one or more particular organizations

Community

The public school systems in the greater Chicago region have collectively decided to setup an email system in the cloud for use by their faculty, staff and students. This could be an example of the _______ cloud deployment model.

Community

In IaaS, the _________ uses the command interface of its hypervisor to start, stop, suspend, and reconfigure the virtual machines.

Computer Manager

Which component of IaaS cloud architecture uses command interface of its hypervisor to start, stop or reconfigure virtual machines?

Computer Manager

A Cluster Manager queries the ______________ to determine resource availability, and returns messages to the ______________ on whether part, or all, of a request can be satisfied in a cluster.

Computer Managers, Cloud Manager

A user account that gains the needed permissions from a group membership is known as which of the following? A. Mandatory access control B. Open access C. Non-discretionary access control D. Discretionary access control

D

off-premise

Computing resources hosted remotely from a company's data center.

What are the recommended procedures to take when preparing an outage response plan? Each correct answer represents a complete solution. Choose three. Configuration backups SLA Documentation Diagrams DHCP

Configuration backups Documentation Diagrams

**A cloud architect is tasked with isolating traffic between subnets in an IaaS platform. The networks should be able to statefully communicate with each other. Given this scenario, which of the following should the architect implement? Configure HIPS policies. Configure IDS policies. Configure security groups. Configure a network ACL.

Configure security groups. A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. When you launch an instance in a virtual private cloud, you can assign up to five security groups to the instance. Security groups act at the instance level, not the subnet level. Therefore, each instance in a subnet in the virtual private cloud can be assigned to a different set of security groups.

Two major advantages of IT Architecture

Consistency and Standardization

Which of the following is/are true for Infrastructure-as-a-Service? (select 2) The consumer manages and controls the underlying cloud infrastructure Consumers can install operating systems compatible with the underlying virtualized hardware Includes delivery of fully featured applications that are targeted at private and business users Has a chargeback (measured service) capability to charge consumers for their resource usage

Consumers can install operating systems compatible with the underlying virtualized hardware, Has a chargeback (measured service) capability to charge consumers for their resource usage

Snapshots

Contain a copy of all data stored on a disk image EBS offers snapshot options, where it stores it in S3

____________ is an isolated workload environment that can be used for deploying and running microservices.

Container

Using an example, explain how Microservices Architecture facilitates continuous delivery practice across development teams.

Continuous Delivery practices encourage incremental additions as part of production. These additional features and capabilities are made possible by the separation and independence of services in a microservice architecture. An example of this is seen in the ability to fix bugs in a microservice architecture. A feature that handles a bug can be independently deployed, and the service can be updated without interrupting the process of continuous delivery (i.e. other service developments are unaffected).

Which capability offered by IaaS enables cloud subscribers to bring in their own set of cloud management tools from another vendor?

Control plane and self-service interfaces

image backups

Copies of complete hard drive volumes. They are also often called disaster backup, cloning, ghosting, image backups, or block-level backups.

A company security policy mandates education and training for new employees. The policy must include the controls attempt to get the system back to normal if any damage caused by an incident. Given these requirements, which of the following security controls is best suited? Corrective Detective Preventive Physical

Corrective

Storage Concerns

Cost Accessibility Durability Geographic Diversity Privacy

local backup

Created when data in a data center is stored on its primary storage array and a backup operation is performed.

on-premise

Creating and hosting cloud services in-house in a private enterprise data center.

Which of the following is NOT a Principal Component of IT Architecture Model? IT Application Landscape Software Reference Architecture Domain or Capability Model Cross-Functional Processes

Cross-Functional Processes

PaaS

Customer runs own code in some way Deploy applications on providers infrastructure

Which of the following is an early example of cloud technology? A. Top of rack policy enforcement B. Infrastructure As A Service C. Data center interconnects D. Web-based email in the form of Hotmail

D

Which of the following is false? A. Vulnerability testing seeks to find security flaws in the IT infrastructure B. Load testing can be critical to test promised service levels C. Common deployment types include Production, Development, and QA D. With public clouds, you can typically perform penetration testing whenever it's convenient for you

D

Which of the following is not a typical choice you must make regarding a target host in the cloud? A. RAM B. Disk Type C. CPUs D. 64-bit vs 32-bit

D

Which of the following is not a typical part of a cloud deployment execution plan? A. Workflow execution B. Documentation C. Change management D. Access audits

D

Which of the following is not a valid method of demonstrating strategic flexibility? A. Moving to a new application B. Avoiding vendor lock-in be ensuring migration to another cloud C. Bringing the IT infrastructure components in house D. Performing an annual independent audit of the cloud provider hardware

D

Which of the following is not considered a cloud computing risk? A. Loss of network connectivity B. Data stored in the cloud C. Network latency D. Host-based firewalls

D

Which of the following is related to monitoring and can be defined as an occurrence that is out of the ordinary? A. Event B. Correlation C. Baseline D. Anomaly

D

Which of the following is the meaning of PaaS? A. Ping as a Service ​B. Process as a Service ​C. Programming as a Service D. Platform as a Service

D

Which of the following methods can an Administrator use to force an array to allow data to be distributed one node at a time in a private cloud implementation? A. Least connections ​B. Least used ​C. Best bandwidth ​D. Round robin

D

Which of the following statements regarding CompTIA Cloud Essentials is incorrect? A. The certification is a Specialty certification B. There is an exam that maps to this course C. This course prepares you for the exam D. The course is specific to Cisco systems

D

Which term best describes the ability to rapidly increase user accounts for a given cloud service? A. Volatility B. Synchronicity C. Viability D. Elasticity

D

Which of following is the MOST beneficial aspect of public cloud deployment for a startup company? A. Ease of infrastructure management B. Reduced Mean Time to Implement ​C. Shared company resources D. No upfront capital expenditure (Official Sample Questions provided by CompTIA)

D. No upfront capital expenditure

Which of the following head-to-head comparisons might you engage in with your deployment test data? (Choose two) A. Existing logs B. Compliance reports C. User feedback D. SLAs E. Baselines

DE

James, a network administrator, is implementing a private cloud that will be used as a test environment. To limit the number of guests per subnet to a maximum of 14, he implemented a /20 network. Which of the following should he use to assign the networks? NAT DNS DHCP IPSec

DHCP

Which of the following is a hierarchical scheme of databases that map computer names to their associated IP addresses? NAT DHCP DNS IPSec

DNS

**During a disaster recovery switchover, which network services may need to be modified as part of a multisite failover to the backup site? Each correct answer represents a complete solution. Choose all that apply. DNS DHCP SSH FTP IPSec

DNS DHCP FTP The network disaster recovery services that need to be addressed are Domain Name Services (DNS), Dynamic Host Configuration Protocol (DHCP), File Transfer Protocol (FTP), Active Directory, Remote Authentication Dial-In User Service (RADIUS), and Terminal Access Controller Access-Control System (TACACS). These services are well suited for a multisite deployment that offers failover in case of an outage.

**Hank designed an application tier for his company's new e-commerce site. He decided on using an IP subnet that uses a /28 IPv4 subnet. He is planning for a maximum of 14 servers. You are brought in as a cloud architect to validate his design. What other devices may be on this subnet other than the servers that would also require IP address assignments? Each correct answer represents a complete solution. Choose all that apply. DNS SLA NTP DHCP

DNS NTP In addition to the web servers, IP addresses may be required for the NTP and DNS services and the default gateway. The domain name system (DNS) is the primary name resolution service on the Internet and private IP networks. It is a hierarchical system of databases that map computer names to their associated IP addresses. The network time protocol (NTP) allows all devices to synchronize to a central clock or time service. It ensures that all devices report the same times to allow for synchronization of logging information.

**You are architecting a new cloud virtual container. There will be a maximum of 11 servers in the subnet that will each require a private IP address. You decide to use a /28 subnet mask for the IPv4 addressing plan. What other devices may be on this subnet other than the servers that would also require that an IP address be assigned to them? Each correct answer represents a complete solution. Choose three. Default Gateway SLA DNS NTP API SNMP

DNS NTP Default Gateway

Which of the following is a virtual PC desktop that is hosted in the cloud and accessed remotely by thin clients? DaaS VPN NIDS CaaS

DaaS -Desktop as a Service (DaaS) is a virtual PC desktop that is hosted in the cloud and accessed remotely by thin clients.

In PaaS, which of the following components is NOT managed by cloud providers? Data Servers Virtualization Operating System

Data

S3 Storage

Data is stored as objects in folders, know as S3 buckets S3 buckets must have globally unique names

Failover clustering is typically used with: Application servers Clients Web servers Database servers

Database servers

Which of the following is a differentiating characteristic of private cloud solutions compared to public cloud solutions?

Private cloud solutions are dedicated for use by a single organization.

Homer designed an application tier for his company's new e-commerce site. He decided on an IP subnet that uses the /28 IPv4 subnet. He is planning for a maximum of 14 servers. You are brought in as a cloud architect to validate his design. What other devices may be on this subnet other than the servers that would also require IP address assignments? SLA Default gateway DNS NTP API SNMP

Default Gateway DNS NTP

A business is planning to migrate from a private cloud to a public cloud. To document business continuity, which of the following should be done first? Develop a disaster recovery plan with partners/third parties. Identify HA technology to provide failover. Define the set of application-based SLAs. Define the scope of requirements.

Define the set of application-based SLAs

workflow automation

Defines a structured process for a series of actions that should be taken in order to complete a process.

Health Insurance Portability and Accountability Act (HIPAA)

Defines the standard for protecting medical patient data. Companies that work with protected health information must ensure that all the required physical, network, and process security measures are in place and followed to meet these compliance requirements.

Optimize Database server

Depends on what the database server is doing Database servers often times aren't optimized

Architecture

Design - will it scale? is the system well designed? Redundancy - if one piece breaks the one failure won't cause the entire system to collapse Durability/reliability - reside in multiple data centers? is data backed up? exit strategy?

Which of the following is a reason for business users to be interested in cloud computing?

Desire for improved user experience

Which of the following is a reason for business users to be interested in cloud computing? (BUSINESS VALUE)

Desire for improved user experience

intrusion prevention systems (IPSs)

Detect suspicious activity on the network in real time, by passively monitoring traffic looking for signatures of network activity that indicate an intrusion based on predefined rule sets, and actively shut down the intrusion.

intrusion detection systems (IDSs)

Detect suspicious activity on the network in real time, by passively monitoring traffic looking for signatures of network activity that indicate an intrusion based on predefined rule sets, and generate alerts.

Which of the following networks is used in the creation and testing of new cloud-based services and is primarily used by software programmers and DevOps groups in the creation of new applications and services? Production network Quality Assurance network Development network Storage area network

Development network

Client/server model of computing

Device (phone, computer) reaches out to website, that website registers the tweet and send that information to others when they request it

To increase TipoftheHat.com's security posture, Alice is reviewing user accounts that access the community cloud resources. Alice notices that the summer interns have left to go back to school, but their accounts are still active. She knows they will return over the winter break. What would you suggest Alice do with these accounts? Do nothing Delete the accounts Disable the accounts Change the resource access definitions Modify the confederation settings Change the access control

Disable accounts

**As a security administrator of an enterprise data center, you need to check the operating systems that are being used in the company. You find one of the operating systems originally loads with unneeded services such as printing, various networking services such as DHCP, and an FTP server enabled. These services might expose the operating system to potential malicious activity. What will you do to harden the operating system? Remove the services that are not in use. Disable the services that are not in use. Install antivirus. Implement host-based firewall security.

Disable the services that are not in use If an operating system originally loads with unneeded services such as printing, various networking services such as DHCP, and a web or FTP server enabled, they should be disabled so there is no longer any exposure for attacks on those entry points.

Horizontal Scaling

Distributing additional work across more than one machine Ability to add resources at each layer of a system Requires load balancer to manage distribution of work Can require application reconfiguration Can require software changes Increase system complexity

Product Fit

Does the product meet business needs? Is the product intuitive? Dig into the vendor -- reputable? financially stable?

Cloud is essentially infinite

Due to resource pooling, economy of scale, and multitenancy

Local computing capability on or next to a sensor that is network-accessible is an example of __________

Edge Computing

Which of the following is a differentiating characteristic of private cloud solutions compared to public cloud solutions? (TECHNICAL PERSPECTIVES)

Private cloud solutions are dedicated for use by a single organization.

Pierre is deploying a solution that allows data for his e-commerce operations hosted in a public cloud to be reached at remote locations worldwide with local points of presence. He wants to reduce the load on his web servers and reduce the network latency of geographically distant customers. What are these facilities called? Region Edge location Availability zone Replication

Edge location

Which of the following components are required for a successful MSA implementation? [Select 3] Effective data and service management tools Decentralized approach to service development Hierarchical organizational structure with interdependent development teams Unique technology stack for each microservice Competency in agile and DevOps practices

Effective data and service management tools Decentralized approach to service development Competency in agile and DevOps practices

EC2

Elastic Compute Cloud Virtualized servers

A cloud infrastructure function that can grow and shrink to meet peak demand requirements quickly is known as: Autoscaling Variance Elasticity Trigger

Elasticity

The ability to dynamically add virtual machine compute resources on demand such as storage, CPUs, and memory is referred to as what? Bursting Pooling Elasticity Orchestration

Elasticity

Which of the following is the ability to automatically and dynamically add additional resources such as storage, CPUs, memory, and servers in the cloud? utoscaling Variance Elasticity Trigger

Elasticity

Connie is the chief information officer at a medium-sized accounting firm. During tax preparation season, the internal demand for computing resources rises, and then after the taxes are filed, the computing capacity is no longer needed. She is being asked to create a more efficient and agile solution to her company's operations that maximizes operational expenditures. What servers does the public cloud offer to meet her needs? Elasticity On-demand computing Availability zones Resiliency virtualization Pay-as-you grow Resource pooling

Elasticity On-demand computing Pay-as-you grow -all examples of being able to expand and contract cloud compute resources as your needs require.

cloud bursting

Elasticity model where a primary data center carries the current compute load, and when additional capacity is required, a remote cloud can assist with the load.

Security for Vendor Evaluation

Encryption - is data encrypted? who controls the keys? Incident response - what will the vendor do in a security incident? operate a 24/7 security operations center? Access management - integrate with existing control system? MFA? User management - how are new users created? how are users removed from the system?

Which of the following are common use cases of IaaS? [Select 3] Environment for application development and testing Learning Management System Business Continuity and Disaster Recovery High-Performance Computing Applications for enabling collaboration

Environment for application development and testing, Business Continuity and Disaster Recovery, High-Performance Computing

Randy is developing a new application that will be deployed in an IaaS-based public cloud. He builds a test image and deploys a test VM in his private cloud's development zone. When he restarts one of the Linux-based servers, he notices that his storage volume data is missing. What type of storage did he implement? Durable RAID Ephemeral Nondurable Block Object

Ephemeral Nondurable

jumbo frame

Ethernet frame larger than the standard 1,518 bytes.

When computing services or infrastructure is maintained on the private network:

Private clouds

Differing from more technology-oriented IT management approaches like network management and IT systems management, __________ is characterized by adopting a process approach towards management, focusing on customer needs and IT services for customers rather than IT systems, and stressing continual improvement.

IT Service Management (ITSM)

Differing from more technology-oriented IT management approaches like network management and IT systems management, __________ is characterized by adopting a process approach towards management, focusing on customer needs and IT services for customers rather than IT systems, and stressing continual improvement. (CLOUD IMPACT ON BUSINESS)

IT Service Management (ITSM)

Which of the following are necessary in designing an enterprise IT architecture? (Select 3) Human resources IT applications Business Model IT infrastructure and products

IT applications Business Model IT infrastructure and products

Why does cloud computing shift capital cost to variable cost?

IT assets are not owned by the customer

Which of the following cloud services would be used to pay for hardware when it is being used for computing, network space, and storage over the Internet? (CLOUD CHARACTERISTICS)

IaaS

Which of the following is the MOST significant difference between SaaS and IaaS?

IaaS can test network configurations.

Which of the following types of PaaS allows developers to have a streamlined deployment of applications while retaining control over the underlying infrastructure? IaaS-centric PaaS SaaS-centric PaaS Generic PaaS None of the above

IaaS-centric PaaS

Vertical Scaling Steps

Identify bottleneck Identify new server instance type Shut down server Select new instance type Start server

availability zones

Isolated locations within data center regions that public cloud services originate and operate.

When computing services or infrastructure is maintained on the private network: (TECHNICAL PERSPECTIVES)

Private clouds

Pete is troubleshooting a SQL database hosted in a public cloud using the IaaS service model. The database vendor has identified a bug in the table merge feature and is requesting that he install a software change that is designed for rapid deployment that corrects a specific and critical issue. What type of fix is this? Hotfix Patch Version Update Rollout

Hotfix

When you integrate cloud with a traditional on-premise system, which deployment model are you building?

Hybrid

__________ cloud enables data and application portability

Hybrid

When computing services or infrastructure is maintained on both private and public clouds:

Hybrid clouds

When computing services or infrastructure is maintained on both private and public clouds: (TECHNICAL PERSPECTIVES)

Hybrid clouds

Burst Capacity

Hybrid that kicks in when capacity is needed

Give 1 security recommendation for virtualization.

Hypervisor platforms with hardware assisted virtualization provides greater security assurance. Number of user accounts requiring direct access to hypervisor host should be limited to bare minimum. Place the management interface of the hypervisor in a dedicated virtual network segment. Communication from a given VM to the enterprise (physical) network should be enabled through multiple communication paths (or physical NICs) within the virtualized host.

A company wants to ensure that their cloud infrastructure is secure but fully available. They want to be alerted in the event of a security breach, but chose a response for each alert. Which of the following solutions would meet these requirements? DMZ WPAN HTTP IDS

IDS

Hank is researching the methods that his network operations center can use to access the Berlin hosted servers operating in a hybrid cloud configuration. Which of the following are not viable methods? Each correct answer represents a complete solution. Choose all that apply. RDP Telnet IDS/IPS DNS SSH

IDS/IPS DNS

Communications as a Service (CaaS)

It includes cloud-hosted voice, video conferencing, instant messaging, e-mail, collaboration, and other communication services.

To secure a data center interconnect between your company's Sydney and Berlin regions, you are being asked what a common solution is that allows interoperability between the various vendors' firewalls and routers in each region. What is a good solution for securing interconnects over the Internet and between dissimilar hardware and software security devices? AES SOC-3 IPSec RC5

IPSec IPsec implementations are found in routers and firewalls with VPN services to provide a secure connection over an insecure network such as the Internet and are standards based to allow for interoperability.

Which of the following authentication systems requires something you have and something you know? Single sign-on Mutual IDS Multifactor

Multifactor

It does not matter what portions of your current data center or infrastructure could be a possible security risk when moving that data to the cloud.

False

It does not matter what portions of your current data center or infrastructure could be a possible security risk when moving that data to the cloud. (CLOUD ADOPTION)

False

True or False: All microservices in a Microservices Architecture share one common database for easy data access.

False

True or False: By virtualization you can add more storage space than underlying hardware.

False

True or False: In PaaS, it is the subscriber who maintains a set of development tools and execution environments.

False

True or False: In Platform as a Service, the customer does not manage or control the underlying infrastructure but has control over storage and possibly limited control of networking components.

False

True or False: In cloud infrastructure, there is no way a customer can specify the location (country or region) of the provided resources as part of the service.

False

True or False: Multi-tenancy can only be applied to SaaS applications.

False

True or False: Public zone assets can be managed by an organization.

False

True or False: The number of user accounts requiring direct access to the hypervisor should be MAXIMIZED for increased security and redundancy.

False

True or False: Virtualization is a necessary step for cloud computing.

False

Virtualization technology is not an important skill for IT when adopting an IaaS strategy.

False

Virtualization technology is not an important skill for IT when adopting an IaaS strategy. (CLOUD IMPACT ON BUSINESS)

False

You can only use virtual servers in private clouds or traditional data centers.

False. All forms of cloud computing make use of virtual servers.

You can only use virtual servers in private clouds or traditional data centers. (TECHNICAL PERSPECTIVES)

False. All forms of cloud computing make use of virtual servers.

There are not legal risks when moving to the cloud.

False. Moving your data to the cloud created several legal questions that need to be addressed by your company's legal teams, especially if your company operates internationally.

There are not legal risks when moving to the cloud. (CLOUD RISKS)

False. Moving your data to the cloud created several legal questions that need to be addressed by your company's legal teams, especially if your company operates internationally.

Making use of cloud computing often slows down application development and architectural design.

False. Using cloud computing and making use of services that are distributed and already available for your development teams speeds up the time to market strategy for almost all new development projects.

Making use of cloud computing often slows down application development and architectural design. (TECHNICAL PERSPECTIVES)

False. Using cloud computing and making use of services that are distributed and already available for your development teams speeds up the time to market strategy for almost all new development projects.

Which of the following process is the first step towards application design? Choose communication protocols for interaction between layers and tiers Define public interface for each layer Focus on the highest level of abstraction and group functionalities into layers Determine how the application will be deployed

Focus on the highest level of abstraction and group functionalities into layers

When designing an application, the first task is to: Determine how the application will be deployed Choose the communication protocols to use for interaction between the layers and tiers of the application Focus on the highest level of abstraction and start by grouping functionality into layers Define the public interface for each layer

Focus on the highest level of abstraction and start by grouping functionality into layers

federations

Multiple organizations sharing the same application. The federated identity management approach allows all participants to consolidate resources. Users share a common set of policies and access rights across multiple organizations.

SaaS would be a good fit:_______________ AND _________________ [Select 2] For undifferentiated solutions that may not confer a competitive advantage When an application's Time to Market is a key pressure for development teams Applications where extremely fast processing of real time data is required Applications that have a significant need for mobile and web access Applications where legislation or other regulation does not permit data being hosted externally

For undifferentiated solutions that may not confer a competitive advantage, Applications that have a significant need for mobile and web access

Cloud First

From this point forward, everything will be built in the cloud

SaaS

Fully functioning product where customers only provide the data

Which of the following steps BEST lead to successful adoption of a cloud service?

Gather stakeholder requirements, select potentially suitable cloud providers, perform a pilot, and then select the most appropriate provider.

Which of the following steps BEST lead to successful adoption of a cloud service? (CLOUD ADOPTION)

Gather stakeholder requirements, select potentially suitable cloud providers, perform a pilot, and then select the most appropriate provider.

Discretionary access controls

Give users the ability to grant or assign rights to objects and make access decisions.

clusters

Groups of computers interconnected by a local area network and tightly coupled together.

Jarleen is a consultant tasked with migrating Health Med Records Inc. customer records to a cloud-based service offering a long-term archival system. Which U.S. compliance mandate must her company align with? SOC 3 HIPAA MPAA ISA 2701

HIPAA

virtualization

Hardware abstraction that allows a single piece of physical equipment to be presented to software systems and multiple platforms.

Downside of Vertically Scaling

Have to shut down your server You lose elasticity (have to design for the peak, so you waste resources when you aren't at peak)

A military facility is NOT able to fully embrace cloud computing because of which of the following?

High degree of confidentiality and operational assurance

mandatory access control (MAC)

Highly controlled systems where the access is defined by strict levels of access that are common in secure environments such as defense or financial systems.

Cloud Network

Highly virtualized and customizable

**A manufacturing company's current security policy mandates PII is not stored in the SaaS solution. Which of the following configuration controls should be used to block sensitive information from being stored in the SaaS solution? Implement a HBA. Implement a VPN. Implement a network ACL. Implement content filtering.

Implement a network ACL. A network access control list (ACL) is an optional layer of security for your virtual private cloud that acts as a firewall for controlling traffic in and out of one or more subnets. It contains a numbered list of rules that we evaluate in order, starting with the lowest numbered rule, to determine whether traffic is allowed in or out of any subnet associated with the network ACL.

Which of the following is a good case for IT outsourcing, as well as cloud computing?

Improving the overall cost structure

Which of the following is a good case for IT outsourcing, as well as cloud computing? (BUSINESS VALUE)

Improving the overall cost structure

Bus In a bus topology every node is connected to a central cable, referred to as the bus or backbone, and only one device is allowed to transmit at any given time.

In which network topology is every node connected to a central cable and only one device is allowed to transmit at any given time?

**John requires a data center full of the needed computing gear to support his company's operations where all computing is owned and operated by a single corporate entity. Which of the following computing types will accomplish John's requirement? In-house computing Client-server computing Virtualized computing Cloud computing

In-house computing -requires a data center full of the needed computing gear to support the company's operations. Engineers are needed to tend to the operating systems, applications, storage, and networks and all computing is owned and operated by a single corporate entity.

Which of the following is true for Software-as-a-Service? The consumer manages and controls the underlying cloud infrastructure Manages delivery of disk space, virtual CPUs, and database services Includes delivery of fully featured applications that are targeted at private and business users IT organization builds, deploys, and runs the solution

Includes delivery of fully featured applications that are targeted at private and business users

According to what we discussed in class, which of the following is the greatest benefit of public cloud deployment? Broader Geographic Distribution Cost Savings Increased Business Agility Increased Availability

Increased Business Agility

Which of the following is NOT a benefit of SaaS? Low initial cost Easy upgrades Increased administration Scalability

Increased administration

**Jill is performing a Tuesday night backup of a Tier 2 storage volume that she has already completed a full backup of on Sunday night. She only wants to back up files based on changes of the source data since the last backup. What type of backup is she performing? Full Differential Incremental Online

Incremental Incremental backups are operations based on changes of the source data since the last incremental backup was performed.

Which of the following recognized approaches for managing an organization's technology environment can be applied to cloud computing services?

Information Technology Infrastructure Library (ITIL)

IaaS stands for?

Infrastructure as a Service

Processor Types

Intel ARM AMD DVIDIA

___________ is the network of dedicated physical objects that contain embedded technology to sense or interact with their internal state or external environment.

Internet of Things

**Which of the following statements are true of cloud bursting? Each correct answer represents a part of the solution. Choose all that apply. It does not require compatibility between the designated public cloud platform and the private cloud. It is recommended for non-critical applications that handle non-sensitive information. It is an application deployment model in a hybrid cloud setup. It is used to move out applications to the public cloud to free up local resources to run business applications.

It is recommended for non-critical applications that handle non-sensitive information. It is an application deployment model in a hybrid cloud setup. It is used to move out applications to the public cloud to free up local resources to run business applications.

File Transfer Protocol (FTP)

It is used to send and receive files between systems on a network using a standard command set.

Payment Card Industry-Data Security Standard (PCI-DSS)

It sets the requirements to guarantee that companies that process, store, or transmit credit card information offer secure processing and handling of credit card data.

Redundant Array of Independent Disks, RAID level 5 (RAID 5)

It stripes file data, and check parity is stored over all the disks in the array. If any disk in a RAID 5 array fails, the parity information stored across the remaining drive can be used to re-create the data and rebuild the drive array.

Which of the following statements about Fog Computing are TRUE? [Select 2] It runs specific applications in a fixed logic location and provides a direct transmission service It supports processing of data of different forms acquired through various network communication capabilities Fog computing applications involve real-time interactions rather than batch processing Fog computing is limited to a small number of peripheral devices

It supports processing of data of different forms acquired through various network communication capabilities Fog computing applications involve real-time interactions rather than batch processing

ALB Components

Load balancer - entry point for user requests Listener - uses rules to map user requests to services in target groups Target group - contains multiple EC2 instances

Which of the following infrastructure services addresses the issues found when cloud workloads and connections increase to the point where a single server can no longer handle the workload or performance requirements of web, DNS, and FTP servers; firewalls; and other network services? Load balancing Certificate services Dynamic host configuration protocol Domain name service

Load balancing

Donald has been tasked by the IT security group in his company to prevent dictionary login attacks to the company's VMs running in a private cloud at a remote data center. You have been brought in to offer him advice to deter the random but steady login attacks. What would you recommend be enabled to help prevent this type of cyber-attack? Autoscaling Variance Lockout Trigger

Lockout

Downside of horizontal scaling

Lose simplicity Requires application itself to be aware of what's going on on each other

Which of the following are part of the service provider's responsibilities in a PaaS service? (Select 3) Applying security patches to the application as required Updating applications as required Maintaining an inventory of applications Providing execution environments for consumer's applications Providing a set of development tools

Maintaining an inventory of applications Providing execution environments for consumer's applications Providing a set of development tools

Which of the following is the function of orchestration services?

Manage the starting and stopping of application server clusters

**Harry is the cloud administrator for a company that stores object-based data in a public cloud. Because of regulatory restrictions on user access to sensitive security data, what type of access control would you suggest he implement to meet his company's security policies? Discretionary Mandatory RBAC Nondiscretionary

Mandatory mandatory access control approach is often found in high-security environments where access to sensitive data needs to be highly controlled. Using the mandatory access control approach, a user will authenticate, or log into, a system. Based on the user's identity and security levels of the individual, access rights will be determined by comparing that data against the security properties of the system being accessed.

A standard way of translating between software from different vendors is achieved by using:

Middleware

What is the biggest advantage of a layered application architecture?

Modularity: If you want to update something, you only need to change the respective layer.

Why Scale Vertically

Monolithic applications Legacy software No code changes necessary Easy to do

In cloud security, what does MFA stand for?

Multi-Factor Authentication

When single instance of a software application and its underlying infrastructure serves multiple user accounts

Multi-tenancy

Martha has configured a storage infrastructure where the file server sitting on an Ethernet-based LAN hosts shared directories, and files are sent over the network rather than blocks of data. What type of storage configuration is this? Direct-attached storage Network-attached storage Storage area networks Object-based storage

Network-attached storage

**Which of the following cloud components include traditional switching and routing as well as services such as load balancing, DNS, DHCP, and virtual private networks? Networking Automation Computing Storage Virtualization

Networking -Network cloud services include traditional switching and routing as well as services such as load balancing, DNS, DHCP, and virtual private networks.

production networks

Networks that host the live and in-use applications that are usually public-facing in the cloud.

development networks

Networks used in the creation and testing of new cloud-based services and primarily used by software programmers and DevOps groups.

Which of following is the MOST beneficial aspect of public cloud deployment for a startup company?

No upfront capital expenditure

**James has allowed access to a development server for certain hours of the day, granting another user complete control over a server fleet or storage system for administrative purposes. What type of access control is this? Discretionary Access Control Nondiscretionary Access Control Mandatory Access Control Role-Based Access Control

Nondiscretionary Access Control The given scenario is an example of nondiscretionary access. Nondiscretionary access control defines a set of rules to allow or deny access to an object, system, or service in the cloud. It is a method of access control that allows the objects to be accessed based on rules, privileges, and roles that define access.

Cloud Storage Costs

Object storage is much cheaper than block storage Object storage only incurred when used, while block is prepaid by block

**What is monitored in cloud management systems to collect performance metrics? Database Server Hypervisor Objects

Objects -Objects are queried to gather metric data.

Which of the following is a hosting service that is located remotely from a company's data center? Resource pooling Off-premise On-demand Measured service

Off-premise

A cloud subscriber may come under certain security constraints when hosting sensitive data in the cloud due to government regulations. Which of the following is the BEST mitigating control that could be implemented by the cloud provider?

Offer a single-tenancy software service with segregated virtualized infrastructure.

Disaster recovery in cloud

On premise infrastructure is subject to whether and malfunctioning Duplicate data across geographic location Both primary cloud use case and driving force behind cloud

**Pete accesses his account in a public cloud, adds two middleware servers to his fleet, and logs back off. What type of cloud feature allows him to add servers? Bursting Pay-as-you-grow Multitenancy On-demand

On-demand -allows a cloud customer to dynamically add resources with the use of an online portal.

Disk latency Disk latency is a counter that provides administrators with the best indicator of when a resource is experiencing degradation due to a disk bottleneck and needs to have action taken against it.

One of the virtual machines in your environment is not performing at an optimal level. You suspect that it is an issue with the hard disks. What is one of the counters you can use to test the performance of a hard disk?

Which of the following is the MOST widely used example of cloud computing?

Online email

Optimize File Server

Optimize storage

Which of the following modules are a part of the Integration Broker Pipeline? [Select 3] Orchestrate Governance Infrastructure Transform Security

Orchestrate, Transform, Security

**Which of the following automates tasks based upon the specific thresholds or events? Orchestration Thin provisioning Thick provisioning Authentication

Orchestration is a process, which automates tasks based upon the specific thresholds or events. Orchestration platforms provide an automated technique for managing the cloud or computing environment. It also helps an IT department to meet the typical business requirements through provisions, automated workflows, and change management features.

Which of the following types of cloud IaaS is operated by the cloud provider and located at the subscriber's end? External Private Cloud Virtual Private Cloud Outsourced Private Cloud Internal Private Cloud

Outsourced Private Cloud

cloud computing

Outsourcing of data center operations, applications, or any part of operations for a provider of computing resources.

Batch Processing

Overnight computing jobs

You are involved in a large-scale migration project that requires moving a Windows OS running on a dual-slot, eight-core server with no hypervisor in a data center to a VMware-based server in the public cloud. What type of migration is this? vMotionP2V Private to public V2V Synchronous replication

P2V

Cloud-based reports can be generated in which formats? Each correct answer represents a complete solution. Choose all that apply. PDF JSON Excel GUI CLI

PDF EXCEL

Which of the following protocols are used for messaging? Each correct answer represents a complete solution. Choose all that apply. telnet POP3 SMTP IMAP4

POP3 SMTP IMAP4

In which cloud computing model does the cloud provider takes responsibility up to the operating system level, including all hardware and OS software? UCaaS PaaS DaaS CaaS

PaaS

Which service model does not require consumers to manage or control the underlying cloud infrastructure, but maintain control over the deployed applications and configuration settings for the application hosting environment?

PaaS

**Which of the following enables consumers to rent fully configured systems that are set up for specific purposes? DaaS PaaS SAN CaaS

PaaS is a cloud computing service that enables consumers to rent fully configured systems that are set up for specific purposes. It provides a platform allowing customers to develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an application.

**Which of the following cloud service models enables a consumer to rent fully configured systems that are set up for specific purposes? CaaS PaaS NaaS DaaS

PaaS -is a cloud computing service that enables consumers to rent fully configured systems that are set up for specific purposes. It provides a platform allowing customers to develop, run, and manage applications without the complexity of building and maintaining the infrastructure

Which of the following is a piece of software that is intended to update an application, operating system, or any other software-based system to fix or improve its operations? Rollout PAtch Hotfix Version Update

Patch

Block Storage

Pay for storage reserved for you at all times Disk volume managed by OS EBS - elastic block storage

EBS

Pay for what you provision Provision blocks that are immediately available to your servers 3-nines of durable storage

The network operations center has implemented object tracking on their monitoring application. What information can this give them? Each correct answer represents a complete solution. Choose three. Resiliency trends metrics ACLs Peak usage Anomalies

Peak usage Anomalies Trends

Which of the following is the practice of testing a computer system, network, or web application to find security vulnerabilities that an attacker could exploit? Vulnerability scanning baselines Penetration testing Loading

Penetration testing

availability

Percentage of service uptime. It is the total uptime versus the total time.

Considering IU's enterprise network, name one system for each of the following zones in a zone-based network architecture: Perimeter zone Internal zone

Perimeter Zone: Email Internal Zone: Kuali

Which of the following processes should be implemented to validate the application security of the cloud provider's SaaS application?

Periodic penetration testing

Servers, storage, and network components are a part of _________ layer in the cloud infrastructure.

Physical

Ricky is in the process of migrating his company's servers to the cloud. When undertaking the migration, he is required to reinstall the operating system, application, and data files onto a new VM from scratch. What type of migration is Ricky performing? Virtual to virtual Physical to virtual Virtual to physical Physical to physical

Physical to virtual

Jennifer, a cloud administrator, is provisioning five VMs, each with a minimum of 8GB of RAM and a varying load throughout the day. The hypervisor has only 32GB of RAM. Which of the following features should the administrator use? Business continuity Asynchronous replication Process scheduling Synchronous replication

Process scheduling

Secure Sockets Layer (SSL)/Transport Layer Security (TLS)

Protocols that operate on top of TCP and provide an encrypted session between the client and the server.

Hypertext Transfer Protocol Secure (HTTPS)

Provides an encrypted connection from the client to the server to protect against the interception of critical information such as e-commerce or banking websites.

When computing services or infrastructure is maintained on the public network:

Public clouds

When computing services or infrastructure is maintained on the public network: (TECHNICAL PERSPECTIVES)

Public clouds

Which of the following applies only to public cloud computing as opposed to outsourcing?

Public clouds have no upfront CAPEX costs for hardware

Which of the following applies only to public cloud computing as opposed to outsourcing? (BUSINESS VALUE)

Public clouds have no upfront CAPEX costs for hardware

A new application patch is being validated prior to release to the public. The developers have a release candidate, and the DevOps manager is requesting a report that shows the pass/fail data to verify that the fix does, in fact, resolve the problem. What process is he verifying? Rollout Orchestration Automation QA

QA

A server technician has been given a task to select the appropriate RAID level that can recover the losing data if the server's hard drive crash. Which of the following RAID levels can fulfill this demand? Each correct answer represents a complete solution. Choose all that apply. RAID 0 RAID 1 RAID 5 RAID 10

RAID 1 RAID 5 RAID 10

The reference design for a database server recommends using a durable block storage option that is durable, offers high utilization rates, and also supports striping that allows a parity bit to be used to reconstruct a volume if a single SSD fails in the array. Which storage type stripes file data and performs a parity check of data over multiple disks that can recover from a single hard disk failure? RAID 0 RAID 1 RAID 3 RAID 5

RAID 5

Redundant Array of Independent Disks, RAID level 6 (RAID 6)

RAID level 6. This is an extension of the capabilities of RAID 5. In a RAID 6 configuration, a second parity setting is distributed across all the drives in the array. RAID 6 can suffer two simultaneous hard drive failures and not lose any data.

Common cloud resources in your deployment that may saturate over time include which of the following? Each correct answer represents a complete solution. Choose all that apply. RAM CPU Power PaaS

RAM CPU

What are the common cloud resources in a deployment that may saturate over time? Each correct answer represents a complete solution. Choose all that apply. RAM CPU Monitoring Storage

RAM CPU Storage

Which U.S. federal government policy and standard would you focus on to help secure information systems (computers and networks)? FedRAMP RMF FISMA Section 405.13 for DoD rule A286

RMF

James has been directed by his employer's finance department that they cannot afford to lose any more than 30 minutes of data in the case of a database failure or other catastrophic event. James has updated his corporate business continuity plan and has had his cloud provider update its SLA. What was the metric that was changed? SLA RTO RPO MTTR

RPO

Mark has been reviewing disaster recovery planning, and after receiving direction from his company's board of directors, it has been determined that they can only withstand a maximum of 36 hours of downtime. Mark is updating his DR plan with this new metric. What part of the plan should he modify? SLA RPO RTO MTTR

RTO

Leonard is creating disaster recovery documents for his company's online operations. He is documenting metrics for a measurable SLA that outlines when you can expect operations to be back online and how much data loss can be tolerated when recovering from an outage. Which metrics is he documenting? Each correct answer represents a part of the solution. Choose all that apply. RSO RTO RPO DR VxRestore

RTO RPO

If you need more capacity, cloud enables you to add more machines or storage and when you stop consuming it, that excess capacity is released back into the resource pool. This can be depicted by which characteristic of cloud computing?

Rapid Elasticity

Which of the following is not one of the characteristics of cloud computing? Resource pooling On demand self service Rapid virtualization Broad access

Rapid virtualization

Solutions based on big data architecture typically involve one or more of the following types of workload: (Select all correct answers) Real-time processing of data Batch processing of data Simulations or massive number crunching Store and process data in finite volumes

Real-time processing of data, Batch processing of data

Risk Mitigation

Reduces the likelihood or impact of the risk Ex: mitigate risk of flood by installing flood diversion system

Redundant Array of Independent Disks (RAID)

Redundant Array of Independent Disks. It involves combining physical disks to achieve redundancy.

You are evaluating the physical layout of a large public cloud company. Your company's operations require local data centers in Japan, Kuwait, Berlin, and Chicago to host low-latency web services for your customers. What cloud architecture should you implement? Regions Auto-scaling groups Availability zones Global DNS affinity

Regions

If you deploy failover clusters in your architecture, your application is built for:

Reliability

Which of the following is a typical concern for business and IT leaders, when adopting cloud computing? (CLOUD ADOPTION)

Security of current IT solutions

To meet regulatory requirements, your company must provide geographical separation between active and backup data of certain medical records your company collects and processes in Germany. The requirements stipulate that the data cannot leave the country and must be in two or more data centers. As the cloud professional for your company, what recommendations would you offer to meet these requirements? Remote Full Local Incremental

Remote

version update

Replacing a software product with a newer version of the same product. Version updates can add new features, bring the system up-to-date, provide a rollup of all previous patches, and improve the product.

Service Organization Controls (SOC 1)

Report (also known as SSAE 16 and ISAE 3402). This is a report that outlines controls on a service organization and the internal controls offinancial reporting operations.

Service Organization Controls (SOC 3)

Report for public disclosure of financial controls and security reporting.

Service Organization Controls (SOC 2)

Report that concerns a business's nonfinancial reporting controls for availability, confidentiality, privacy, processing integrity, and securityof a system.

Managed Database Service

Request database from cloud provider using platform of choice Transfer maintenance responsibility to cloud provider Incurs additional costs

Which of the following is NOT a benefit of using IaaS? Improves disaster recovery and business continuity Requires precise capacity planning Lowers up-front cost Faster time to market

Requires precise capacity planning

Build Database on Virtual Servers

Requires spinning up server and configuring databases Resembles on-premises Requires customer management of servers and databases

Which of the following is NOT a benefit of cloud computing? Easy to change resources and cost effective as compared to hardware solutions Helps manage software upgrades and installations Requires you to provision capacity by guessing theoretical maximum peaks No need to have an IT support organization to manage applications

Requires you to provision capacity by guessing theoretical maximum peaks

Domain Name System (DNS)

Resolves a hostname to an IP address to connect to a remote device. The DNS server contains a hostname to an IP address mapping database.

Which characteristic of cloud computing enables the multi-tenant model of computing resources, storage and memory?

Resource Pooling

A cloud service provider allocates resources into a group. These resources are then dynamically allocated and reallocated as the demand requires. What is this referred to as? off-premise Resource pooling On-demand Measured service

Resource pooling

**Jerry is explaining to his customer that the cloud virtualizes hardware resources such as memory, CPU, and storage. These resources are then allocated to virtual machines. What cloud concept is Jerry referring to? On-demand virtualization Dynamic scaling Resource pooling Elasticity

Resource pooling is a term used in cloud computing environment where the cloud service provider allocates resources into a group, or pool, and then these pools are made available to a multitenant cloud environment. The resources are then dynamically allocated and reallocated as the demand requires

ITAR

Restricts information from being disseminated to certain foreign entities that could assist in the import or export of arms. ITAR is a list of data security requirements that cloud companies can certify as being compliant with to meet this U.S. requirement.

Risk Management Strategies

Risk avoidance Risk transference Risk mitigation Risk acceptance

To ease the management requirements for the operations group, you are being asked to streamline user access control for your storage operations group. Many users and applications require rights to manage storage buckets and then put in a change request to have their rights removed when the change is completed. What rights management solution would you recommend to operations that reduces the labor of adding and removing users to the buck storage management group? Mandatory access control Nondiscretionary Roles Multifactor

Roles

Marlene is updating her horizontally scaled Internet-facing web servers to remediate a critical bug. Her manager has agreed to operate under reduced computing capacity during the process but stipulates that there can be no downtime during the process. What upgrade approach should Marlene perform to meet these requirements? Orchestration Rolling Hotfix Blue-green

Rolling

Network Load Balancer (NLB)

Routes traffic based on low level network protocols Scales to millions of requests per second

Application Load Balancer (ALB)

Routes user requests to multiple EC2 instances Allows for path and host based routing

automation

Software systems operating in a cloud provider's data center that automate the deployment and monitoring of cloud offerings.

You are reviewing your private cloud's infrastructure and are validating the resiliency of all systems. The data center has six racks of storage arrays that are configured to each lose one drive and remain operational. The servers hosting the hypervisors interconnect to these arrays and need to access block data that is lossless. What is the interconnect method commonly used? RAID 5 Zoning VMFS SAN DAS

SAN

Jennifer is reviewing a document from her secondary community cloud provider. What is the document that outlines specific metrics and the minimum performance that is offered by the cloud provider? SSL SLA Benchmarking Baseline

SLA

Which of the following regulatory requirements concerns a business's nonfinancial reporting controls for the availability, confidentiality, privacy, processing integrity, and security of a system? SOC 1 SOC 2 SOC 3 ISO 27001

SOC 2 The Service Organization Controls 2 (SOC 2) report concerns a business's nonfinancial reporting controls for the availability, confidentiality, privacy, processing integrity, and security of a system.

**What is a report for the public disclosure of financial controls and security reporting that does not contain sensitive and technical information called? SOC 1 SOC 2 SOC 3 FISMA

SOC 3 The SOC 3 report is for the public disclosure of financial controls and security reporting. Since the SOC 2 report can contain sensitive and technical information, the SOC 3 report was created to offer a diluted, marketing-oriented, or nontechnical summary of the SOC 2 report.

EBS Storage Classes

SSD - solid state drive - HDD - hard disk drive -

Which of the following are considered as secure network communication protocols? Each correct answer represents a complete solution. Choose three. DNS SSH HTTPS FTPS SMTP

SSH HTTPS FTPS

Which of the following is BEST used when setting up security for services being used within a public cloud?

SSL

Which of the following is BEST used when setting up security for services being used within a public cloud? (CLOUD RISKS)

SSL

**Brad has been tasked with encrypting data in flight into his e-commerce presence in a community cloud. He is investigating a standards-based secure solution that web customers can easily implement to ensure secure transactions. What is a good solution that you would recommend to Brad? ARP 3DES SSL IPSec

SSL Secure sockets layer (SSL) makes up a protocol group that operates on top of TCP to provide an encrypted session between the client and the server. It is commonly seen on websites implemented as the Hypertext Transport Protocol Secure (HTTPS) protocol.

Allison is working on her company's new e-commerce rollout at a large public cloud provider. She wants to secure all web traffic between the client and her site when a user proceeds to checkout and places orders. What security protocol would she be implementing? MD5 SSL/TLS IPsec VPN

SSL/TLS

Janine is in the process of implementing a hybrid cloud model that connects her company's private cloud to a public cloud that supports on-demand web hosting. To ease the management of the remote resources for her network operations center, she wants to implement LDAP in the remote cloud services to interconnect with her locally hosted Active Directory servers. What type of system is she deploying? Token-based 2FA SSO RSA Nondiscretionary

SSO

Art plans to implement a site backup plan for his company's inventory control database. To ensure a low RTO, he has decided to contract with multiple public cloud providers to back up each other. He is reviewing the service models as he prepares his migration plans. Which service model has the most lock-ins and is the most complex to migrate? IaaS PaaS SaaS XaaS

SaaS

G Suite (formerly known as Google Apps, and different than Google Cloud Platform) is a set of online applications allowing users to create and share documents. This best describes which cloud type?

SaaS

G Suite (formerly known as Google Apps, and different than Google Cloud Platform) is a set of online applications allowing users to create and share documents. This best describes which cloud type? (CLOUD CHARACTERISTICS)

SaaS

Gmail is an example of which cloud service offering?

SaaS

Peter has been tasked to develop a cross-cloud provider migration plan as part of his company's business continuity plan. As he assesses the feasibility of migrating applications from one public cloud provider to another, what does he find is the service model that has the most lock-ins and is the most complex to migrate? IaaS PaaS CaaS SaaS

SaaS

Twitter is a service that allows users to exchange short text messages. This is an example of:

SaaS

Which of the following delivers cloud-managed applications as well as the underlying platform and infrastructure support? SAN DaaS Saas CaaS

SaaS

Isolating guest Operating Systems from each other and limiting their capabilities (restricting access/privileges)

Sandboxing

Which of the following characteristics of cloud computing describes the ability to grow easily in response to an increase in demand?

Scalability

Which of the following characteristics of cloud computing describes the ability to grow easily in response to an increase in demand? (CLOUD CHARACTERISTICS)

Scalability

S3

Scalable Pay per use Pay for data transfer May be more difficult to access data directly from compute instance 11-nines of durable storage Can host files on web directly out of S3 bucket without needing a web server

If you divide your users into application-defined logical roles and grant access to them based on their role, your application is built for ________________

Security

Which of the following is a cross-cutting capability in the layered architecture we discussed in class? Security Service agents Data helpers/utilities Services layer

Security

Which of the following is a typical concern for business and IT leaders, when adopting cloud computing?

Security of current IT solutions

Cathy is preparing her company's migration plan from a private to a hybrid cloud. She wants to outline firewall and DDoS requirements. What document should she create? DIACAP Security policy Service level agreement SOC 2

Security policy

subnet mask

Segments an existing IP address in a TCP/IP network and divides the address into network and host addresses. Subnetting can further divide the host portion of an IP address into additional subnets to route traffic within the larger subnet.

_____________ allows the users/tenants of a cloud to do tasks themselves

Self-Service

_____________ allows the users/tenants of a cloud to do tasks themselves (CLOUD ADOPTION)

Self-Service

console port

Serial port for CLI access.

horizontal server scalability

Server capacity additions to respond to increased server workload.

vertical server scalability

Server capacity fluctuations in response to workload fluctuations. This is from additional resources or expansion of an individual server.

bare metal

Server hardware including motherboards and storage, processing, and networking components. A bare-metal server does not run a hypervisor.

Façade that exposes the business logic implemented in the application to the customers

Service Interface

In using a structured approach to explore the potential impact of cloud computing in an organization undergoing the impact and changes that occur during Cloud service adoption, which of the following is an ITIL Service Lifecycle consideration?

Service Operation

ITIL and cloud management is broken down in to: Service Strategy, Service Design, and ________

Service Transition

ITIL and cloud management is broken down in to: Service Strategy, Service Design, and ________ (CLOUD IMPACT ON BUSINESS)

Service Transition

As part of a critical SaaS application, one of the contractual statements by the cloud provider is a requirement to perform scheduled maintenance. This has a direct impact on which of the following?

Service operation

Which of the following is NOT a cross-cutting component of layered architecture? Communication Services Operational Management Security

Services

Which of the following statements about Microservices Architecture is FALSE? Services do not need to share the same technology stack, libraries, or frameworks Services can be updated without redeploying the entire application Each service is self-contained and should implement a single business capability Services should have tight coupling and low functional cohesion

Services should have tight coupling and low functional cohesion

You have been asked in a company security meeting about demarcation of security responsibilities between your private cloud and your public cloud provider. What model would you explain to your management the public cloud provider follows? Availability zones Community Shared responsibility Baselines

Shared responsibility

Risk Transference

Shifts the impact of a risk to another person Ex: insurance

Security through Obscurity

Should NOT want this Security of a system is dependent on people not understanding how the security controls work

You are a web server administrator of your company. You want to authenticate the end user for all the applications the user has been given rights to and eliminates further prompts when the user switches applications during the same session. Which approach of access control should you use? Multifactor authentication Single sign-on Role-based access control Mandatory access control

Single sign-on

Bill is a security engineer at your firm and is involved in a multifactor authentication project. What options do you suggest he offer to his user base to access their login tokens? Each correct answer represents a complete solution. Choose all that apply. Python app Smartphone app Automation systems Keyfob Cloud vendor management dashboard

Smartphone app Keyfob One-time numerical tokens are generated on keyfob hardware devices or smartphone soft-token software applications.

SaaS stands for?

Software as a Service

SaaS stands for? (CLOUD CHARACTERISTICS)

Software as a Service

When the services and infrastructure are provided off-site, over the Internet:

Software as a Service

When the services and infrastructure are provided off-site, over the Internet: (TECHNICAL PERSPECTIVES)

Software as a Service

Which of the following processes needs to be changed to better handle Change Management in the cloud?

Software distribution

Which of the following statements are TRUE for SaaS? [Select 2] Software is managed centrally by the cloud vendor Useful for batch computing and workloads that require large amounts of capacity on demand Allows easy upgrades and seamless scalability Provides on-demand and self-service application development

Software is managed centrally by the cloud vendor, Allows easy upgrades and seamless scalability

runbooks

Software processes that perform automated tasks and responses that simplify and automate repetitive tasks.

templates

Software representations of network systems. By using these templates, you can deploy complete cloud systems at a single time.

ubiquitous access

The ability to access cloud services from anywhere in the network from a variety of devices.

CPU affinity

The ability to assign a processing thread to a core instead of having the hypervisor dynamically allocate it.

elasticity

The ability to automatically and dynamically add resources such as storage, CPUs, memory, servers, and network capacity.

Hardware independence is:

The abstraction of your server OS from the server hardware and then packaging it into virtual machines

Hardware independence is: (BUSINESS VALUE)

The abstraction of your server OS from the server hardware and then packaging it into virtual machines

**A public cloud provider recently updated one of its services to provide a new type of application load balancer. The cloud administrator is tasked with building out a proof-of-concept using this new service type. The administrator sets out to update the scripts and notices the cloud provider does not list the load balancer as an available option type for deploying this service. Which of the following is the most likely reason? The administrator can deploy the new load balancer via the cloud provider's web console. The administrator is not using the correct cloud provider account. The administrator needs to update the version of the CLI tool. The administrator needs to write a new script function to call this service.

The administrator needs to update the version of the CLI tool. A command-line interface is a text-based interface tool used to configure, manage, and troubleshoot devices. It allows devices to be automated though configuration scripts. Users who become familiar with the CLI interface of a device are proficient in extracting detailed and specific data and effective configurations much more quickly than is possible when using a web browser.

thick provisioning

The allocation of all the requested virtual storage capacity at the time the disk is created.

resource pooling

The allocation of compute resources into a group, or pool. Then these pools are made available to a multitenant cloud environment.

thin provisioning

The allocation of the minimum amount of the requested virtual storage capacity required at the time the disk is created.

storage scalability

The amount of storage that can be added to increase capacity because of increased workloads.

recovery time objective (RTO)

The amount of time a system can be offline during a disaster. It is the amount of time it takes to get a service online and available after a failure.

virtual NICs

The hardware abstraction of a physical network interface card that is a virtualized representation of the NIC. VMs running on the hypervisor will use these for network connectivity to a vSwitch.

virtual switch

The hardware abstraction of a physical network switch that is a virtualized representation of the switch. The vSwitch runs on the hypervisor and interconnects the VMs to the physical data network.

mean time between failure (MTBF)

The life expectancy of a hardware component, in other words, how long it is expected to operate before a failure.

application life cycle

The management of a software application from the initial planning stages through to its retirement.

application programming interface (API)

The means to programmatically access, control, and configure a device between different and discrete software components.

database utilization

The measurement of database activity usually measured in I/O requests per second.

web server utilization

The measurement of load on a web server. This is usually measured in requests per second.

storage total capacity

The measurement of storage devices or volume capacity.

variance

The measurement of the spread between the baseline and measured result.

reliability

The measurement—usually, as a percentage—of successful service operations compared to the total number of operations.

data archiving

The movement of inactive data, infrequently accessed data, or data that is no longer being used, to a separate storage facility for long-term storage.

Which of the following is the MOST important service management consequence of elastic capacity?

The need for good performance monitoring and management

Which of the following is the MOST important service management consequence of elastic capacity? (CLOUD RISKS)

The need for good performance monitoring and management

What is a Service Level Agreement?

The parameters and definitions of what service a company will provide to customers

packet loss

The percentage or number of packets that are dropped in the network.

Which of the following do IT outsourcing and cloud computing typically have in common?

The possibility for vendor lock-in

Which of the following do IT outsourcing and cloud computing typically have in common? (BUSINESS VALUE)

The possibility for vendor lock-in

change approvals

The process dedicated to approving or denying all change requests submitted by an organization's IT operations.

Department of Defense Information Assurance Certification and Accreditation Process (DIACAP)

The process for computer systems' IT security. DIACAP compliance is required to be certified to meet the U.S. Department of Defense security requirements for contractors

authentication

The process of determining the identity of a client usually by a login process.

harden

The process of disabling all unused services, ports, and applications on a server to make it as secure as possible.

cloud segmentation

The process of dividing the cloud deployment into small sections to allow for granular security polices to be applied.

trigger

The process of initiating an event report based on a metric value or threshold that is considered to be outside your baseline.

change management

The process of managing all aspects of ongoing upgrades, repairs, and reconfigurations.

replication

The process of placing copies of stored data on more than one system for disaster recovery and resiliency purposes.

synchronous replication

The process of replicating data in real time from the primary storage system to a remote facility. Synchronous replication writes data to both the primary storage system and the replica simultaneously to ensure that the remote data is current with local replicas. Data is always consistent between replicas.

roll back

The process of returning software to a previous state.

penetration testing

The process of testing your cloud access to determine whether there is any vulnerability that an attacker could exploit.

recovery point objective (RPO)

The restore point you recover to in the event of an outage. The RPO is the amount of data that may be lost when restarting the operations after a disaster.

backup window

The time available for the backup operation to run while the target storage system is either offline or lightly used.

Window of Exposure

The time between the vulnerability being introduced and the patch deployment completing

mean time to switchover (MTSO)

The time required from when a service failure occurs to when the backup system resumes operations.

mean time to repair (MTTR)

The time required to repair a damaged hardware component.

instance initialization time

The time required to start a new compute instance.

CPU wait time

The time that a process or thread has to wait to access a CPU for processing.

task runtime

The time to run a task from the task request to task completion.

outage time

The total time of a single outage measured from when the outage began until it ended.

**David, a cloud administrator, has finished building a virtual server template in a public cloud environment. He is now cloning six servers from that template. Each server is configured with one private IP address and one public IP address. After starting the server instances, he notices that two of the servers do not have a public IP address. Which of the following is the most likely cause? The maximum number of public IP addresses has already been reached. The two servers are not attached to the correct public subnet. The two servers do not have enough virtual network adapters attached. There is no Internet gateway configured in the cloud environment.

The two servers do not have enough virtual network adapters attached. A virtual network adapter is a program (instead of a physical network adapter) that allows a computer to connect to a network. A virtual network adapter can also be used to connect all the computers on a local area network (LAN) to a larger network such as the Internet or a collection of LANs. A virtual network adapter is the logical or software instance of a physical network adapter that allows a physical computer, virtual machine or other computer to simultaneously connect to a network or the Internet. A virtual network adapter works like a typical network standard designed for various networking environments, application and services.

Which of the following statements are true about Private Cloud? [Select 2] The underlying infrastructure cannot be shared with others It can only exist on premises Provides an organization greater control over security and assurance over data location It is the cheapest deployment model

The underlying infrastructure cannot be shared with others, Provides an organization greater control over security and assurance over data location

What consequences does outsourcing IT and cloud computing have in common?

The use of external staffing

What consequences does outsourcing IT and cloud computing have in common? (BUSINESS VALUE)

The use of external staffing

Which consequences do outsourcing IT, as well as cloud computing, have in common?

The use of external staffing

Which consequences do outsourcing IT, as well as cloud computing, have in common? (BUSINESS VALUE)

The use of external staffing

jitter

The variable delay between packets from source to destination.

An organization upgraded a hosted vulnerability scanner to the latest version, and now tickets are not being created to assign critical vulnerabilities. After confirming the ticketing issue, all the scanning services are confirmed to be running on the VM. Which of the following is the most likely cause and the best method to fix the issue? There was an IP change to the VM. Make changes to the server properties. The upgrade has a bug. Reboot the server and attempt the upgrade again. There is an application compatibility issue. Roll back to the previous working backup. The vulnerability scanner is on a different subnet. Open the ports, and it will reconnect.

There is an application compatibility issue. Roll back to the previous working backup.

Everything as a Service (XaaS)

This is a complete IT services package that is a combination of many different types of cloud services.

Desktop as a Service (DaaS)

This is a virtual PC desktop that is hosted in the cloud and accessed remotely by thin clients.

Rivest Cipher 5 (RC5)

This is the replacement for RC4. It is also a symmetrical block cipher algorithm that uses a variable-length key.

Simple Mail Transfer Protocol (SMTP)

This is used to send e-mail messages between mail servers.

Business Process as a Service (BPaaS)

This is when a company outsources to the cloud many business applications, such as inventory, shipping, supply chain finance, and other business software applications.

Extensible Markup Language (XML)

This standard is a flexible way to describe data, create information formats, and electronically share structured data between computing systems.

Unified Communications as a Service (UCaaS)

This typically includes voice, video conferencing, instant messaging, e-mail, collaboration, and all other communication services that are hosted in the cloud.

Rivest Cipher 4 (RC4)

This uses a shared key to encrypt and decrypt a stream of data. RC4 was commonly used to secure wireless connections and web transactions as an encryption protocol used in SSL.

Cost Models of Storage

Tier data to optimize cost/performance S3 for reliable, durable, primary storage S3 for backups and redundancy Glacier for long term storage

The following reduces your company's ________: Because cloud computing greatly reduces this, on-demand, scalable, and elastic services, allow the company to get products out quicker.

Time to market

The following reduces your company's ________: Because cloud computing greatly reduces this, on-demand, scalable, and elastic services, allow the company to get products out quicker. (BUSINESS VALUE)

Time to market

extending the scope

To add new features and capacity to your cloud deployment.

Scalability

To allow a system to grow beyond its maximum capacity Adding or removing resources to a system to accommodate changes in demand

cloud management

To make sure a cloud deployment is optimized for the applications, meets performance agreements, is secure, has no faults or alarms, and is configured correctly; also that all accounting data is collected.

workflow services

Track a process from start to finish and sequence the applications that are required to complete the process.

It is important to use standardization on things such as data formats, virtual machine sizes, etc. because it helps facilitate, when the needs arises, to move from one cloud provider to another.

True

It is important to use standardization on things such as data formats, virtual machine sizes, etc. because it helps facilitate, when the needs arises, to move from one cloud provider to another. (TECHNICAL PERSPECTIVES)

True

It is possible that data can be lost or stolen when migrating to the cloud.

True

It is possible that data can be lost or stolen when migrating to the cloud. (CLOUD ADOPTION)

True

Multitenancy allows system resources to be fully utilized before another server is brought online, further reducing the operating costs and data centre cooling that is required along with it.

True

Multitenancy allows system resources to be fully utilized before another server is brought online, further reducing the operating costs and data centre cooling that is required along with it. (CLOUD CHARACTERISTICS)

True

Often times when using third party management tools for the cloud there is risk because of the possibility vendor lock-in.

True

Often times when using third party management tools for the cloud there is risk because of the possibility vendor lock-in. (CLOUD RISKS)

True

Server virtualization allows the underlying physical server hardware to be shared.

True

The management requirements of cloud computing become much more complex when you need to manage private, public, and traditional data centers all together. You'll need to add capabilities for federating these environments.

True

The management requirements of cloud computing become much more complex when you need to manage private, public, and traditional data centers all together. You'll need to add capabilities for federating these environments. (TECHNICAL PERSPECTIVES)

True

True or False: A load balanced cluster is a design for scalable infrastructure tier that accounts for changes in load while maintaining an acceptable level of performance.

True

True or False: In SaaS, consumers have limited admin control and full user level control over applications.

True

True or False: In application design, when moving from logical layers to physical tiers, it is possible to have ALL layers on a SINGLE tier.

True

True or False: In application design, when moving from logical layers to physical tiers, it is possible to have ONE layer on MULTIPLE tiers.

True

True or False: Mist computing is NOT a required sub-component of Fog Computing.

True

True or False: Platform as a Service model enables an abstraction of middleware, infrastructure and configuration details, thus helping reduce complexity.

True

True or False: Private Cloud can be deployed on as well as off premises.

True

True or False: User specific application configuration settings can be applied to a SaaS solution although it is limited.

True

True or False: When you move from traditional data center into cloud computing, you are shifting from a capital expense (CapEx) to an operational expense (OpEx)

True

True or False: With software-as-a-service, it is the vendor who builds, deploys, and runs the solution.

True

Virtual machines can be secured at the VM-level by using access control list and firewalls.

True

Virtual machines can be secured at the VM-level by using access control list and firewalls. (CLOUD ADOPTION)

True

Virtualization software separates physical infrastructures to create various dedicated resources.

True

Virtualization software separates physical infrastructures to create various dedicated resources. (CLOUD CHARACTERISTICS)

True

Web email is considered an early example of cloud adoption

True

Web email is considered an early example of cloud adoption (CLOUD ADOPTION)

True

Within cloud environments, the purpose of the Business Relationship Management process is extended to form and uphold the cloud service provider and the customer-business relationship

True

Within cloud environments, the purpose of the Business Relationship Management process is extended to form and uphold the cloud service provider and the customer-business relationship (CLOUD IMPACT ON BUSINESS)

True

You should be aware of which portions of your current data center or infrastructure can be a possible security risk when moving that data to the cloud.

True

You should be aware of which portions of your current data center or infrastructure can be a possible security risk when moving that data to the cloud. (CLOUD ADOPTION)

True

hot site

Two fully redundant cloud data centers in sync with each other, with the standby site backing up the primary in real time in the event of a failure.

Look at the quiz screen and identify: 1) UI component and 2) the presentation logic underlying that UI component

UI Component -could be buttons, textbox, etc. Logic - What happens when you click buttons/controls

NIST Cloud Computing

Ubiquitous, convenient On-demand Network-access Shared pool Configurable computing resources Rapidly provisioned and released Minimal management effort or service provider interaction

Virtual Private Cloud - VPC

Virtualize entire network instead of physical wiring Can control what servers make connections and talk to each other Used instead of VLAN (virtual local area network)

Principle of Least Privilege

User should have the minimum set of privileges necessary to perform its intended function

Which of the following is NOT true with respect to the characteristics of SaaS? Web access to commercial software Software delivered in a "one to many" model - multitenancy Users are required to handle software upgrades and patches Software is managed from a central location

Users are required to handle software upgrades and patches

Because of cost savings and the need to be able to dynamically scale resources, you have decided to move a fleet of virtual machines from your corporate data center to a public cloud IaaS service. However, the cloud provider has special hypervisor requirements that are different from your operations. What type of migration would you need to perform to move the VMs to the cloud? Orchestration P2V Private to public V2V Synchronous replication

V2V

An organization wants to create a server VM that is segregated from the rest of the servers. Which of the following should the server administrator configure? HBA VPN VNIC iSCSI

VNIC -is a program that virtualizes a physical network interface card, and is used by a virtual machine as its network interface. It enables the virtual machine to communicate with other virtual machines on the same host, but not on physical networks unless it is configured to bridge to the host NIC.

A _____ allows one network from a single geographical data center to communicate securely with a data center in a different locale.

VPN

A _____ allows one network from a single geographical data center to communicate securely with a data center in a different locale. (CLOUD ADOPTION)

VPN

James is requesting assistance in configuring a cloud solution that allows him to access his server fleet's management console hosted in a community cloud. He wants you to recommend a solution that allows access over the Internet from multiple remote locations. What solution would you recommend James to use? Load balancing Automation VPN Firewall

VPN

Which of the following is NOT a type of PaaS? SaaS-centric PaaS Generic PaaS IaaS-centric PaaS Virtualized PaaS All of the above are types of PaaS

Virtualized PaaS

Which of the following low-level security methods do the cloud provider use on their storage area network and storage head-end controllers? Each correct answer represents a complete solution. Choose two. ACL VSAN PKI LUN Masking

VSAN LUN Masking Virtual storage area network (VSAN) is implemented at the SAN level and LUN masking is configured on storage controllers, and they are low-level storage access methods.

Samantha has been monitoring her cloud web server dashboard and notices that the CPU utilization on her company's database servers has been consistently at more than 80 percent utilization. She checked her baselines and reported that 57 percent utilization is normal. What is she noticing? MTTR Variance Trigger Elasticity

Variance

Which of the following is referred to as the measurement of the difference between the current reading and the baseline value? Baseline Metric Smoothing Variance

Variance

When installing a new virtualized intrusion prevention system that is designed for cloud-based network micro-segmentation deployments, the management application requires you to download a Java configuration utility. What kind of automation system is this? CLI GUI Vendor based API RESTful

Vendor based

A MySQL database backend application operates on a multi-CPU instance that is nearing 100 percent utilization. However, the database can run on only a single server. What options are available to support the requirements of this database? Horizontal scaling Vertical scaling Pooling Bursting

Vertical scaling

Janice manages the MySQL database back end that runs on a multi-CPU instance that has reached 100 percent utilization. The database can run on only a single server. What options does she have to support the requirements of this database? horizontal scaling Vertical scaling Pooling Bursting

Vertical scaling

Bursting

Vertical scaling without downtime Limited to CPU only Limited to T3, T3a, T2, and T4g instance types

Which of the following can be considered a potential issue pertaining to IaaS? (Select all that apply) Upfront costs Flexibility Virtual Machine sprawl Network dependence Browser based risks

Virtual Machine sprawl Network dependence Browser based risks

**You are preparing a presentation to your company's IT management that explains physical resources that become virtualized and presented as resources to virtual machines running on hypervisors. What resources do the hypervisors consume? Each correct answer represents a complete solution. Choose two. Bare-metal cores Virtual RAM Virtual CPUs RAID Virtual Storage

Virtual RAM Virtual Storage A hypervisor virtualizes RAM and storage; the VMs operating on the hypervisor will access these pools. hypervisor will not consume bare-metal cores, virtual CPUs, and RAID.

In IaaS, which of the following components is NOT managed by subscribers? Applications Middleware Virtualization Operating System

Virtualization

Which of the following must be implemented by a cloud provider to ensure that different entities can authenticate and share basic user account information?

Virtualization

Which of the following must be implemented by a cloud provider to ensure that different entities can authenticate and share basic user account information? (CLOUD ADOPTION)

Virtualization

**In an IaaS environment, the security team issues a new signature file to prevent specific malware threats from infiltrating the company network. Which of the following describes where the security team should deploy the updated signatures? DMZ SSH WAF IDS

WAF A web application firewall (WAF) is a firewall that is deployed to secure an organization's web applications and other application-based infrastructure from attackers. It monitors, filters or blocks data packets as they travel to and from a Web application. It can be either network-based, host-based or cloud-based and is often deployed through a proxy and placed in front of one or more Web applications.

Example Server Roles

Web server Mail server Database server Application server File server

You access a PaaS cloud by what means?

Web services

You access a PaaS cloud by what means? (CLOUD CHARACTERISTICS)

Web services

Business Case

What are the upfront and recurring costs? How will pricing change over time? Duration - how long do you expect to use this service? Negotiating - lowering the price, extending terms

Which of the following questions should be considered before selecting a cloud computing vendor?

What cloud computing product will fit the business needs?

Which of the following questions should be considered before selecting a cloud computing vendor? (CLOUD IMPACT ON BUSINESS)

What cloud computing product will fit the business needs?

SSD A solid state drive (SSD) provides high performance, allowing for quick retrieval of data, and requires less power than a hard disk drive (HDD).

What technology would be the best solution when quick retrieval of data is required and power consumption is restricted?

RPO; RTO Many organizations have two recovery objectives when they are building their disaster recovery plan (DRP): the recovery time objective (RTO), which specifies an acceptable length of time the business can wait until data is fully restored, and the recovery point objective (RPO), which specifies how much lost data the business can tolerate if they would have to revert to the last completed backup job.

When building a disaster recovery plan, an organization should have two primary recovery objectives. Which two objectives should an organization consider?

Increase the speed of the Ethernet network; Isolate the storage network The speed of the Ethernet network that iSCSI uses to transport its commands directly affects the performance of the storage network. Also, isolating the storage traffic from the data traffic by creating separate networks prevents congestion on the data network from affecting the performance of the storage network.

When designing a network attached storage solution that utilizes iSCSI as a transport mechanism, what should you do in order to ensure the best performance?

cold site

When the backup data center is provisioned to take over operations in the event of a primary data center failure but the servers and infrastructure are not deployed or operational until needed.

pay-as-you-grow

When the consumer pays for only the cloud services used.

memory pools

When the hypervisor virtualizes physical RAM into pools that are allocated for use to the virtual machines.

storage pools

When the hypervisor virtualizes physical storage capacity into storage pools that are allocated for use to the virtual machines.

compute pools

When the hypervisor virtualizes the physical CPU into virtual pools that are allocated by the hypervisor to virtual machines.

CaaS Communications as a Service (CaaS) enables customers to utilize enterprise-level voice over IP (VoIP), virtual private networks (VPNs), private branch exchange (PBX), and unified communications without the costly investment of purchasing, hosting, and managing their own infrastructure.

Which cloud service model allows an organization to utilize enterprise-level VoIP, VPNs, PBX, and unified communications without having to purchase their own infrastructure?

UFS The Unix file system (UFS) is the primary file system for Unix operating systems.

Which file system is the primary file system for the Unix operating system and provides a hierarchical file system?

Guest tools Guest tools are software additions that are added to a virtual machine after the operating system has been installed; they enhance the performance of a virtual machine and improve the interaction between the virtual machine and the host computer.

Which of the following can be added to a virtual machine after the operating system has been installed to improve the interaction between the virtual machine and the host computer?

Caching A disk cache is a mechanism for improving the time it takes to read from or write to a disk resource by holding data that has been recently accessed. It is usually included as part of the hard disk and can also be a specified portion of a memory resource.

Which of the following is a mechanism for improving the time it takes to read and write to a hard disk drive?

Hypervisor A hypervisor is the component that creates and runs virtual machines and allows multiple operating systems to run on a single physical machine.

Which of the following is a piece of software or hardware that creates and runs virtual machines and allows multiple operating systems to run on a single physical machine?

25 Port 25 is the default port used for SMTP.

Which of the following ports is the default port for SMTP?

SMTP The simple mail transfer protocol (SMTP) is the protocol used to send electronic message (e-mail) over the Internet.

Which of the following protocols allows someone to send electronic messages over the Internet?

Syslog Syslog provides a mechanism for a network device to send event messages to a logging server or syslog server using UDP port 514 or TCP/514.

Which of the following protocols uses port 514 to send event messages?

Tape The primary use for a tape drive is for long-term or off-site storage.

Which of the following storage devices is used primarily for off-site storage and archiving of data?

Fault tolerance Fault tolerance allows a computer system to function as normal in the event of a hardware failure in one or more of the system's components.

Which of the following terms describes the process that allows a computer system to function as normal in the event of a failure in one or more of the system's components?

Type 1 A type 1 hypervisor is a bare-metal hypervisor interacting directly with the hardware, giving better performance and resource allocation than a type 2 hypervisor or virtual machines.

Which type of hypervisor allocates resources more efficiently?

Examples of _____ Area Networks are the Internet and VPN tunnels.

Wide

Examples of _____ Area Networks are the Internet and VPN tunnels. (CLOUD ADOPTION)

Wide

nslookup

Windows-based command-line utility used to resolve hostnames to IP addresses using a DNS server.

Which deployment system offers a structured process for a series of actions that should be taken in order to complete a process? NTP API Workflow Orchestration

Workflow

Which of the following tracks a process and sequences the applications that are required to complete the process? API Runbook Workflow Orchestration

Workflow

asynchronous replication

Writes the data to the primary storage location and then later sends copies to the remote replicas. With asynchronous replication, there will be a delay as the data is copied to the backup site and becomes consistent because it uses a store-and-forward design.

Cloud bursting Cloud bursting is the concept of running an application on the organization's internal computing resources or private cloud and "bursting" that application into a public cloud on demand when they run out of resources on their internal private cloud.

You need to implement a solution that primarily relies on a private cloud infrastructure but can utilize piblic cloud resources if capacity requirements change. What type of solution should you implement?

Incremental An incremental backup backs up only those files that have changed since your last backup. This makes incremental backups faster and requires less space, but the time it takes to perform a restoration is higher.

You need to recommend the appropriate backup method for your new cloud environment. The requirement is to have a backup that is fast and requires less space. The time it takes to perform a restoration is not a factor. What type of backup would you recommend?

Network ports

a specific address within a system guide traffic to the correct final destination

Which of the following are examples of vertical scaling? Each correct answer represents a complete solution. Choose all that apply. adding memory to host Adding more disks Increasing number of servers adding more cpu cores

adding memory to host Adding more disks adding more cpu cores

Source and Destination

address on left is source and address on right is destination Data flows left to right When writing firewall rules, need to know which way the connection goes, what is going where

Elastic block storage is to cloud servers

as physical hard drives are to physical servers

When using the ITIL standard the first step when considering when a company needs to implement a cloud network is to

assess what the business needs are

When using the ITIL standard the first step when considering when a company needs to implement a cloud network is to (CLOUD IMPACT ON BUSINESS)

assess what the business needs are

When utilizing cloud technologies, one of the biggest benefits is using ________, which allows things to take place in cloud loads without much user intervention.

automation

When utilizing cloud technologies, one of the biggest benefits is using ________, which allows things to take place in cloud loads without much user intervention. (CLOUD ADOPTION)

automation

You have been asked to migrate existing servers of your organization to cloud. Before you start migration, you want to determine the size of the virtual machines required for migration of servers. What is this statistics called? Vulnerability scanning baselines Penetration testing Loading

baselines

Eva is the network architect for her company's large cloud deployment; she has interconnected her private cloud to a community cloud in another province. She is investigating using the community cloud to supplement her private cloud workload during end-of-month processing. What operation is she going to perform? elasticity Bursting Vertical scaling Auto-scaling

bursting

When using cloud computing, you will shift _________ cost to _______ cost.

capital cost to variable cost

When using cloud computing, you will shift _________ cost to _______ cost. (BUSINESS VALUE)

capital cost to variable cost

Larken is reviewing the SLA and statement of responsibility with their community cloud provider PaaS. Who does the responsibility for stored data integrity in the cloud belong to? Cloud provider Compliance agency Cloud customer Shared responsibility

cloud customer

What are tightly coupled computers that allow for software patching without incurring downtime called? Blue-green Hotfix Runbook cluster

cluster

**Which of the following disaster recovery sites doesn't have any resources or equipment except for elevated floors and air conditioning? Hot site Warm site alternative site cold site

cold site

Multifactor Authentication

combines authentication techniques from two or more authentication categories Ex: password and Okta

A medical records company wants to take advantage of a complex application but wants to realize the cost savings by accessing a shared instance of the application hosted in the cloud. Because of regulatory requirements, what type of cloud delivery model would you recommend they use? Public Hybrid Private community

community

Kurt works as an IT manager for a small chain of dental offices. Because of budget constraints, he is unable to purchase, install, and maintain an enterprise-class application to provide HIPAA-compliant record keeping, billing, and scheduling. He has been investigating other options and found a cloud company that offers the same application in a shared environment with other small dental chains. What type of cloud is Kurt investigating? Hybrid Public Private community

community

Service Level Agreement (SLA)

contract that defines what services the provider will furnish and what standard the service must be at

**The ability to dynamically add additional resources on demand such as storage, CPUs, memory, and even servers is referred to as what? bursting pooling elasticity Orchestration

elasticity -Cloud automation systems offer the ability to dynamically add and remove resources as needed; this is referred to as elasticity.

A ________ cloud, also known as cloud federation, is the deployment and management of multiple external and internal cloud computing services to match business needs. A federation is the union of several smaller parts that perform a common action.

federated

A ________ cloud, also known as cloud federation, is the deployment and management of multiple external and internal cloud computing services to match business needs. A federation is the union of several smaller parts that perform a common action. (CLOUD ADOPTION)

federated

Which of the following is the means by which a person's electronic identity and attributes are linked across multiple distinct identity management systems? Public key infrastructure Federation Obfuscation Multifactor authentication

federation

James, a cloud architect, created a new delivery controller for a large VM farm to scale up according to organizational needs. The old and new delivery controllers now form a cluster. However, the new delivery controller returns an error when entering the license code. Which of the following is the most likely cause? Telnet SSL DHCP Firewall

firewall

Security Vulnerability

flaws in code lead to security vulnerabilities Security vulnerabilities get fixed with patches, which we see as security updates Most organization have many different components that require frequent security patches

Sharon has been directed to put together a disaster recovery plan based on directives from her company's executive management team. The company's core business is operating an e-commerce website selling winter apparel with 85 percent of its revenue received during the holiday season. If there was a prolonged outage, it would put the company's ability to continue as a financially viable operation in peril. Sharon has been instructed to create a plan that will restore operations in the shortest amount of time possible. Which disaster recovery model should she implement? Hot site Warm site Alternate site Cold site

hot site

Impact

how will the materialization of a risk affect our business?

Vulnerability Scanning

probes system for known security issues

Jillian is working on a project to interconnect her company's private data center to a cloud company that offers e-mail services and another that can provide burstable compute capacity. What type of cloud delivery model is she creating? Public Hybrid Community Private

hybrid

Which of the following is a composition of two or more clouds that are unique entities but are bound together and provide the benefits of multiple deployment models? Hybrid Public Private Community

hybrid

Your company has decided to interconnect its cloud services with three different service providers. What type of cloud delivery model is it creating? Public Community Private hybrid

hybrid

**Which of the following is an IP-based storage networking standard for linking data storage facilities? iSCSI DHCP DAS NAT

iSCSI Internet Small Computer System Interface (iSCSI) is an IP-based storage networking standard for linking data storage facilities. It is used to facilitate data transfers over intranets and to manage storage over long distances by carrying SCSI commands over IP networks.

Identification, authentication, authorization

identification = username authentication = password/MFA authorization = access

Risk Assessment

identifies and prioritizes risks need to weigh financial costs and determine how likely a risk is and the impact it would have

Which of the following is the variable delay between packets from source to destination? Latency Packet loss QoS jitter

jitter Jitter is the variable delay between packets from source to destination. The excessive jitter will cause buffering and unpredictable performance for real-time traffic such as voice and video networks.

Cloud computing allows business to move away from the need to have _______ capital expenditures related to computer hardware by utilizing the cloud instead.

large

Cloud computing allows business to move away from the need to have _______ capital expenditures related to computer hardware by utilizing the cloud instead. (BUSINESS VALUE)

large

**Which of the following allows you to access a self-service portal and instantly create additional servers, storage, or other services? Bursting Pay-as-you-grow Multitenancy on-demand

on-demand cloud service allows the cloud customer to access a self-service portal and instantly create additional servers, storage, processing power, or any other services as required. If the computing workload increases, then additional cloud resources can be created and applied as needed.

Essential Characteristics of Cloud

on-demand self-service broad network access resource pooling rapid elasticity measured service

Cloud computing allows for you to use _________ because you only pay based on your usage.

opex

Cloud computing allows for you to use _________ because you only pay based on your usage. (BUSINESS VALUE)

opex

Optimize Machine Learning Model

optimize CPU and memory

Something you know

password strong passwords are long and complex passphrases are better than passwords

Cheryl is preparing to perform a major upgrade on a critical virtual machine. She wants to have a back-out plan if the upgrade validation fails. What virtual machine backup method creates a file-based image of the current state of a VM including the complete operating system and all applications that are stored on it that she can use to restore the VM if the testing of the upgrade fails? Full backup Snapshot Clone Replicate

snapshot

cloud service models

standardized cloud service offerings.

There has been a large increase in the number of read requests over time on your SQL database. You have been asked to evaluate the baseline variances. What would be the focus of your troubleshooting? Memory CPU Storage Networking

storage

Which of the following determines the size of an IP network and divides the IP address into network and node portions? Default gateway Firewall VPN subnet mask

subnet mask

Carl is planning for a large advertising campaign his company will unveil. He is concerned that his current e-commerce server farm hosted in a public cloud will be overwhelmed and suffer performance problems. He is researching options to dynamically add capacity to the web server farm to handle the anticipated additional workload. You are brought in to consult with him on his options. What can you recommend as possible solutions? Each correct answer represents a complete solution. Choose three. vertical scaling horizontal scaling edge cache Cloud bursting Core elasticity

vertical scaling horizontal scaling cloud bursting

Matt is preparing for an upcoming promotion his company is offering during a major soccer game. He needs to determine his options to add capacity to his company's web server farm so it can handle the anticipated additional workload. You are brought in to consult with him on his options. What do you recommend as possible solutions? Each correct answer represents a complete solution. Choose all that apply. vertical scaling horizontal scaling variance cloud bursting trigger

vertical scaling horizontal scaling cloud bursting

Jillian is a Cloud+ consultant for an auto parts company based in central Michigan. She is putting together a disaster recovery plan that includes a remote backup site that has a SQL server instance running at that location with a synchronously refreshed data replica. Her plan calls for activating all other services in the event of a hurricane causing an outage at her primary data center. What model is Jillian going to deploy to meet the requirements? hot site Warm site Cold site Active/passive

warm site

Which of the following is the MOST likely reason for subscribing to PaaS?

​Application development

Which of the following is the MOST likely reason for subscribing to PaaS? A. Virus protection ​B. Software application access ​C. Application development D. Infrastructure tuning (Official Sample Questions provided by CompTIA)

​C. Application development

In keeping with organizational goals of a corporation when deploying an application to a cloud services provider, which of the following is NOT a selection criteria for choosing a pilot? A. Security of application data ​B. Usability in a cloud environment ​C. Successful completion D. Low impact of failure (Official Sample Questions provided by CompTIA)

​​C. Successful completion

In keeping with organizational goals of a corporation when deploying an application to a cloud services provider, which of the following is NOT a selection criteria for choosing a pilot?

​​Successful completion


Ensembles d'études connexes

AB2 Graphing Radical Functions Quiz 2-8

View Set

Bus Law Ch.19 Title to Goods and Risk of Loss

View Set

WHA Advance comp 2022 midterms study guide

View Set

Pharmacology: Chapter 39: Introduction to the Reproductive System

View Set