Cloud+
An administrator updated the device driver for a network adapter on a production system, but now the machine will not connect to the network. What are some reasons this could happen? (Select all that apply.) A. The IP address changed. B. The administrator installed a vendor-created driver. C. The administrator installed a generic driver. D. The administrator installed an untested driver.
C, D
Which of the following provides additional servers, either virtual or physical, to support increased workloads? (Select all that apply.) A. Scaling up B. Vertical scaling C. Horizontal scaling D. Scaling out
C, D
A cloud administrator is planning to migrate a globally accessed application to the cloud. Which of the following should the cloud administrator implement to BEST reduce latency for all users? A. Clustering B. Cloud bursting C. Auto-scaling D. Regions
D
A cloud administrator wants to use a network share to store files in the common Windows sharing format, which a web server will create but does not want to use a traditional file server. The administrator prefers using a serverless option so there are fewer cloud instances to manage. What storage protocol can the administrator use for this purpose? A. iSCSI (Internet Small Computers Interface) B. NFS (Network File Storage) C. FC (Fibre Channel) D. CIFS (Common Internet File System)
D
A company is concerned about the security of its data repository that contains customer PII. A systems administrator is asked to deploy a security control that will prevent the exfiltration of such data. Which of the following should the systems administrator implement? A. ADC B. FIM C. WAF D. DLP
D
A startup company requires a cheap cloud storage solution to accommodate its initially low overhead. The company only uses a few basic servers and primarily operates off of basic workstations. Which of the following storage options would make the most sense for the company right now? A. Block B. Object C. Blob D. File
D
After taking a new job at the state university, you are asked to recommend a network topology that best fits the large college campus. The network needs to span the entire campus. Which network topology would you recommend? A. SAN B. LAN C. WAN D. MAN
D
An administrator is updating the routers in the cloud environment by making the changes in the code and then applying the changes to all the routers. What is this approach known as? A. DevOps B. CI/CD C. IaaS D. IaC
D
An organization is responding to a data breach in the cloud network. The organization has completely restored normal operations to the production environment and has isolated the breach on a specific segment of the network to further investigate and collect evidence. What negative action will eliminate the organization's chances of taking legal action against the threat actors? A. Fail to examine and collect the cloud logs. B. Fail to take snapshots of the breached systems. C. Fail to use the CSP's tools to collect evidence. D. Fail to track the chain of custody.
D
An organization recently acquired a new company. The organization has an on-premises network extended to the Azure cloud, and the newly acquired company is using an Amazon Web Service (AWS) cloud deployment. What can the network administrator implement to allow the organization's network to communicate with the new company's network? A. VLAN Stretching B. NVGRE C. STT D. GENEVE
D
An organization was unable to relocate all on-premises resources to the cloud and now has concerns about the potential for data loss between the on-premises and cloud networks. What solution can the cloud administrator implement to mitigate this risk? A. RBAC B. FIM C. WORM D. CASB
D
What benefit to security does cloud micro-segmentation provide? A. VXLAN isolation B. VLAN isolation C. General resource hardening D. Granular resource hardening
D
What does providing a username and password do? A. Enables ACLs B. Performs authorization C. Performs MFA D. Proves identity
D
What is being configured, with three virtual machine instances being added to support an application? This can also be called scaling out. A. Load Balancing B. Scaling vertically C. Scaling in D. Auto-scaling
D
Which of the following cloud deployment models allows a company to have full control over its IT infrastructure? A. Cloud within a cloud B. Public C. Hybrid D. Private
D
Which term describes the proving of a user or device identity? A. Authorization B. PKI C. MFA D. Authentication
D
A cloud administrator would like to deploy a cloud solution to its provider using automation techniques. Which of the following must be used? (Select TWO). A. Tagging B. Auto-scaling C. Serverless D. Playbook E. Templates F. Containers
D, E
A systems administrator is provisioning VMs in a cloud environment and has been told to select an OS build with the furthest end-of-life date. Which of the following OS builds would be BEST for the systems administrator to use? A. Beta B. Stable C. Open-source D. Canary E. LTS
E
An administrator is reviewing logs in Event Viewer. Which of the following is NOT a primary log the administrator will see here? A. Application B. Syslog C. Security D. System
B
How does a host machine recognize memory used by virtual machines? A. It auto-configures swapping B. It doesn't perceive it C. It is seen as separate D. It hyperconverges
B
Organization security policies dictate standard security configuration settings for company Android smartphones used to connect to cloud services. What is required to ensure policy compliance and identify noncompliant devices? A. SCVMM B. Security configuration baseline C. Group Policy D. SCCM
B
The IT team is setting up a hybrid cloud environment that requires secure communication between the company's datacenter and the cloud service provider (CSP). What type of network configuration will provide tunneled connection between the company and the CSP that require less work for administrators and users? A. Software-Defined Network (SDN) B. Site-to-Site VPN C. Remote Access VPN D. Content Delivery Network (CDN)
B
What kind of compression would be used to store a data backup for your organization? A. Incremental B. Full C. Lossless D. Lossy
C
A cloud administrator is designing a multiregion network within an IaaS provider. The business requirements for configuring the network are as follows: -- Use private networking in and between the multisites for data replication. -- Use low latency to avoid performance issues. Which of the following solutions should the network administrator use within the IaaS provider to connect multiregions? A. Peering B. VPN C. Hub and spoke D. Gateways
A
A company needs to rehost its ERP system to complete a datacenter migration to the public cloud. The company has already migrated other systems and configured VPN connections. Which of the following MOST likely needs to be analyzed before rehosting the ERP? A. Licensing B. Right-sizing C. The network D. Software
A
A document management system is being tested on a cloud virtual machine. Additional vCPUs have been added to increase compute power for the app. Which of the following items could be affected by the change? A. Licensing B. Load balancing C. Network speed D. Page faults
A
A financial industry services firm was the victim of an internal data breach, and the perpetrator was a member of the company's development team. During the investigation, one of the security administrators accidentally deleted the perpetrator's user data. Even though the data is recoverable, which of the following has been violated? A. Evidence acquisition B. Root cause analysis C. Chain of custody D. Containment
A
A graphic designer utilizes company cloud resources to archive various products. The cloud administrator managing the space would like to use the available storage more efficiently but does not want to degrade the quality of the visual backups. Which method would make the most sense? A. Deduplication B. Compression C. CDN replication D. Distributed file system replication
A
A growing small-to-medium business has improved its revenue considerably over the past three years yet it was determined that this growth has failed to improve the bottom line enough to satisfy company leadership. The Chief Technology Officer has directed an effort to migrate certain solutions to a cloud environment as a means of reducing physical hardware overhead. What most likely illustrated this to the CTO, leading to this decision? A. Business needs analysis B. Trend analysis C. Baseline D. SOP
A
A systems administrator needs to configure a set of policies to protect the data to comply with mandatory regulations. Which of the following should the administrator implement to ensure DLP efficiently prevents the exposure of sensitive data in a cloud environment? A. Classification B. Integrity C. Segmentation D. Versioning
A
A systems administrator notices that a piece of networking equipment is about to reach its end of support. Which of the following actions should the administrator recommend? A. Replace the equipment B. Migrate the equipment to the cloud C. Update the OS D. Update the firmware
A
A virtual machine fails to utilize memory resources it normally uses during a certain time of day, and as a result, initiates a memory swap. What is most likely causing this remedial action? A. Ballooning B. Paging C. Hyperthreading D. Hyperconvergence
A
A website in Asia that sells inexpensive electronics and clothing has become quite popular with teenagers in the United States. What can the cloud administrator configure to ensure that network latency doesn't cause the website to load too slowly for users in the US? A. CDN (Content Delivery Network) B. SDN (Software-Defined Network) C. NIC teaming (Network Interface Card) D. Higher bandwidth
A
After troubleshooting cloud virtual machine connectivity, you determine that a cloud firewall rule prevented the connection. You modify the firewall and verify that connectivity succeeds. What is the last thing you should do? A. Document the solution B. Identify the problem C. Establish a theory of probable cause D. Test the theory
A
An AWS technician is provisioning six virtual processors to assist with an anticipated increase in workload. Each processor possesses eight cores. Using standard vCPU provisioning and multi-threading, how many total threads will the technician utilize in this effort? A. 96 B. 48 C. 24 D. 72
A
An administrator created a build and tested it extensively to correct the bugs and other issues, and then released it for use. What kind of build did the administrator create? A. Stable B. Long-term support C. Beta D. Deprecated
A
An administrator is configuring virtual servers for a help desk department. All servers will operate using virtualization and require the exact same level of compute power, memory, and applications. What would be the most efficient and consistent means of deploying the needed configurations? A. VM templates B. SDN C. FaaS D. Patches
A
An administrator is troubleshooting a failed orchestration job. Where should the administrator check for clues as to why the workflow failed and where to begin troubleshooting efforts? A. The administrator should check the last successful automation job. B. The administrator should ensure name resolution services are functional. C. The administrator should ensure that the SSH key identities match. D. The administrator should confirm the IP address configuration.
A
An administrator is trying to determine why an application in a container is not running. Which of the following does NOT represent an item the administrator should troubleshoot to determine the cause? A. An oversubscription of compute resources B. Container images are valid C. Container engine is running D. Container hosting the app is running
A
An administrator is using the ping command to test connectivity between the on-premises network and the cloud network. The response from the ping command is "Fail: DESTINATION HOST UNREACHABLE". What does this response indicate? A. The on-premises computer was not able to send the ping request because the connection is down. B. The on-premises computer was able to send the ping request but never received an answer. C. The on-premises computer has a problem. D. The cloud computer has a problem.
A
A Microsoft administrator must reconfigure storage by access requirements for a company. Which of the following tiers are potential options for the administrator to utilize as storage segments? (Select all that apply.) A. Hot B. Archive C. Standard infrequent D. Glacier
A, B
A user submitted a support ticket stating that their team is unable to access shared folders. When troubleshooting the issue, which of the following would be examples of identifying the problem rather than its scope? (Select all that apply.) A. The virtual host lost connection to network storage. B. Cloud web servers also cannot load data. C. All users are unable to access file shares. D. The virtual machine is powered off.
A, D
In which of the following circumstances would a hub-and-spoke SDN (Software Defined Networking) design be an appropriate choice? (Select all that apply.) A. When the organization needs to isolate workloads B. When the organization needs to centralize management of administrative tasks C. When the organization needs to delegate the management of Active Directory and DNS D. When the organization needs to centralize the management and analysis of traffic
A, D
A cloud administrator is looking at the company's cloud services bill for the previous month. The administrator notices on the billing dashboard that certain resources are not being billed to any particular department. Which of the following actions will help correct this billing issue? A. Check the utilization of the resources B. Modify the tags for all the unmapped resources C. Add the resources to the consumer monitoring group D. Modify the chargeback details of the consumer
B
A website administrator is storing a large amount of multimedia objects in binary format for the corporate website. What type of storage object is this considered to be? A. Metadata B. Blob C. Replica D. Object ID
B
An employee saved a file to the cloud network and then made a hash of the file. Two weeks later, the employee ran another hash on the same file. When the employee compared the values of the two hashes, they were exactly the same. Which goal of encryption has the employee demonstrated? A. Confidentiality B. Integrity C. Non-repudiation D. File integrity monitoring
B
An organization is using a public cloud to host sensitive information. The organization must ensure that the data is secure and private. What can the organization implement to provide greater security within the public cloud? A. VRF B. VPC C. vNIC D. Load balancer
B
What does load testing test? A. SLA B. Performance C. Security D. Baseline
B
What type of hypervisor is VMware Workstation? A. Type 4 B. Type 2 C. Type 3 D. Type 1
B
What type of operating system (OS) build is due for retirement and may no longer have active support? A. Beta B. Deprecated C. Stable D. Long-term support
B
What type of synchronization technology waits until all replicas confirm data writes before notifying an app that data has been committed to disk? A. Asynchronous B. Synchronous C. Failover zone D. Cloning
B
Which CLI tool would you use to check if a service was actively listening on a TCP port on a Windows host? A. arp B. netstat C. ping D. tracert
B
Which configuration management tool is appropriate for automating cloud tasks using the concept of "playbooks?" A. Chef B. Ansible C. Puppet D. PowerShell
B
Which does hashing accomplish? A. Authentication B. Data integrity C. Encryption D. Availability
B
A business would like to map out its IT infrastructure needs. Leadership has determined that the CapEx requirements will be factored into the budget first. Which of the following items would fall under this category? (Select all that apply.) A. Utilities B. Servers C. Datacenters D. Payroll
B, C
Which of the following are examples of block storage? (Select all that apply.) A. Azure File Storage B. GCP Persistent Disk C. Azure Blob Storage D. GCP Cloud Storage
B, C
A cloud architect establishes a Data Loss Prevention (DLP) program for their companies' cloud infrastructure. Which of the following are goals that they should architect towards? (Select all that apply.) A. Segment networks into logical data areas B. Identify confidential data in use C. Apply protection automatically D. Monitor for exfiltration
B, C, D
A systems technician is enabling drive encryption for devices in the enterprise. What are the tools available for the technician to achieve this? (Select all that apply.) A. Encrypting File System B. LUKS C. gzip D. BitLocker
B, D
A company has asked an administrator to suggest options that would allow the company to have an almost entirely logical solution from the current physical hardware in place. The company has already procured a host of virtualization resources, including VMs, hypervisors, vCPUs, and vNICs. Which method would permit the company to add a virtual storage option to the entire solution? A. Persistent storage B. SDN C. Hyperconvergence D. SAN replication
C
A database administrator works for a critical financial institution which requires the client machines to be informed after multiple servers have a copy of the transaction. What type of replication should the administrator set up? A. Site-to-site B. Snapshots C. Synchronous D. Asynchronous
C
A private IaaS administrator is receiving reports that all newly provisioned Linux VMs are running an earlier version of the OS than they should be. The administrator reviews the automation scripts to troubleshoot the issue and determines the scripts ran successfully. Which of the following is the MOST likely cause of the issue? A. Misconfigured script account B. Incorrect provisioning script indentation C. Wrong template selection D. API version incompatibility
C
Administrators have deployed a web application in the cloud. Users complain about sluggish application performance during peak usage. What should you configure? A. Cloud template B. Isolated cloud network C. Load balancer D. Failover cluster
C
An on-premises cloud network usually has enough resources to handle all the online traffic for a busy department store. However, when the department store has special sales, the on-premises network becomes oversaturated with traffic. To mitigate this issue, the administrator configured the network to add virtual machines from a public cloud network as necessary. What type of right-sizing model does this represent? A. Horizontal scaling B. Vertical scaling C. Cloud bursting D. Auto-scaling
C
An organization has both Windows and Linux instances running and collecting log file information. What protocol will send the information to the centralized management information base (MIB)? A. Nmap B. SSH C. SNMP D. TLS
C
An organization hired a new administrator to upgrade the VPN (Virtual Private Network) that employees use for off-site connections to the organization's network. The VPN is currently using PPTP (Point-to-Point Tunneling Protocol) to encapsulate the data packets and provide encryption. What tunneling protocol will the administrator implement for the upgraded VPN? A. HTTPS B. GRE C. L2TP/IPsec D. SSH
C
Which service is used to assign IP configurations to hosts dynamically? A. NTP B. NIDS C. DHCP D. DNS
C
Which type of network storage is accessible using standard file sharing protocols? A. SAN B. LUN C. NAS D. iSCSI
C
You are a member of a team that is setting up an overnight maintenance schedule for your systems. What is the time frame for maintenance to be completed called? A. Downtime B. Peak hours C. Maintenance window D. Follow the sun
C
You are automating a cloud deployment workflow with a runbook. What is each runbook task called? A. Branch B. Station C. Activity D. Script
C
You are deploying a new cloud virtual machine. The virtual machine will host an app that is very disk I/O intensive. While creating the virtual machine, what should you configure? A. Storage mirroring B. Decrease IOPS C. Increase IOPS D. Replication
C
You are troubleshooting VPN endpoint failures from an on-premises network connecting to a cloud network through an L2TP VPN that worked until recently. The VPN uses a PKI certificate to authenticate the tunnel endpoints. What is the most likely cause of the problem? A. Only PPTP supports PKI certificates. B. The VPN connection is oversaturated with network traffic. C. The certificate has expired. D. Only GRE supports PKI certificates.
C
You are unable to SSH into a Linux virtual machine. Which firewall port must be open to allow Linux virtual machine management using SSH? A. 3389 B. 25 C. 22 D. 389
C
You have an auto-scaling group of web servers behind a load balancer. You discover that one of the web servers in the auto-scaling group is under 100 percent utilization, while the other web servers are completely unutilized. What is most likely the problem? A. The auto-scaling group is set up incorrectly. B. The other web servers are infected. C. The load balancer is misconfigured. D. The affected web server is infected.
C
You want to apply patches that will prevent malicious programs from escaping virtual machines and attacking the physical machine. What would you patch to do this? A. Guests B. Virtual appliances C. Hypervisors D. Clusters
C
You want to determine what kind of attacks can successfully compromise your network. What type of testing should you do? A. Vulnerability testing B. Automation/orchestration C. Penetration testing D. Load testing
C
A backup administrator is researching options to store backup data in the cloud. Other than the cloud's potential to become an offsite storage solution in a disaster recovery scenario, what would not benefit from using a Storage as a Service (STaaS) cloud subscription? (Select all that apply.) A. Scalability B. Accessibility C. Data control D. Vendor lock-in
C, D
An administrator inadvertently discovered an unsecured device on the cloud network. What should the administrator check? (Select all that apply.) A. WAF rules meet requirements B. WAF positioned in front of web application servers C. Configuration management settings on the NAC D. Which network entry points are being checked
C, D
An administrator is evaluating the infrastructure and services provided by an organization's datacenter for a P2V migration. What reasons might the administrator be doing this? (Select all that apply.) A. The administrator is preparing the organization to move from the cloud to an on-premises solution. B. The administrator is preparing the organization to move from a virtualized solution to the cloud. C. The administrator is preparing the organization to move from on-premises to a cloud solution. D. The administrator is preparing the organization to move from on-premises to a virtualized solution.
C, D
An administrator is installing a vulnerability scanner. In which instances can the administrator use the standard administrative console provided by the CSP? (Select all that apply.) A. Standalone virtual machine B. Standalone cloud C. Public cloud D. Hybrid cloud
C, D
You are looking to migrate some physical hosts into the cloud. You have two on-premises hypervisors hosting various virtual machines, Host 1 and 4. Host 2 is a custom web application server and Host 3 is a storage server. Which server is best suited to a P2V migration? A. Host 2 B. Host 1 C. Host 3 D. Host 4
A
Which type of migration uses an on-premises physical server as the source and results in an on-premises physical server? A. P2P B. V2V C. P2V D. V2P
A
You are a member of a cloud migration team for an international firm. The migration of IT services is set to occur 24 hours a day for the next week. Which method will allow technicians to sleep while others in later time zones continue working? A. Follow the sun B. Downtime C. Peak hours D. Maintenance windows
A
You are asked to configure a cluster for high availability (HA). What is required for this? A. Multiple hypervisors B. Snapshot C. Shared storage D. V2V
A
You are configuring SELinux operating system resource labels to secure a cloud-based virtual machine. What type of access control model is this? A. Mandatory access control B. PKI C. TPM D. Discretionary access control
A
You are deploying a firewall device in the cloud. To make certain administrators are notified of any issues the firewall encounters in a timely fashion, what should you implement? A. Alert notifications B. Dual Internet connections C. Multiple nodes D. Runbooks
A
You are looking for a package of patches to apply to a virtual machine. What should you search for? A. Service pack B. Hotfix C. Version update D. Rollbacks
A
You are looking to implement a system that would allow your users to sign in once and be able to access everything. What solution would allow you to do this? A. Microsoft ADFS B. MFA C. Microsoft AD D. RBAC
A
Which troubleshooting step follows verifying system functionality? A. Test the theory B. Establish a theory of probable cause C. Documentation D. Problem identification
C
Which type of activity identifies the scope of impact that negative events can have on IT systems and processes? A. BCP B. DRP C. BIA D. SLA
C
Which type of testing attempts to actively exploit discovered vulnerabilities? A. Port scan B. Vulnerability C. Penetration D. Subnet scan
C
You are configuring a remote connection for a user workstation. What port must be allowed through the firewall for a Remote Desktop connection? A. 22 B. 23 C. 3389 D. 389
C
You are configuring a subnet IP address range for a cloud network. The network address is 128.16.6.0/16. How many usable IP addresses are available on this network? A. 65,535 B. 65,536 C. 65,534 D. 254
C
You are looking to spread a workload over multiple VMs to handle a busy workload. What term best describes this? A. Scaling in B. Scaling up C. Scaling out D. Scaling down
C
You are responsible for migrating an on-premises database solution to the public cloud. Which of the following could potentially cause problems with the migration? A. Database IP address B. Database listening port C. Format of the workload D. Names of database tables
C
You are searching a vendor website for a patch that addresses a specific problem with a cloud virtual appliance. What should you search for? A. Service pack B. Version update C. Hotfix D. Rollback
C
You have successfully solved an issue with your syslog server. After verifying that the fix you have made is effective, what step should you take? A. Establish a plan of action B. Test your theory C. Document your actions and what you have found D. Identify the problem
C
Which of the following service models would be used for a database in the cloud? A. IaaS B. PaaS C. CaaS D. SaaS
B
What can be used to verify data integrity? A. High availability B. Replication C. Load balancing D. Hashing
D
Which of the following terms is most closely related to hashing? A. Encryption B. Data integrity C. Confidentiality D. Availability
B
Which of the following utilities is considered secure? A. FTP B. SSH C. Telnet D. POP3
B
Which of the following cloud services is fully managed? A. IoT B. SaaS C. Serverless compute D. IaaS E. GPU in the cloud
B
Which type of site places data near processing systems? A. Hot site B. Cold site C. Edge site D. Warm site
C
Which type of backup captures only data changes made since the last full backup? A. Differential B. Full C. Incremental D. Copy-on-write
A
A DevOps administrator is automating an existing software development workflow. The administrator wants to ensure that prior to any new code going into production, tests confirm the new code does not negatively impact existing automation activities. Which of the following testing techniques would be BEST to use? A. Regression testing B. Vulnerability testing C. Usability testing D. Penetration testing
A
A VDI administrator has received reports from the drafting department that rendering is slower than normal. Which of the following should the administrator check FIRST to optimize the performance of the VDI infrastructure? A. GPU B. Storage C. CPU D. Memory
A
A cloud administrator has deployed a new VM. The VM cannot access the Internet or the VMs on any other subnet. The administrator runs a network command and sees the following output: IPv4 Address . . . . . . . . 172.16.31.38 Subnet Mask . . . . . . . . 255.255.255.224 Default Gateway . . . . . . . 172.16.31.38 The new VM can access another VM at 172.16.31.39. The administrator has verified the IP address is correct. Which of the following is the MOST likely cause of the connectivity issue? A. The wrong gateway B. A duplicate IP on the network C. Firewall issues D. A missing static route
A
A cloud administrator has received an automated email alert from software that has detected an anomaly in the normal system behavior. What type of software alerted the administrator? A. HIDS B. IPS C. Antivirus D. Firewall
A
A cloud administrator is developing a scalability strategy for servers that are expected to anticipate change frequently. Which strategy should the administrator utilize? A. Auto-scaling B. Right sizing C. Horizontal scaling D. Vertical scaling
A
A cloud administrator is extending the use of virtual local area networks in their Azure cloud environment. Which solution should the administrator use? A. NVGRE B. STT C. VXLAN D. NVGRE, VXLAN, and STT can all be used together
A
A cloud administrator is migrating services from the on-premises network to the cloud network. What phase of the lifecycle roadmap does this activity fall in? A. Maintenance B. Deployment C. Deprecation D. Development
A
A cloud administrator is planning a migration to a new public IaaS provider. The security architect wants to implement the new provider's proprietary integrated network DLP solution. However, the cloud administrator is proposing the enterprise-approved DLP solution be installed and the existing policies be imported into the new environment. Which of the following is the BEST reason for using the enterprise-approved DLP solution? A. To avoid vendor lock-in and allow for future migrations to a new provider B. To reduce the time it takes to migrate the DLP solution to the new provider C. To adhere to company policies regarding approved software D. To leverage the prior work in defining the company's DLP policies
A
A cloud administrator is reviewing the annual contracts for all hosted solutions. Upon review of the contract of the hosted mail solution, the administrator notes the monthly subscription rate has increased every year. The provider has been in place for ten years, and there is a large amount of data being hosted. Which of the following is a barrier to switching providers? A. Vendor lock-in B. Memorandum of understanding C. Service-level agreement D. Encrypted data
A
A cloud administrator is setting up security measures for a publicly available web service. Which of the following is the most suited solution for this scenario, understanding that security is a defense in depth approach? A. Web application firewall B. Load balancer C. Firewalls D. GENEVE
A
A cloud administrator is switching hosting companies and using the same script that was previously used to deploy VMs in the new cloud. The script is returning errors that the command was not found. Which of the following is the MOST likely cause of the script failure? A. API version incompatibility B. Account mismatches C. Server name changes D. IP address changes
A
Which type of document provides task completion steps to ensure consistent task execution? A. SOP B. SLA C. DRP D. BIA
A
A cloud architect has a migration contract for a company. That wants to keep the migration fast and simple. Which of the following type of migration would work the best for the company? A. Rehosting B. Replatforming C. Refactoring D. Retaining
A
A cloud architect wants to minimize the risk of having systems administrators in an IaaS compute instance perform application code changes. The development group should be the only group allowed to modify files in the directory. Which of the following will accomplish the desired objective? A. Restrict the file write permissions to the development group only. B. Add access to the fileshare for the systems administrator's group. C. Remove the file write permissions for the application service account. D. Deny access to all development user accounts
A
A cloud database virtual machine uses four separate disk volumes. Each disk volume needs to grow dynamically. What should you use to configure the disks? A. Thin provisioning B. Tokenization C. Object storage D. Thick provisioning
A
A company is currently switching its network protocols after a successful breach. Attackers stole a small amount of PII resulting from a packet sniffing attack. Which solution will help the company prevent this attack moving forward? A. IPsec B. iSCSI (Internet Small Computers Systems Interface) C. SSO D. Pen testing
A
A company is doing a cloud-to-cloud migration to lower costs. A systems administrator has to plan the migration accordingly. Which of the following considerations is MOST important for a successful, future-proof, and low-cost migration? A. Feature compatibility B. Estimated consumption C. Tier pricing D. Licensing
A
A company is installing a web-based file sharing application to help transition its in-office departments to a primarily remote setup. What type of solution is the company installing? A. SaaS B. PaaS C. IaaS D. STaaS
A
A company needs a solution to find content in images. Which of the following technologies, when used in conjunction with cloud services, would facilitate the BEST solution? A. Artificial intelligence B. DNS over TLS C. Digital transformation D. Internet of Things
A
A database analyst reports it takes two hours to perform a scheduled job after onboarding 10,000 new users to the system. The analyst made no changes to the scheduled job before or after onboarding the users. The database is hosted in an IaaS instance on a cloud provider. Which of the following should the cloud administrator evaluate to troubleshoot the performance of the job? A. The IaaS compute configurations, the capacity trend analysis reports, and the storage IOPS B. The hypervisor logs, the memory utilization of the hypervisor host, and the network throughput of the hypervisor C. Migrating from IaaS to on premises, the network traffic between on-premises users and the IaaS instance, and the CPU utilization of the hypervisor host D. The scheduled job logs for successes and failures, the time taken to execute the job, and the job schedule
A
A government agency wants to deploy an open-source platform to have complete control over the platform and become a CSP inside the agency. What type of cloud deployment would meet the agency's needs? A. Multitenancy B. Virtual private cloud C. Hybrid cloud D. Public cloud
A
A security architect is working with administrators and developers to develop a patching policy which balances security with availability. What is a good policy which will suit the business needs? A. N-1 B. Current patches C. N+1 D. 3 months behind
A
A server administrator for a small company is running a handful of servers on older equipment that hasn't been allocated budgeting for maintenance. The administrator is worried about file corruption affecting system files or configurations. Which of the following backups is most suited for the administrator's concerns? A. System state B. Application level C. File level D. Database dump
A
A server administrator is architecting a cloud based solution for a company with various development projects and application dependencies. Which of the following solutions would be most applicable? A. Containers B. Templates C. Virtual machines D. Provisioning
A
A support engineer wants to prevent users from running malware on several IaaS compute instances. Which of the following will BEST achieve this objective? A. Implement an application whitelisting policy. B. Set the execute filesystem permissions on the desired applications only. C. Encrypt all applications that users should not access. D. Disable file sharing on the instance.
A
A systems administrator is configuring network management but is concerned about confidentiality. Which of the following should the administrator configure to address this concern? A. SNMPv3 B. IPSec tunnels C. Community strings D. ACLs
A
A systems administrator is troubleshooting performance issues with a Windows VDI environment. Users have reported that VDI performance is very slow at the start of the work day, but the performance is fine during the rest of the day. Which of the following is the MOST likely cause of the issue? A. Disk I/O limits B. Affinity rule C. RAM usage D. CPU oversubscription
A
A systems administrator is trying to establish an RDP session from a desktop to a server in the cloud. However, the connection appears to be refused even through the VM is responding to ICMP echo requests. Which of the following should the administrator check FIRST? A. The firewall B. The subnet C. The services D. The gateway
A
A systems administrator responded to an important web service crashing. They analyzed logs to determine the issue, restarted the service, and were able to verify system functionality. What is the next step the administrator should take? A. Implement preventative measures B. Perform a root cause analysis C. Establish a plan of action D. Determine scope of the problem
A
A systems administrator wants the VMs on the hypervisor to share CPU resources on the same core when feasible. Which of the following will BEST achieve this goal? A. Oversubscribe CPU resources B. Enable simultaneous multithreading C. Configure CPU passthrough D. Switch from a Type 1 to a Type 2 hypervisor E. Increase instructions per cycle
A
A team dispatches two of its members to detect and correct a series of login and authentication issues that users are reporting. In what stage of the IT environment would these team members correct the issues? A. Development B. QA C. Production D. Disaster recovery
A
A user has lost account access to the cloud. The CSP dispatched a technician to address the issue. The technician diagnoses that the user's account information expired and the technician needed to reset it. Following the reset, what should the technician do next? A. Have the user test the login B. Determine why the incident occurred C. Decide how to best proceed forward D. Document findings
A
A user is unable to reach a cloud resource by name, but general Internet access is available. What would be an immediate cause of this issue? A. Misconfigured DNS record B. Misconfigured proxy server C. Misconfigured NAT settings D. Misconfigured VPC peering
A
An IT education institution recently experienced an issue where a student logged into the institution's Windows server that houses student records and changed some of the grades. How was the student most likely able to do this? A. The student logged in with the server's local administrator account. B. The student logged in with the server's root account. C. The student logged in with the server's guest account. D. The student logged in with the student's own account.
A
An IaaS provider has numerous devices and services that are commissioned and decommissioned automatically on an ongoing basis. The cloud administrator needs to implement a solution that will help reduce administrative overhead. Which of the following will accomplish this task? A. IPAM B. NAC C. NTP D. DNS
A
An administrator needs to restore data to a server, but the data owner wants to compare the files that are on the server to the restored files, to determine which version of the data to keep. What kind of restore should the administrator perform? A. Side-by-side restoral B. Alternate location restoral C. File restoral D. In-place restoral
A
An organization has asked a network administrator to configure a departmental network that includes both storage and virtualization capabilities. The department maintains its own internal IT staff capable of managing the configuration, but it should come ready to deploy immediately across the entire department. What is the organization asking the administrator to configure? A. Solution template B. Container C. Serverless deployment D. Managed solution
A
An organization has determined that they cannot lose more than 12 hours of data. What does this number represent? A. RPO B. MTTR C. RTO D. 3-2-1 backup rule
A
An organization has several VMs in their public cloud configured as web servers. However, when the administrator attempts to access the secure website, the browser returns a "404 Page not found" error. What must the administrator configure to correct this error and allow customers to access the website? A. The administrator must configure an inbound rule in the ACL (Access Control List) to allow traffic on port 443. B. The administrator must configure an inbound rule in the ACL to allow traffic on port 80. C. The administrator must configure peering between the web servers. D. The administrator must configure a load balancer between the web servers.
A
An organization is hosting a DNS domain with private and public IP ranges. Which of the following should be implemented to achieve ease of management? A. An IPAM solution B. Network peering C. A CDN solution D. A SDN solution
A
An organization is required to set a custom registry key on the guest operating system. Which of the following should the organization implement to facilitate this requirement? A. A configuration management solution B. A log and event monitoring solution C. An operating system ACL D. A file integrity check solution
A
An organization is testing the cloud disaster recovery plan. The goal is to implement the recovery without disrupting production. What kind of test is the organization running? A. Parallel recovery B. Simulated failover C. Walk-through D. Live failover
A
An organization is upgrading all of its systems in the environment. When the upgrade is complete, the organization will promote the upgraded environment to production, and later, upgrade all of the systems in the demoted environment. What kind of upgrade process does this represent? A. Blue-green upgrade B. Canary upgrade C. Rolling upgrade D. System upgrade
A
An organization needs to migrate a number of large databases from an Amazon Web Services (AWS) cloud to an Azure cloud. The databases use tables to store the data and keys to link the data information. What solution will the organization use to migrate the data? A. Direct B. Cross-service C. Relational D. Non-relational
A
An organization will be deploying a web application in a public cloud with two web servers, two database servers, and a load balancer that is accessible over a single public IP. Taking into account the gateway for this subnet and the potential to add two more web servers, which of the following will meet the minimum IP requirement? A. 192.168.1.0/28 B. 192.168.1.0/27 C. 192.168.1.0/26 D. 192.168.1.0/29
A
An organization would like to add a new storage system to house its array of graphics productions and marketing materials. Leadership prefers a solution that would provide high performance and fault tolerance, with rebuild times minimized in case of a data loss scenario. Which of the following would best suit this need? A. Hardware RAID 10 B. Hardware RAID 5 C. Software RAID 10 D. Software RAID 0
A
Before applying updates to a cloud-based Linux virtual machine, you need to ensure you can roll back quickly if the updates cause problems. What should you do? A. Take a virtual machine snapshot B. Create an operating system image C. Create a system restore point D. Perform a virtual machine backup
A
CloudVNet3 has two deployed Windows virtual machines. You need to ensure that outbound SSH traffic is allowed to each host. What should you do to allow the traffic while minimizing administrative effort? A. Configure one network firewall rule set and associate it with each virtual machine. B. Use bash to set the firewall on each virtual machine. C. Use a shell script to set the firewall on each virtual machine. D. Configure two host firewall rule sets and associate each one with a virtual machine.
A
Developers updated the code for a web application to meet regulatory compliance goals. The new changes were staged in a different environment and worked well. Before worrying about quality assurance, what test can the developers perform to ensure these new changes do not break the application's functionality in production? A. Regression test B. Usability test C. Functional test D. Performance test
A
If administrators would like to protect against significant availability failures within specific geographical regions, which of the following methods might they employ? A. Availability zone replication B. SAN replication C. Distributed file system replication D. CDN replication
A
Image shows: Employee Laptop > Internet > Corporate Firewall > Internal Corporate Network An employee in your company needs to connect to the internal company network while out of the office, as pictured in the diagram. What can be used to accomplish this? A. VPN B. IPSec C. TLS D. SSL
A
Recently, an attacker successfully obtained PII from multiple employees at a company by intercepting plain text traffic on the web. Aside from better monitoring practices, which of the following would use digital signatures and encryption to aid in mitigating an attack like this in the future? A. DNSSEC B. IPAM C. CDN D. HIDS
A
The web developers are decommissioning a legacy web server on Amazon Web Services (AWS) and want to stand up a newly configured web server in the same location. The developers have not yet configured the new server's network configuration but are requesting that the cloud administrators switch over the same network settings to the new server. What should the cloud administrator do to fulfill the request? A. Reattach vNIC to the new server. B. Setup VRF on the router. C. Create a virtual private cloud (VPC). D. Configure multiple VXLANs.
A
Which solution can be used to increase application density on a cloud virtual machine? A. Application containers B. Application compression C. Scaling out D. Dynamic memory
A
To detect unwanted or dangerous network traffic, an administrator is collecting and analyzing data from the network through the web application firewalls, the intrusion prevention systems, and the protocol analyzers. Network traffic has to travel through all of these devices, and all of these layers of monitoring are taking a toll on system resources and slowing down network traffic. What can the administrator implement to mitigate this issue? A. NPB B. NAC C. DLP D. WAF
A
To meet regulatory requirements, the company must provide geographical separation between active and backup data of certain medical records your company collects and processes in Germany. The requirements stipulate that the data cannot leave the country and must be in two or more data centers. What recommendations would be offered to meet these requirements? A. Remote B. Target C. Incremental D. Offline
A
Users of an enterprise application, which is configured to use SSO, are experiencing slow connection times. Which of the following should be done to troubleshoot the issue? A. -- Perform and packet capture during authentication -- Validate the load-balancing configuration -- Analyze the network throughput of the load balancer B. -- Evaluate the OS ACLs -- Upgrade the router firmware -- Increase the memory on the router C. -- Analyze the storage system IOPS -- Increase the storage system capacity -- Replace the storage system disks to SSD D. -- Perform a memory dump of the OS -- Analyze the memory dump -- Upgrade the host CPU to a higher clock speed CPU
A
Users report that they can no longer connect to a public cloud-based web application at http://www.samplecloudapp.com that worked previously. The web application was recently deployed using a runbook orchestration tool. After checking your cloud portal dashboard, you see that the web application virtual machine is up and running but has recently restarted. What is the most likely cause of the problem? A. The virtual machine's IP address has changed. B. The virtual machine's computer name has changed. C. The virtual machine's geographical location has changed. D. The web application service account no longer exists.
A
What documentation lays out the agreed-upon service and responsibilities of the service provider? A. SLA B. PowerShell script C. SOP D. Application log
A
What documentation should be consulted to ensure cloud workload migrations are performed consistently? A. SOP B. SLA C. PowerShell script D. Application log
A
What is a common use for runbooks? A. Snapshots B. Patching C. Creating a new VM D. Backing up
A
What is considered a safe overcommitment ratio for vCPUs? A. 3:01 B. 1:01 C. 9:01 D. 6:01
A
What kind of environment should new changes be rolled out into before any other environment? A. Development B. QA C. Penetration D. Production
A
What term describes the programmatic functionality exposed by a cloud service? A. API B. Cloud portal C. Orchestration D. CLI
A
What term describes the web-based cloud management GUI? A. Cloud portal B. API C. Orchestration D. CLI
A
What type of cloud service is Microsoft Office 365? A. SaaS B. PaaS C. IaaS D. STaaS
A
What type of synchronization technology does not wait until all replicas confirm data writes before notifying an app that data has been committed to disk? A. Asynchronous B. Cloning C. Synchronous D. Failover zone
A
What type of virtual system combines central processing unit (CPU), memory, storage, and network subsystems that are inseparable and operate as one unit? A. Hyperconverged B. Hypervisor Type 1 C. Hypervisor Type 2 D. Simultaneous multi-threading (SMT)
A
What will a cloud administrator most likely create before uploading individual files to a cloud storage? A. A bucket B. A hybrid tier C. A block storage D. A CIFS share
A
When deploying a virtual appliance onto the Microsoft Azure platform, what action can prevent an unauthorized person from signing on to the system with elevated privileges? A. Deactivate default account B. Run Azure Defender C. Run Nessus scanner D. Install a hotfix
A
Which command is used to test and troubleshoot DNS name resolution? A. nslookup B. ping C. tracert D. ipconfig
A
Which command resulted in the output shown? Name: one.one.one.one Address: 1.1.1.1 > 1.1.1.1 8.8.8.8 Server: [8.8.8.8] Address: 8.8.8.8 Name: one.one.one.one Address: 1.1.1.1 > ---------------------------------- A. `nslookup` B. `ping` C. `tracert` D. `ipconfig`
A
Which document covers disaster recovery responsibilities? A. SLA B. BIAaaS C. DRaaS D. BCPaaS
A
Which memory management feature deallocates unused RAM from virtual machines and presents it to other virtual machines that need RAM? A. Ballooning B. Bursting C. Overcommitment D. Paging
A
Which of the following is NOT a compute resource that can affect performance on a network? A. Applications B. Memory C. Storage D. Network issues
A
Which of the following is NOT a metric that would be measured to confirm it meets the baseline? A. CPU frequency B. Write IOPS C. Virtual switch average bytes sent/received D. Peak memory usage
A
Which of the following is a rule-based, lower-level security method generally seen as a highly secure means of communication encryption? A. IPsec B. SSL C. HTTPS D. TLS
A
Which of the following protocols results in unencrypted communication? A. Telnet B. LDAPS C. SSH D. HTTPS
A
Which service is used to resolve names to IP addresses? A. DNS B. DHC C. NTP D. NIDS
A
Which service is used to resolve names to IP addresses? A. DNS B. DHCP C. NTP D. NIDS
A
You are planning a custom application that will interface with cloud storage. What is required before proceeding? A. Cloud storage API documentation B. Cloud service private key C. SLA D. Cloud service public key
A
You are tasked with migrating a physical machine that has a mission-critical application that must remain online. What sort of migration must happen to satisfy these requirements? A. Online migration B. V2P C. Offline migration D. P2V
A
You are troubleshooting a Windows machine that is unable to communicate with the rest of the network. It has an IP address of 169.254.1.5 and a subnet mask of 255.255.0.0. What is a possible reason that it is unable to talk on the network? A. The computer is unable to communicate with the DHCP server. B. The DNS server is down. C. The subnet mask is incorrect. D. The computer's network cable is unplugged.
A
You have a large collection of virtual machines on a hypervisor. They all need to be set up the same way. What is the quickest and easiest way to accomplish this? A. Cloning B. Snapshots C. Redundancy D. Storage mirroring
A
You have a shared storage system that you would like to back up. It is very large, so you would like to back up only files that have changed since the last full backup. What kind of backup would you set up to accomplish this? A. Differential B. Incremental C. Change/delta tracking D. Full
A
You have configured a VPN tunnel between your on-premises network and a cloud-based virtual network. What type of cloud is this? A. Hybrid B. Private C. Public D. Community
A
You have deployed a web application in the cloud. Users complain that during peak hours, application performance degrades. What should you configure? A. Load balancing B. Hashing C. Replication D. Failover clustering
A
You have four virtual machines, as pictured in the diagram. During peak loads on all virtual machines, you notice that VM D is a lot slower than when it is the only VM under load. What is a possible issue? Hypervisor: 10 CPU cores, 64 GB RAM - VM A: 2 vCPUs, 8 GB RAM - VM B: 3 vCPUs, 16 GB RAM - VM C: 1 vCPU, 12 GB RAM - VM D: 2 vCPU, 32 GB RAM A. More physical RAM is required. B. More physical CPUs are required. C. More virtual RAM is required. D. More vCPUs are required.
A
You need to delegate specific cloud administrative tasks for cloud resources and processes to other technicians. What is the most efficient way to do so? A. Assign technician accounts to cloud admin roles B. Distribute the cloud private key to technicians C. Create a single administrative account and provide its details to technicians D. Modify cloud resource ACLs
A
You need to ensure that the cloud migration of an on-premises database results in minimal downtime while the database runs in the cloud. Which cloud provider document provides assurances about this uptime? A. Service level agreement B. Business continuity C. Business impact analysis D. Disaster recovery plan
A
You notice that a service complains that it is unable to validate a certificate because its issue date is in the future. What is a possible cause of this issue? A. Time synchronization issues B. Connectivity issues C. Certificate expiry D. The CA was created in a different time zone
A
You plan to deploy a public-facing website and private corporate virtual machines to the public cloud. Where should the website be deployed? A. DMZ B. Isolated cloud network C. On-premises D. Internet
A
You plan to use the cloud to test a custom web application consisting of three virtual machines. Communication with other cloud systems must not be allowed. What should you do? A. Deploy the test virtual machines into an isolated cloud network B. Enable IPv6 on the test machines C. Configure the firewall on nontest machines to block traffic D. Disable network connectivity for the test machines
A
You want to monitor resource utilization of your virtual machines to be able to predict future needs and to detect any anomalies beyond normal usage. What must you first have before you can accurately do this? A. Baseline B. Syslog C. SNMP D. Log forwarding
A
You would like user authentication to occur against your on-premises identity store. Users will then be authorized to use on-premises and cloud-based services. What should you configure? A. Identity federation B. Tokenization C. Multifactor authentication D. Single sign-on
A
Your colleague Abby suggests using a blue-green deployment for a new web application. To what is Abby referring? A. Two simultaneous application environments, one testing, the other production B. Two simultaneous application environments, both production C. Two simultaneous application environments, both in sandboxed environments D. Two simultaneous application environments, both testing
A
Your organization is looking to implement a system that prevents attackers from intruding into the network. What kind of device/software would you need to accomplish this? A. IPS B. DMZ C. VXLAN D. IDS
A
Your organization requires systems to be backed up after an outage in 12 hours or less. To which term does this scenario best apply? A. RTO B. BIA C. RPO D. DRP
A
A cloud administrator implemented a change management orchestration workflow for updating systems on the cloud network, but the orchestration workflow failed. What are some possible reasons why the orchestration workflow failed? (Select all that apply.) A. The sequencing of the automated steps was incorrect. B. The systems required a reboot and had not completed the startup process before automation proceeded. C. The SSH keys changed. D. The service account mapping was incorrect.
A, B
A cloud administrator is troubleshooting insufficient capacity and performance degradation. Which of the following troubleshooting steps should be part of the process? (Select all that apply.) A. Check oversubscription of computing resources B. Check if correct templates are used to create instances C. Check if cloud instance tags are accurate D. Check load balancer type and configuration
A, B
A cloud administrator needs to troubleshoot a sales application that is no longer pulling information from the customer database. What should the administrator check first? (Select all that apply.) A. Verify connectivity to the API endpoint. B. Verify connectivity to the customer database. C. Specify HTTPS for the connection. D. Verify the correct API endpoint.
A, B
A developer is experiencing memory issues with their application on cloud based servers. Which of the following steps would assist the developer in identifying and fixing the problem? (Select all that apply.) A. Check for memory leaks B. Check host operating system logs C. Ensure appropriate storage tiers D. Check network devices that slow communications
A, B
A newly configured Ansible workflow job fails midway when trying to reconfigure a virtual instance in the cloud. Other single automation tasks targeting other instances are completing successfully. What can an IT administrator troubleshoot to resolve this issue? (Select all that apply.) A. Check configuration sequence. B. Check target's startup processes. C. Check target's automatic IP address. D. Check target's DNS record.
A, B
An administrator is practicing security hardening. Which of the following steps will the administrator take to reduce the vulnerability of the network? (Select all that apply.) A. Run systemd start sshd and systemd enable sshd on a machine used for remote administration. B. Use the Nmap tool to scan the network. C. Install all firmware upgrades. D. Remove web proxies.
A, B
An organization is planning to implement Multifactor Authentication (MFA). Currently, users must enter a password to access resources. What other valid forms of authentication can the organization implement to successfully achieve MFA? (Select all that apply.) A. Smart cards B. Fingerprint scanners C. Pin numbers D. Security questions
A, B
An organization is reviewing options for backup management and determines that a disk solution better suits the needs of the organization than a cloud solution. What are some reasons why the organization may have made this decision? (Select all that apply.) A. The organization must retain complete control of the data. B. The organization already owns the disks. C. The disk solution is globally accessible. D. The disk solution is more future proof than the cloud solution.
A, B
Concerning cloud security in the IaaS model, which of the following are the responsibility of the customer? (Select all that apply.) A. Operating system B. Identity management C. Storage D. Networking
A, B
If a cloud virtual instance is over-utilizing its CPU, what can a cloud administrator check to confirm it? (Select all that apply.) A. Check OS performance metrics. B. Check cloud management utilization reports. C. Check for unnecessary network traffic. D. Check cloud management replication errors.
A, B
What process improvement benefits would an organization realize by allowing developers to create their own development environments from templates in the cloud, rather than having to wait for on-premises administrators to create the environments for them? (Select all that apply.) A. Streamlined processes for greater efficiency B. Faster deployments C. Less infrastructure investment D. Greater collaboration opportunities
A, B
A server administrator was recently assigned the role of disaster recovery planning. They have developed a plan but are not quite ready for full scale testing. They do, however, want to include other people in the process. Which of the following will help the administrator at this point? (Select all that apply.) A. Parallel recovery B. Walk through C. Table-top D. Live failover
A, B, C
An organization has learned that it may be competing with other organizations for access to the cloud service provider's (CSPs) resources. Which of the following CSP resources might the organization's be competing for? (Select all that apply.) A. Storage B. CPU and Memory C. Bandwidth D. VMs
A, B, C
What type of tasks can a cloud administrator automate? (Select all that apply.) A. Software updates B. Scaling C. Restarts D. SLA
A, B, C
A cloud administrator is implementing a configuration management solution to ensure all nodes on the network meet requirements. However, when the administrator tests the solution, the control node is unable to reach the managed nodes. What are some possible reasons why? (Select all that apply.) A. The control node obtained an IP address from the DHCP (Dynamic Host Configuration Protocol) server. B. The administrator has not allowed traffic from the control node through the firewalls. C. The DNS servers have a resource record for the control node name and IP address. D. The administrator moved the managed nodes to a different environment.
A, B, D
A security technician is setting up multi-factor authentication to cloud solutions. Which of the following are authentication factors that could be used? (Select all that apply.) A. Location B. Current time C. Security Assertion Markup Language D. One-time passwords
A, B, D
A solutions architect is updating their companies' lifecycle roadmap. Which of the following should the architect include? (Select all that apply.) A. Old hardware B. New services C. Change management D. Current applications
A, B, D
The performance of an organization's cloud network is degrading, and the administrator is troubleshooting possible causes. What are some items the administrator should investigate? (Select all that apply.) A. Auto-scaling configurations B. Storage capacity and type C. Automation tools D. Network bandwidth
A, B, D
What kind of documentation should an organization have on hand to respond to an incident in the cloud? (Select all that apply.) A. DR playbook B. Call tree C. Building diagram D. Network flow diagram
A, B, D
A server technician wants to set up a configuration manager for their server environment through Powershell. Which of the following will help enable them to do this? (Select all that apply.) A. DSC B. Glacier C. MOF D. Chef
A, C
A systems administrator is analyzing a report of slow performance in a cloud application. This application is working behind a network load balancer with two VMs, and each VM has its own digital certificate configured. Currently, each VM is consuming 85% CPU on average. Due to cost restrictions, the administrator cannot scale vertically or horizontally in the environment. Which of the following actions should the administrator take to decrease the CPU utilization? (Choose TWO). A. Move the digital certificate to the load balancer. B. Configure the communication between the load balancer and the VMs to use HTTPS. C. Configure the communication between the load balancer and the VMs to use HTTP. D. Keep the digital certificates on the VMs. E. Configure the communication between the load balancer and the VMs to use a VPN. F. Reissue digital certificates on the VMs.
A, C
A technical account manager is delivering a presentation to the head of technology within a company. Charged with leading a new internal solution to produce a more efficient internal routing effort, the manager must describe the specifics regarding how they will execute the project. Which of the following should the manager include in the presentation? (Select all that apply.) A. Stakeholder identification B. Anomalies C. Project constraints D. MTTR
A, C
A user logs in to the cloud platform but cannot see the team's virtual instance. What troubleshooting steps can a cloud administrator perform? (Select all that apply.) A. Check security group inheritance. B. Check access control list (ACL). C. Check security group misconfiguration. D. Check micro-segmentation settings.
A, C
A user logs on to his station each morning with a username, a password, and a code from a keyring device. What type of authentication is this? (Choose two.) A. Multifactor B. Single sign-on C. Two-factor D. Single-factor
A, C
A virtual instance on the Amazon Web Services (AWS) platform has 64 virtual central processing units (vCPUs) and 432 (Gibibyte) GiB of memory. What can a cloud administrator do to make the virtual instance memory-optimized? (Select all that apply.) A. Change virtual instance type. B. Reduce vCPU count. C. Power off virtual instance. D. Use a hyperconverged system.
A, C
An administrator has configured backup jobs for new cloud instances. What methods can the administrator use to verify that the backup data is valid? (Select all that apply.) A. Check the files in the destination. B. Check the backup software status. C. Perform a test restore of the data. D. Review the backup retention policy.
A, C
An automation task failed to make a change to a Linux virtual instance. The job log recorded an error stating that the account did not have privileges to the remote server. What can the cloud developer check to resolve this problem? (Select all that apply.) A. Check local private SSH key. B. Check orchestration workflow sequence. C. Check assigned service account. D. Check the last step of the job.
A, C
Which of the following are considered benefits of server virtualization? (Choose two.) A. Space efficiency B. Faster networking C. Power efficiency D. Cheaper software licensing
A, C
Which of the following are the best candidates for maintenance automation? (Choose two.) A. Log archiving B. Stale firewall rule removal C. Removing inactive accounts D. Private key restoration
A, C
You are looking to find what MAC address has an IP of 192.168.0.15 on your local network. What tools could you use to find the MAC address? (Choose two.) A. `ping` B. `nslookup` C. `arp` D. `flushdns`
A, C
A cloud administrator extended the on-premises network to a public cloud solution in AWS. Instead of using Amazon Inspector, the administrator opted to use Burp Suite with the AWS cloud. What are some possible reasons why the administrator made this decision? (Select all that apply.) A. The administrator wanted to use the same tool for both the on-premises and cloud solutions. B. Burp Suite is easier to implement. C. Amazon Inspector only scans EC2 instances. D. The administrator wanted to centralize the scanning results for auditing purposes.
A, C, D
A network administrator reviews protocols in their companies' cloud environment to search for insecure protocols that should be removed. Which of the following protocols should not be used by themselves? (Select all that apply.) A. Hypertext Transfer Protocol B. Secure Shell C. File Transfer Protocol D. Generic Routing Encapsulation
A, C, D
A newly hired cloud administrator assigned an engineer to manage several virtual machine instances, but when the engineer attempts to log in to any of the instances as an administrator, the login fails. What is the most likely reason why the engineer cannot log in? (Select all that apply.) A. The engineer does not need to log in to the VM instances as an administrator. B. The engineer's account does not exist. C. The engineer is using an incorrect login. D. The engineer's role assignment does not allow logging in to the VMs as an administrator.
A, C, D
Which of the following scenarios represents a cloud-to-cloud migration? (Select all that apply.) A. An administrator migrating an organization's data from a VPC to a community cloud. B. An administrator migrating an organization's data from a CSP to an on-premises solution. C. An administrator migrating an organization's data from a CSP to a VPC. D. An administrator migrating an organization's data from GCP to AWS.
A, C, D
A broadcasting company is using a multimedia platform that allows live broadcasts to be viewed online. The multimedia platform becomes overloaded and unresponsive during popular sporting events, and customers are complaining. Which of the following actions should a systems administrator take to resolve the issue? (Select TWO). A. Add more GPUs to the multimedia servers B. Implement a load balancer C. Update the server NIC drivers D. Increase the capacity of the video storage system E. Increase the throughput of the external network F. Use a public-cloud CDN solution
A, D
If a user purchases a CPU that houses 8 cores but is capable of managing up to 16 tasks at a time, which technology is the user leveraging? (Select all that apply.) A. Hyperthreading B. Ballooning C. SSO D. SMT (Simultaneous Multi-Threading)
A, D
In preparation for patching the operating systems on a cloud network, the administrator double-checked to make sure the correct patch was queued for the operating system, that it was the correct version, and that it tested successfully in the test environment. However, the patch still failed to install in production. What are some reasons why the patch installation may have failed? (Select all that apply.) A. The administrator failed to ensure that there was sufficient drive space available for the patch process. B. The administrator failed to ensure the patch matched the application version. C. The administrator failed to test the patch in the production environment. D. The administrator failed to disable antivirus during the patching process.
A, D
Users are reporting that they are unable to connect with the organization's cloud resources. What items should the administrator check? (Select all that apply.) A. Is the CSP experiencing a network outage? B. Are the load balancers configured correctly? C. Are the users' applications consuming too much bandwidth? D. Is the organization's ISP experiencing a network outage?
A, D
What cloud records management feature or solution would be most beneficial in a use case where lawyers may want to go through years of data to convict a person suspected of money laundering? (Select all that apply.) A. Retention B. Versioning C. Destruction D. Write once read many
A, D
Which of the following represents a single point of failure? (Select all that apply.) A. Cloud direct connection B. Cluster C. NIC teaming D. Load balancer
A, D
Which of the following statements are NOT true regarding network flow diagrams? (Select all that apply.) A. Network flow diagrams show every node. B. Network flow diagrams do not assist with security. C. Network flow diagrams can assist in troubleshooting. D. Network flow diagrams identify all nodes.
A. B
A VM was successfully tested in a lab environment. As part of the deployment preparation, the image needs to be backed up for use in the multi-rollout accompanied by orchestration templates. Which of the following should be used to create the image? A. Snapshot B. Clone C. Full D. Replica
B
An administrator is securing a private cloud environment and wants to ensure only approved systems can connect to switches. Which of the following would be MOST useful to accomplish this task? A. VLAN B. NAC C. NIPS D. WAF
B
In which service model is it the cloud provider's responsibility to meet security, compliance, and liability expectations? A. CaaS B. PaaS C. SaaS D. IaaS
C
A cloud administrator can manage permissions for users or groups to access cloud resources using which of the following? A. Multifactor Authentication (MFA) B. Identity and Access Management (IAM) C. Single Sign-on (SSO) D. Security Assertion Markup Language (SAML)
B
A cloud administrator checked out the deployment scripts used to deploy the sandbox environment to a public cloud provider. The administrator modified the script to add an application load balancer in front of the web-based front-end application. The administrator next used the script to recreate a new sandbox environment successfully, and the application was then using the new load balancer. The following week, a new update was required to add more front-end servers to the sandbox environment. A second administrator made the necessary changes and checked out the deployment scripts. The second administrator then ran the script, but the application load balancer was missing from the new deployment. Which of the following is the MOST likely reason for this issue? A. The application load balancer exceeded the maximum number of servers it could use B. The deployment script changes made by the first administrator were not checked in and committed C. The new server images were incompatible with the application load-balancer configuration D. The license limit on the number of server deployments allowed per month was exceeded
B
A cloud administrator is migrating a significant amount of server data from company-controlled premises to a cloud environment. As such, capacity is a primary concern, but the company will access the data very infrequently and so, a specific data model will not be required. Which storage type would be best for this requirement? A. File B. Blob C. Block D. Hybrid disk
B
A cloud administrator is reviewing a list of necessary patches, hotfixes, feature updates, and rollups. Which of the following will the administrator most likely test and implement first? A. Patches B. Hotfixes C. Feature updates D. Rollups
B
A cloud administrator is working in a secure government environment. The administrator needs to implement a corrective action due to a recently identified security issue on the OS of a VM that is running a facility-management application in a cloud environment. The administrator needs to consult the application vendor, so it might take some time to resolve the issue. Which of the following is the FIRST action the administrator should take while working the resolution? A. Upgrade the OS B. Update the risk register C. Raise a problem ticket D. Shut down the server
B
A cloud administrator needs an overall view of the cloud network's service availability, instance and network performance, capacity planning, and incident management. What can the administrator configure to get a centralized view of all the information? A. Tagging B. Dashboards C. Showbacks D. Availability and health
B
A cloud administrator receives a "Suspicious activity" alert from Microsoft Azure for alerts. What are the next steps the administrator should take? A. Disable the administrator account until further investigation. B. Complete further investigation to determine the cause of the alert. C. Ignore the alert as it is just a warning. D. Confirm a new administrator account identity.
B
A cloud architect establishes a software defined network policy for tightly controlled integration between on-premises and cloud services. Which of the following architectural designs should they implement? A. Cloud native B. Cloud DMZ C. Hybrid D. Hub and spoke
B
A cloud architect is designing a solution for a development company that makes mobile games. The games reach out to dedicated cloud gaming servers. Which of the following AWS instances would be best suited for this situation? A. l3 (storage optimized) B. C6g (compute optimized) C. f1 D. sc1 (low-cost, cold storage)
B
Which term describes a cloud service that can be used to ensure business continuity with a minimum of downtime? A. SLA B. BIAaaS C. DRaaS D. BCPaaS
C
A company is currently running a website on site. However, because of the business requirement to reduce current RTO from 12 hours to one hour, and the RPO from one day to eight hours, the company is considering operating in a hybrid environment. The website uses mostly static files and a small relational database. Which of the following should the cloud architect implement to achieve the objective at the LOWEST cost possible? A. Implement a load-balanced environment in the cloud that is equivalent to the current on-premises setup and use the DNS to shift the load from on premises to cloud B. Implement backups to cloud storage and infrastructure as code to provision the environment automatically when the on-premises site is down. Restore the data from the backups C. Implement a website replica in the cloud with auto-scaling using the smallest possible footprint. Use DNS to shift the load from on premises to the cloud D. Implement a CDN that caches all requests with a higher TTL and deploy the IaaS instances manually in case of disaster. Upload the backup on demand to the cloud to restore on the new instances
B
A company needs to access the cloud administration console using its corporate identity. Which of the following actions would MOST likely meet the requirements? A. Implement SSH key-based authentication B. Implement cloud authentication with local LDAP C. Implement multifactor authentication D. Implement client-based certificate authentication
B
A help desk technician at a CSP is fielding a support ticket from a client. A single user is having trouble downloading files from a the CSP's server, as the download has repeatedly blocked for the user. Frustrated, the user claims that resolving this matter falls on the CSP. Which of the following best represents who should resolve this incident? A. The CSP B. The user C. The ISP D. The server
B
A hybrid cloud environment hosts web services on both on-premises and the cloud. A similar network is set up in an isolated environment for testing disaster recovery scenarios. If IT management wants to test their disaster recovery procedures with the participation of a limited amount of real user accounts, what type of test would be most appropriate to carry out? A. Paper test B. Live cutover C. Table-top D. Walk-through
B
A hybrid cloud solution with virtual hosts on-premises and in the cloud needs to avoid a single point of failure across both platforms. How can a cloud administrator force distribution of regular virtual machine (VM) instances across both platforms? A. Set up management network redundancy. B. Set up anti-affinity rules. C. Set up container high availability. D. Set up a cluster of EC2 instances.
B
A large organization has recently released a new product tracking software. Unfortunately, the initial release contained numerous bugs and various functionality issues. As a result, the organization would like to iteratively release updated versions by switching users between environments as they are updated and tested. Which of the following best describes how this organization plans to develop and release future products? A. DRP B. Blue-Green C. RPO D. Round robin
B
A new user cannot access Microsoft Office 365, but no other users in the organization are having any issues. What is the most likely reason why the user cannot access it? A. The organization's subscription expired. B. The organization's subscription is out of licenses. C. The user's system is not compatible with Office 365. D. The firewall is blocking the user from accessing Office 365.
B
A real estate accounting company would like to migrate its operation to the cloud but has expressed reservations regarding security. A member of the executive suite suggests a collective organization formed in conjunction with several similar companies that have collectively deployed a cloud-based environment. Each member company maintains cloud access. Which of the following is the executive describing? A. Private B. Community C. Hybrid D. Public
B
A security engineer creates storage for logs that will most likely not be used long term, but they will need to be accessed quickly if they are needed. Which of the following storage solutions is most appropriate? A. Standard B. Standard infrequent C. Intelligent tiering D. Glacier
B
A server administrator is attempting to look for pre-configured automated tasks that are already built and finds some Ruby scripts, support common operating systems. and can be used with physical machines, VM's, and cloud instances. Which of the following tools will the administrator need to use? A. Bash B. Puppet C. PowerShell D. Ansible
B
A server administrator is troubleshooting connectivity between two servers with the ping command but receives a message "REQUEST TIMED OUT." What is most likely going on? A. Problem on the source device B. Problem on the destination device C. Connection is down D. Connection is working fine
B
A small company would like to minimize excess hardware maintenance expenditures during its growth stage. The company currently maintains physical drives for its entire operation, which throughout the growth process, has become increasingly expensive. When considering a cloud solution, what should the company consider for its storage needs? A. IaaS B. STaaS C. DaaS D. DRaaS
B
A startup company has recently released its third version of a messaging application to its user base. Following the release of the new version, a bevy of user complaints surfaced, claiming that since updating the application, many cannot access previous conversations. Which of the following did the company most likely NOT do? A. Usability testing B. Regression testing C. Performance testing D. Vulnerability testing
B
A system administrator is deploying a GPU-accelerated VDI solution. Upon requests from several users, the administrator installs an older version of the OS on their virtual workstations. The majority of the VMs run the latest LTS version of the OS. Which of the following types of drivers will MOST likely ensure compatibility with all virtual workstations? A. Alternative community drivers B. The latest drivers from the vendor's website C. The drivers from the OS repository D. Legacy drivers
B
A system administrator is migrating a bare-metal server to the cloud. Which of the following types of migration should the systems administrator perform to accomplish this task? A. V2P B. P2V C. V2V D. P2P
B
A systems administrator for an e-commerce company will be migrating the company's main website to a cloud provider. The principal requirement is that the website must be highly available. Which of the following will BEST address this requirement? A. A next-generation firewall B. A server cluster C. Vertical scaling D. Redundant switches
B
A systems administrator in a large enterprise needs to alter the configuration of one of the finance department's database servers. Which of the following should the administrator perform FIRST? A. Capacity planning B. Change management C. Backups D. Patching
B
A systems administrator is migrating a bare-metal server to the cloud. Which of the following types of migration should the systems administrator perform to accomplish this task? A. V2V B. P2V C. P2P D. V2P
B
A systems administrator is troubleshooting a newly launched database that cannot access its storage. The database drew its original configuration from a similar database, using the same base image file. Which of the following is the most likely reason the database is experiencing these issues? A. Faulty image B. Improperly configured variable C. Storage location configured as a secret D. Faulty VM template
B
A systems administrator is using VMs to deploy a new solution that contains a number of application VMs. Which of the following would provide high availability to the application environment in case of hypervisor failure? A. Live migration B. Anti-affinity rules C. Cold migration D. Affinity rules
B
An administrator is standing up a new website and wants to prevent the instances hosting the website from becoming overwhelmed while also ensuring good performance and redundancy. How can the administrator accomplish this? A. Containers B. Load balancer C. Replication D. GPU
B
A systems administrator swapped a failed hard drive on a server with a RAID 5 array. During the RAID resynchronization, a second hard drive failed. Which of the following actions will make the server fully operational? A. Swap the failed hard drive with a fresh one B. Restore the server from backup C. Restart the RAID resynchronization process D. Perform a P2V migration of the server
B
A user in the marketing department is unable to access a folder containing campaign files. The administrator views the folder properties and observes that the user is in a group that is inheriting read permissions to the folder. Why might the user not be able to access the folder? A. The system has locked out the user's account. B. The administrator denied the user access to the folder. C. The group inheriting access to the folder needs read and write permissions. D. The administrator must assign the user permissions to the folder.
B
After troubleshooting a virtual machine connectivity issue, you determine that a firewall rule prevented the connection. You modify the firewall. What should you do next? A. Document findings B. Verify full system functionality C. Establish a plan of action D. Test a theory
B
An SQL injection vulnerability was reported on a web application, and the cloud platform team needs to mitigate the vulnerability while it is corrected by the development team. Which of the following controls will BEST mitigate the risk of exploitation? A. NAC B. WAF C. HIDS D. DLP
B
An administrator applied an operating system patch to a cloud VM instance, but the patch broke some of the system's functionality. How can the administrator return the system back to pre-patch configuration? A. The administrator can roll the patch back. B. The administrator can revert to the snapshot taken before patching. C. The administrator can uninstall the patch. D. The administrator cannot return the system back to pre-patch configuration.
B
An administrator created three virtual networks for an organization and then connected them together so that employees on any of the networks can seamlessly use the resources in any of the other networks. What type of software-defined networking is this? A. Hub-and-spoke B. Peering C. Subnetting D. VPC
B
An administrator has an organization's headquarters locked down so that users can only log in to the cloud network between 6 a.m. and 6 p.m. and only if they are in the headquarters building. What is this an example of? A. Authentication B. Multifactor authentication C. Authorization D. Auditing
B
An administrator is configuring a SAN. Which of the following would permit the fastest possible performance while also providing redundancy? A. Point-to-point Fiber Channel B. Switched Fibre Channel C. iSCSI D. M.2
B
An administrator is evaluating an application for migration to the cloud and determines that before migrating the application, the organization must first send it back to the developers to remove hard-coded IP addresses and make other minor modifications. What cloud migration type does this represent? A. Rehost B. Replatform C. Refactor D. Retain
B
An administrator is installing Linux in a new server cluster for a remote office to host multiple virtual machines for on-site technicians. To provision and activate each of the VMs in a relatively cost-effect manner, what will the administrator most likely deploy? A. Type 1 Hypervisor B. Type 2 Hypervisor C. VM Template D. DMZ
B
An administrator is reviewing the roles and features installed on the organization's servers, comparing them to what each server's purpose is, and removing the roles and features that are unnecessary. What practice is the administrator engaged in? A. Baselining B. Hardening C. Endpoint detection and response D. Configuration management
B
An administrator is using Active Directory (AD) to manage permissions for users, permitting file and folder owners to manage other users' access to those resources. What kind of access control is this? A. Mandatory access control B. Discretionary access control C. Role-based access control D. Rule-based access control
B
An administrator is viewing the performance monitor on an instance and notices that the operating system has unusually low utilization. What does this indicate? A. Too much storage B. Too much memory C. Not enough memory D. Not enough storage
B
An administrator upgraded the hardware in a server. After the administrator put the server back in service, the system failed. The administrator never received an alert, although alerting worked properly before the administrator upgraded the hardware. What is the most likely reason why the administrator did not receive an alert when the system failed? A. The administrator originally configured the system for composite alerts. B. The administrator failed to take alerting out of maintenance mode. C. The administrator is receiving too many alerts and ignored them. D. The administrator did not enter the correct email address into the alerting system.
B
An administrator upgraded the operating system on several servers and then ran the configuration management tool to ensure the nodes meet the established requirements. However, the configuration management process failed, even though it ran fine earlier that same day. What is a valid reason why the configuration management process may have failed? A. The version of the configuration management tool is now incorrect. B. The version of the operating system is now incorrect. C. The files provided for configuration don't match the deployment tool. D. The API version for the backend data source is now incorrect.
B
An engineer is responsible for configuring a new firewall solution that will be deployed in a new public cloud environment. All traffic must pass through the firewall. The SLA for the firewall is 99.999%. Which of the following should be deployed? A. A web application firewall B. Two firewalls in a HA configuration C. Two load balancers behind a single firewall D. Firewalls in a blue-green configuration
B
An incident handler investigates logs on a Linux web server to determine if an attacker successfully breached the server. Which of the logs should the incident handler investigate to review the web logs? A. Event Viewer Application log B. /var/log/apache C. /var/log/samba D. /var/log
B
An organization had to evacuate their primary location due to approaching wildfires. As outlined in the business continuity plan, the organization moved all business operations to another location that they had previously set up with most of the equipment they needed. The organization acquired the rest of the needed equipment, restored data backups to the new location, and resumed operations within a day. What kind of disaster recovery site did the organization use? A. Hot site B. Warm site C. Cold site D. Cloud site
B
An organization has a hybrid cloud environment with several virtual instances in the Microsoft Azure cloud and would like to ensure backup solutions are ran in the cloud entirely. If the organization prefers using the latest, compatible third-party backup application for these cloud instances, what could cloud administrators do to fulfill this requirement? A. Perform a test restore. B. Search the cloud marketplace. C. Run the Azure Backup service. D. Review the Azure Service Health dashboard.
B
An organization has asked a cloud administrator to configure a server to utilize all physical CPU capacity, as there is no space for multiple servers. Which license would show a price increase based on this configuration? A. Per core B. Per socket C. Per seat D. Volume based
B
An organization has concerns about single points of failure for their VMs. What can the cloud administrator use to ensure all the VMs do not fail at the same time? A. File server replication B. Anti-affinity C. Affinity D. Right-sizing
B
An organization initially manually assigned random static IP addresses within the organization's range to network devices. Now that the organization is growing, an administrator is installing a Dynamic Host Configuration Protocol (DHCP) server to automatically assign IP addresses to client devices but needs to free up a contiguous address range in order to provide the DHCP server with a block of available IP addresses to assign. The organization's file servers are currently using IP addresses in the range the administrator wants to use for DHCP, so the administrator assigns new IP addresses outside of that range to the file servers. Shortly after, the helpdesk begins receiving calls from employees who are unable to access the file servers. What must the administrator do to correct this issue? A. The administrator must wait for the DNS records to update with the new IP addresses. B. The administrator must update the DNS records with the new IP addresses. C. The administrator must confirm that the employee workstations can reach the proxy. D. The administrator must ensure that the NAT (Network Address Translation) device is online.
B
An organization recently experienced a data breach in the cloud network while a new cloud administrator was on call. The organization had all the necessary documentation to respond to the incident, but the response time was extremely slow compared to average incident response times. What can the organization do to decrease incident response times in the future? A. Provide service-specific documentation. B. Provide training. C. Provide application-specific documentation. D. Provide network device configurations.
B
An update is being deployed to a web application, and a systems administrator notices the cloud SQL database has stopped running. The VM is responding to pings, and there were not any configuration changes scheduled for the VM. Which of the following should the administrator check NEXT? A. Firewall on the VM B. Logs on the VM C. vGPU performance on the VM D. Memory on the VM
B
CloudVNet1 has six deployed Windows virtual machines. You need to ensure that inbound remote desktop traffic is allowed to each host. What should you do to allow the traffic while minimizing administrative effort? A. Use PowerShell to set the firewall on each virtual machine B. Configure one network firewall rule set and associate it with each virtual machine C. Use a shell script to set the firewall on each virtual machine D. Configure six host firewall rule sets and associate each one with a virtual machine
B
Following a storage configuration upgrade, a number of applications have begun performing slower than expected. A technician tests the read/write performance, and the results show up to 20% slower speeds than projected. Which of the following is most likely the culprit of this performance degradation? A. Incompatible RAM B. The IOPS is exceeding its cap C. Auto-scaling D. Quota exceeded
B
In which instance would an organization NOT employ the disaster recovery playbook? A. Hurricane B. Cloud administrator quits C. Active shooter D. Data breach
B
Industry regulations require all internal network traffic to be encrypted. What should you configure? A. SSL B. IPSec C. TLS D. VPN
B
Referring to image that shows four squares representing hosts all connected to a center square representing a switch. Host A IP Address: 192.168.0.19/22 Default Gateway: 192.168.0.1 VLAN: 101 Host B IP Address: 192.168.1.11/22 Default Gateway: 192.168.0.1 VLAN: 102 Host C IP Address: 192.168.0.20/22 Default Gateway: 192.168.0.1 VLAN: 101 Host D IP Address: 192.168.0.21/22 Default Gateway: 192.168.0.1 VLAN: 101 You have a switch and four hosts, as pictured in the diagram. Host D cannot communicate with Host B but can with Host C. You have verified all machines are functioning properly. What is the most likely issue? A. Malfunctioning switch B. Incorrect VLAN C. Host B is down D. Port is disabled
B
The company purchased a cloud-based application that all employees can access from a web browser. The application will be able to support new employees as the company grows. What type of licensing structure did the company most likely purchase for this application? A. Socket based licensing B. Per user licensing C. Volume based licensing D. Perpetual licensing
B
The helpdesk receives a call from a frustrated user. The system has required the user to change their password and the user has tried several different ones, but the system will not accept them. Why won't the system accept the user's passwords? A. The user is not on the application allow listing. B. The passwords do not meet the password policy requirements. C. The system has locked out the user's account. D. The administrator hasn't assigned the user any permissions.
B
There is a disconnected cable somewhere on your network, and you are not sure between which two devices the break is located. What software tool can you use to help find where the break is? A. `ipconfig/ifconfig` B. `tracert/traceroute` C. `ping` D. `netstat`
B
To improve a system's performance during virtualization, the VMs installed should have direct access to network hardware within the system. Which component facilitates this access? A. MPLS B. SR-IOV C. Virtual switch D. IPAM
B
To reduce cloud storage costs, you would like only frequently used data to be stored on the fastest cloud storage. What should you configure? A. Increased IOPS B. Storage tiers C. RAID 0 D. Scaling
B
To reduce cloud storage costs, you would like to put old data on slower, less expensive storage. What should you configure? A. Scaling B. Storage tiers C. RAID 1 D. Decreased IOPS
B
What Microsoft product is used to manage hypervisors and virtual machines? A. SCCM B. SCVMM C. Group Policy D. Command Prompt
B
What can be done to provide fault tolerance for runbooks? A. Configure maintenance mode B. Use multiple runbook servers C. Enable runbook load balancing D. Configure runbook replicas
B
What command would you use on Windows to trace the path that an IPv4 packet to a host would take? A. `traceroute6` B. `tracert` C. `traceroute` D. `ping`
B
What is NOT a reason you would want to patch a hypervisor? A. To support new hardware features B. To upgrade to the latest version C. To support newer operating systems D. To fix security vulnerabilities
B
What kind of system uses placeholders to represent sensitive data? A. Single sign-on B. Tokenization C. Multifactor authentication D. Identity federation
B
What sort of network setup would allow your services to function even if your external cloud provider was down? A. Community B. Hybrid C. Public D. Private
B
When designing capacity planning and requirements for cloud resources, which statement is applicable when accounting for system loads? A. Solution must help the organization achieve its strategic goals. B. CPU queue length value should not exceed the number of logical processors (cores). C. License must permit a specified number of installations. D. Deviations from a baseline must be monitored continuously.
B
Which PowerShell cmdlet is used to shut down local or remote computers? A. `ShutdownComputer` B. `Stop-Computer` C. `StopComputer` D. `Shutdown-Computer`
B
Which of the following activities is the least related to system hardening? A. Account management auditing B. Renewing expired PKI ce C. Deactivating default accounts D. Disabling unneeded services
B
Which of the following is NOT a scripting language? A. PowerShell B. C++ C. Python D. JavaScript
B
Which of the following will provide a systems administrator with the MOST information about potential attacks on a cloud IaaS instance? A. FIM B. HIDS C. Software firewall D. Network flows
B
Which protocol allows cloud tenants to provision network infrastructure resources without knowing the underlying layer 2 and layer 3 technical details? A. TCP B. VXLAN C. NAT D. UDP
B
Which router setting most likely could cause connectivity problems with packets greater than 1514 bytes? A. SSH B. MTU C. ARP D. Default gateway
B
Which solution can be used to increase application isolation on a cloud virtual machine? A. Application compression B. Application containers C. Scaling in D. Dynamic memory
B
Which solution is required for an alternative hot site? A. Disk encryption B. Replication C. Load balancing D. File hashing
B
Which statement regarding public key infrastructure encryption is correct? A. Encryption requires an asymmetric key. B. Public keys encrypt; private keys decrypt. C. Private keys encrypt; public keys decrypt. D. Salting requires a public key.
B
Which type of alternative site is equipped but contains no data? A. Hot site B. Warm site C. Cold site D. Cloud site
B
Which type of cloud best serves the needs of organizations that want to use cloud services but also have on-premises hardware? A. Community B. Hybrid C. Public D. Private
B
Which type of cloud serves the needs of organizations that have the same computing requirements? A. Public B. Community C. Private D. Hybrid
B
Why is scaling down sometimes done in cloud computing environments? A. To enable high availability B. To reduce costs C. To decrease performance D. To increase performance
B
Why is scaling up sometimes done in cloud computing environments? A. To reduce costs B. To increase performance C. To enable high availability D. To decrease performance
B
You are asked to improve the security of a wireless network. It is an 802.11g wireless access point secured using MAC filtering and WEP. What can you change to best improve security? A. Change to an 802.11ac wireless access point B. Change from WEP to WPA2 C. Disable SSID broadcasting D. Disable MAC filtering
B
You are configuring a subnet IP address range for a cloud network. The network address is 10.16.6.0/24. How many usable IP addresses are available on this network? A. 255 B. 254 C. 256 D. 24
B
You are configuring cloud backup settings. Data modified since the last full backup must be captured. Which type of backup should you configure? A. Incremental B. Differential C. Full D. Copy-on-write
B
You are creating ACL entries of resources manually. What type of access control model is this? A. PKI B. Discretionary access control C. Mandatory access control D. TPM
B
You are deploying an IDS device in the cloud. To ensure the timely resolution of problems, what should you configure? A. IP address blocking B. Alert notifications C. RAID 0 D. Dual Internet connections
B
You are linking your on-premises network to the public cloud to handle the occasional depletion of on-premises resources. What is this called? A. Scaling out B. Cloud bursting C. Scaling in D. Horizontal scaling
B
You have multiple resources under a single hypervisor, each performing a different role. You want to harden a specific resource. How can this be accomplished? A. VXLAN isolation B. Granular resource hardening C. General resource hardening D. VLAN isolation
B
You need a network security solution that can be configured to detect and stop suspicious activity. What should you deploy? A. HIPS B. NIPS C. HIDS D. NIDS
B
You need to delegate specific cloud backup tasks to backup operators. What should you do? A. Create a single backup operator account and provide details to backup operators B. Assign cloud backup roles to backup operators C. Modify cloud storage ACLs D. Distribute the cloud backup private key to backup operators
B
You need to ensure that a hypervisor can still boot and function in the event of an operating system disk crash. What should you configure? A. Enable synchronous replication B. Configure RAID 1 C. Configure RAID 0 D. Enable a failover cluster
B
You need to ensure that cloud virtual machines report security events to a centralized cloud logging service. What should be configured for each virtual machine? A. Log forwarding B. Virtual machine extensions C. Firewall D. IDS
B
You need to ensure that network traffic from Net1 does not go through Net2 and just continues to the Internet. What should you configure? A. NAT gateway B. Route table C. Load balancer D. Firewall rule
B
You need to patch virtual machine hosting computers on-premises. What should your patching strategy encompass? A. Guests B. Hypervisors C. Clusters D. Virtual appliances
B
You need to run a mission-critical app in the public cloud on a server that is not shared with other cloud tenants. What should you do? A. Deploy a virtual machine B. Use dedicated hosting in the cloud C. Use a private cloud D. Migrate an on-premises virtual machine to the cloud
B
You plan to deploy a new security agent to each cloud virtual machine. What must you do before the deployment? A. Patch the servers B. Notify affected stakeholders C. Modify the change management policy D. Reboot the servers
B
You plan to put an on-premises virtual machine onto a physical host. What type of migration will you be performing? A. P2V B. V2P C. P2P D. V2V
B
You want to save a virtual machine in its current state. What is the best and easiest way to do this? A. Take a differential backup B. Take a snapshot C. Take a full backup D. Take an incremental backup
B
You will be out of the office for a few days but will need to access resources in your office's network. What can you set up to ensure that you can access the network securely? A. DMZ B. VPN C. IPS D. NAT gateway
B
Your IP phones cut out often during peak hours. What can you do to ensure that the IP phone VoIP traffic takes precedence over normal traffic? A. Configure DNS B. Configure QoS C. Create a firewall exception D. Set a static route
B
Your company has recently adopted numerous public cloud SaaS services. Users complain that after logging in to their on-premises desktops, they are prompted for credentials for each SaaS service they use. You need to ensure the initial user authentication is all that is required to access all SaaS services. What should you configure? A. Authentication B. Single sign-on C. Multiple sign-on D. MFA
B
Your organization requires backups every 6 hours to ensure the continued operation of the business. To which term does this scenario best apply? A. DRP B. RPO C. BIA D. RTO
B
Your team of developers is wondering which cloud service model would be most useful to them. Which model would you recommend? A. SaaS B. PaaS C. IaaS D. CaaS
B
_______________________________ is where data is replicated between many different sites in many different regions. A. Synchronous replication B. Multiregional replication C. Regional replication D. Asynchronous replication
B
A colleague reported that the Virtual Machine migration to the cloud failed immediately after starting the process. A pop-up window showed a failed connectivity status. What can the team check on to troubleshoot this issue? (Select all that apply.) A. Check network latency B. Check ISP C. Check logs D. Check storage capacity
B, C
A network administrator is troubleshooting issues with a Virtual Private Cloud (VPC) connection. Which of the following are troubleshooting steps the administrator should test? (Select all that apply.) A. Ensure that HTTP header information is compatible B. Update name resolution C. Confirm security group membership D. Check packet retransmissions
B, C
A network technician is trying to understand user requirements to give the best possible working experience. Which of the following are user needs? (Select all that apply.) A. Encrypted communications B. Performance C. Availability D. Cost of redundancy
B, C
A security architect is setting up solutions for a medium sized company. The company wants security products that will actively block. Which of the following solutions should the architect recommend? (Select all that apply.) A. Event viewer B. Endpoint detection and response (EDR) systems C. Software firewall D. Host-based intrusion detection systems
B, C
A server technician is testing new processing hardware to use in a private cloud deployment. What is the technician measuring to determine overall performance? (Select all that apply.) A. RPM B. IPC C. GHz D. Hyperconvergence
B, C
An administrator manually configured four new VM (Virtual Machine) instances in the public cloud. Three of the VM instances work, but the administrator is unable to connect to the fourth instance from the on-premises network. What might the administrator have done to cause the connection to the fourth instance to fail? (Select all that apply.) A. The administrator used a misconfigured VM template. B. The administrator did not follow the correct procedures. C. The administrator applied inaccurate instance tags. D. The administrator used a misconfigured script.
B, C
An organization is evaluating options for migrating millions of medical records to a community cloud. The organization needs to migrate the records as quickly as possible and without any downtime. What are the best solutions for migrating the data? (Select all that apply.) A. The organization should migrate the data using an automated file transfer command like curl. B. The organization should migrate the data using a CSP's proprietary solution that avoids the public Internet. C. The organization should migrate the data using a storage transfer service. D. The organization should migrate the data using peering over the public Internet.
B, C
An administrator is receiving complaints from users that the network is too slow. What steps should the cloud administrator take to reduce network latency? (Select all that apply.) A. Eliminate replication B. Implement segmentation C. Implement an edge network D. Implement an NPB
B, C, D
Users are complaining that they cannot reach a cloud-hosted application. Which of the following items should the administrator check? (Select all that apply.) A. Application has enough memory B. Network connectivity C. Application is running D. Users have permissions
B, C, D
A solutions architect has performed a risk analysis for disaster recovery and has determined that the likelihood of needing to recover is very low. They also determined that needing some time to bring another center up is acceptable, but not too much time. Which of the following backup solutions would meet the company's needs? (Select all that apply.) A. Hot site B. Warm site C. Cold site D. Cloud site
B, D
A storage administrator is architecting a solution that will provide quicker access to users. Which of the following replication strategies will support this? (Select all that apply.) A. Storage area network replication B. Content delivery network replication C. Virtual machine replication D. Distributed file system replication
B, D
An organization currently has a cloud network subnetted using Layer 2 technology to isolate separate networks. However, the organization is rapidly growing and will soon need to accommodate over 5000 separate networks, which is more than the current subnetting technology can handle. What can the organization do to manage the growth? (Select all that apply.) A. Add a load balancer B. Use VRF C. Use VLANs D. Use VXLANs
B, D
An organization is using a configuration management database (CMDB). What items can the administrator expect the CMDB to be tracking on the organization's cloud deployment? (Select all that apply.) A. Asset tracking B. Interrelated microservices C. Inventory tracking D. Configuration items
B, D
Since a version update, a web application has turned in continuously slower performance ratings. To best fix this, which of the following components should the developer pay the most attention to? (Select all that apply.) A. Anomalies B. Patterns C. Outstanding licenses D. Baselines
B, D
When logging in to a cloud service provider (CSP) web interface using a smart card, the authentication fails. What can a user or administrator do to troubleshoot this issue? (Select all that apply.) A. Check SSH key pair. B. Check certificate status. C. Check DLP policies. D. Check the smart card.
B, D
Which of the following are considered benefits of server virtualization? (Choose two.) A. Cheaper software licensing B. Efficient application of software updates C. Faster network access D. Centralized data storage
B, D
A Chief Information Security Officer (CISO) is evaluating the company's security management program. The CISO needs to locate all the assets with identified deviations and mitigation measures. Which of the following would help the CISO with these requirements? A. SOC procedures B. An SLA document C. A risk register D. A DR plan
C
A Microsoft cloud technician has configured a VPC for a large group project and would now like to connect different, smaller projects to the VPC. What kind of network is the technician setting up? A. Control plane B. PaaS only C. Hub-and-spoke D. DMZ
C
A Windows technician is configuring a new customer relationship management application. To complete the setup, the technician must push all necessary folders to a remote team. Which of the following tools would the technician most likely use to complete this task? A. NFS (Networks File System) B. NTFS C. CIFS (Common Internet File System) D. RDP (Remote Desktop Protocol)
C
A cloud administrator has built a new private cloud environment and needs to monitor all computer, storage, and network components of the environment. Which of the following protocols would be MOST useful for this task? A. SMTP B. SCP C. SNMP D. SFTP
C
A cloud administrator is building a new VM for machine-learning training. The developer requesting the VM has stated that the machine will need a full GPU dedicated to it. Which of the following configuration options would BEST meet this requirement? A. Virtual GPU B. External GPU C. Passthrough GPU D. Shared GPU
C
A cloud administrator is configuring a load balancer to manage traffic to an organization's web servers that house a catalog of products for customers to buy online. What load balancer scheduling type should the cloud administrator configure to ensure that all customers can place orders at all times? A. Software load balancer B. Weighted scheduling C. Most recently used D. Round-robin
C
A cloud administrator is creating instances for databases that data scientists will use to manage big data analytics. What is the best type of optimization the administrator should consider for these instances? A. vCPU-optimized B. GPU-optimized C. Memory-optimized D. Container-optimized
C
If a host begins claiming memory normally reserved for virtual machines, what is the likely indication? A. Anomalies B. Auto-scaling C. The host is running out of memory D. Load balancing
C
A cloud administrator is implementing Ansible to manage the configuration of remote systems on the cloud network. What type of authentication should the administrator implement with Ansible to ensure that automated processes do not stop while waiting for authentication to complete? A. Embed the passwords in scripts B. Password-based authentication C. Key-based authentication D. Service accounts
C
A cloud administrator is researching tools that will ensure the configuration of servers, devices, and services. The administrator is responsible for both Windows and Linux operating systems and does not want to rely on a client-server structure. The administrator also does not want to install agents or enable special services on managed devices. What is the cloud administrator's best option? A. Chef B. Puppet C. Ansible D. PowerShell DSC
C
A cloud administrator is reviewing the results of a network vulnerability scan. What kind of results should the administrator NOT expect to see? A. Listening ports B. Connected network devices C. Patched systems D. Exposed network services
C
A cloud administrator just joined a new organization and is attempting to implement a common service. Which of the following would best help them implement the service? A. SLAs B. Cloud policies C. SOPs (Standard Operating Procedures) D. Playbooks
C
A cloud administrator needs to estimate the performance and stability of the cloud network's instances housing the big data databases. What process can the administrator perform to discover this information? A. Monitoring thresholds B. Log scrubbing C. Monitoring baseline D. Continuous monitoring
C
A cloud administrator receives a request to create a virtual instance on the Amazon Web Services (AWS) platform. The request explains that the virtual instance will perform various machine learning tasks for a new web application. What type of instance would the cloud administrator most likely create for this request? A. General purpose B. Memory optimized C. Compute optimized D. Storage optimized
C
A cloud database virtual machine uses four separate disk volumes. Each disk volume needs to be fully allocated at the start. What should you do to configure the disks? A. Object storage B. Thin provisioning C. Thick provisioning D. Tokenization
C
A cloud provider wants to make sure consumers are utilizing its IaaS platform but prevent them from installing a hypervisor on the server. Which of the following will help the cloud provider secure the environment and limit consumers' activity? A. Log and event monitoring B. Scaling C. Hardening D. Patch management
C
A cloud technician is analyzing storage tiers for a critical Structured Query Language (SQL) instance which requires high performance. Which of the following would best suit the technician's needs? A. gp3 (balanced for price and performance) B. st1 (throughput optimized) C. io2 (high performance, SQL workloads) D. sc1 (low-cost, cold storage)
C
A cloud technician receives complaints that an employee cannot access certain cloud resources. Which of the following troubleshooting steps should the technician try first? A. Document the findings B. Restart the cloud services C. Check an account with the same permissions D. Establish a theory of probable cause
C
A company developed a product using a cloud provider's PaaS platform and many of the platform-based components within the application environment. Which of the following would the company MOST likely be concerned about when utilizing a multicloud strategy or migrating to another cloud provider? A. Service-level agreement B. Authentication providers C. Vendor lock-in D. Licensing
C
A company has asked an administrator to configure a new fleet of high storage, high-performance servers for a remote team of technicians. The team currently utilizes the same servers as the local office team, and the company would like the team to be able to rapidly respond during times of peak traffic and activity. Which of the following would allow the team to quickly increase memory and performance during these periods? A. Point-to-site connection B. Persistent storage C. Dynamic allocations D. IPC
C
A company is planning to migrate applications to a public cloud, and the Chief Information Officer (CIO) would like to know the cost per business unit for the applications in the cloud. Before the migration, which of the following should the administrator implement FIRST to assist with reporting the cost for each business unit? A. Quotas B. An SLA report C. Tagging D. Showback
C
A server architect is planning a cloud migration and is defining a given problem that software or services are expected to meet. Which of the following will best assist the architect in this process? A. Business needs analysis B. Licensing structure C. Solutions requirement D. User density
C
In an existing IaaS instance, it is required to deploy a single application that has different versions. Which of the following should be recommended to meet this requirement? A. Create snapshots B. Enable SR-IOV on the host C. Deploy using containers D. Install a Type 2 hypervisor
C
A software development company has asked its lead administrator to suggest a means of simplifying asset management and reducing the overhead from maintaining a large fleet of servers. The company currently stores massive amounts of data and would like a solution that will allow this continued mass storage, while reducing the number of physical servers. Which of the following makes the most sense for the company to implement? A. Acquire new servers B. Upgrade SaaS package C. Employ a FaaS solution (Function as a Service) D. Utilize ML to manage the storage
C
A systems administrator is troubleshooting network throughput issues following a deployment. The network is currently being overwhelmed by the amount of traffic between the database and the web servers in the environment. Which of the following should the administrator do to resolve this issue? A. Enable jumbo frames on the gateway B. Move the web and database servers onto the same VXLAN C. Set up affinity rules to keep web and database servers on the same hypervisor D. Move the servers onto thick-provisioned storage
C
A systems administrator is trying to reduce storage consumption. Which of the following types would benefits the MOST from compression? A. System files B. Mail database C. User backups D. Relational database
C
A technical department has stood up a new server that will utilize virtualization to support a small team of specialists. Following the configuration of the VM's baseline settings and specifications, the team will eventually require further virtualization capabilities as they add more servers to form a cluster. What would be the most efficient means of configuring the virtualization capabilities as the technical department adds more servers? A. VM templates B. Software patches C. Clones D. Hypervisor
C
A technical team is updating its storage arrangement by moving to a network solution. The team is less concerned about maximum capacity and more concerned about speed. Which of the following options would produce the greatest throughput? A. 2.6 GHz B. 3.2 GHz C. 150 MiB/s D. 75 MiB/sec
C
A technician just received the lessons learned from some recent data that was lost due to an on-premises file-server crash. The action point is to change the backup strategy to minimize manual intervention. Which of the following is the BEST approach for the technician to implement? A. New backup devices B. Long-term storage C. Backup as a service D. RAID 1
C
A user receives a message that their smartphone PKI certificate used for cloud service access will expire in 7 days. What should you do? A. Issue a new certificate B. Expire the certificate C. Renew the certificate D. Add the certificate to the CRL
C
A vendor is installing a new retail store management application for a customer. The application license ensures software costs are low when the application is not being used, but costs go up when use is higher. Which of the following licensing models is MOST likely being used? A. Core-based B. Socket-based C. Subscription D. Volume-based
C
A web server has been deployed in a public IaaS provider and has been assigned the public IP address of 72.135.10.100. Users are now reporting that when they browse to the website, they receive a message indicating the service is unavailable. The cloud administrator logs into the server, runs a netstat command, and notices the following relevant output: TCP 17.3.130.3:0 72.135.10.100:5500 TIME_WAIT TCP 17.3.130.3:0 72.135.10.100:5501 TIME_WAIT TCP 17.3.130.3:0 72.135.10.100:5502 TIME_WAIT TCP 17.3.130.3:0 72.135.10.100:5503 TIME_WAIT TCP 17.3.130.3:0 72.135.10.100:5504 TIME_WAIT Which of the following actions should the cloud administrator take to resolve the issue? A. Update the gateway on the web server to use 72.135.10.1 B. Assign a new IP address of 192.168.100.10 to the web server C. Configure the WAF to filter requests from 17.3.130.3 D. Modify the firewall on 72.135.10.100 to allow only UDP
C
An HR supervisor has asked the cloud administrator to check the log files to find out when a particular employee logged off the system on the previous day. Which goal of IAM does this satisfy? A. Authentication B. Authorization C. Auditing D. Confidentiality
C
An administrator has configured a cluster of web servers to ensure that if one server becomes unavailable, the other will continue to serve traffic. What does the cluster represent? A. Redundancy B. Oversubscription C. High availability D. Failover
C
An administrator is securing the organization's cloud-based network resources from potential connections by configuring rules in the Access Control List (ACL). The rules will either accept or block the connections to the network based on predetermined criteria. What cloud appliance is the administrator configuring? A. Load balancer B. VLAN C. WAF D. VPC
C
An administrator only allows specific physical devices to connect to the organization's Virtual Private Cloud (VPC). What command can the administrator use to monitor device connections to the VPC by physical address? A. ipconfig /all B. nslookup C. arp D. curl
C
An administrator scripted all the steps needed to create and deploy new database servers for the organization's applications. After the administrator tested the scripts to ensure they worked properly, the administrator then created a workflow to start and run all the automated steps in order. What is this an example of? A. Configuration management B. Automation C. Orchestration D. Sequencing
C
An application developer would like to work on new versions for a recent gaming app release. To streamline operations, the developer will use a separate workstation from their primary workstation due to better sound and graphics quality. Which of the following options would facilitate better performance while remaining at a relatively cheap price? A. Pass-through vGPU B. VPC C. Shared vGPU D. SDN
C
An enterprise recently upgraded the memory on its on-premises VMs from 8GB to 16GB. However, users are not experiencing any performance benefit. Which of the following is the MOST likely reason? A. Memory mismatch error B. Dynamic memory allocation C. Insufficient memory on the hypervisor D. Operating system memory limit
C
An organization has a cloud deployment in an availability zone with redundant server hardware, redundant power supplies, and redundant network connectivity. What is the next step that represents the best solution for the organization to mitigate a single point of failure? A. Replicate the cloud deployment within the zone. B. Replicate the cloud deployment on-premises. C. Replicate the cloud deployment to another zone. D. Replicate the cloud deployment to another region.
C
An organization has recently recovered from a data breach and is working to identify what created the circumstances that allowed the breach to occur. What is the best way for the organization to understand the root cause? A. Use forensic professionals. B. Provide appropriate training. C. Ask a series of "Why" questions. D. Implement targeted monitoring.
C
An organization has tasked a systems administrator with configuring a series of workstations that a technical team will operate. The administrator has concerns with availability failures due to lacking resources during high traffic windows. What can the administrator do to help preemptively address this? A. Hyperconverged networking B. Utilize a Type 1 hypervisor C. Over-provision resources from idle servers D. Configure virtual switches
C
An organization has the following requirements that need to be met when implementing cloud services: -- SSO to cloud infrastructure -- On-premises directory service -- RBAC for IT staff Which of the following cloud models would meet these requirements? A. Public B. Multitenant C. Hybrid D. Community
C
An organization's cloud service provider (CSP) recently experienced an outage, which caused the organization's cloud instances to be down for 30 minutes. Where can the organization look to see if this is longer than the CSP's guaranteed percent availability? A. BIA B. RTO C. SLA D. MTTR
C
An organization's developers currently have to put in a request to the IT department to have a development environment created on-premises for developing applications, but the organization is testing a cloud solution that will allow the developers to create their own development environments. What step of the change management process does this represent? A. Propose B. Approve C. Develop D. Deploy
C
An organization's web server farm, which is hosted in the cloud with DNS load balancing, is experiencing a spike in network traffic. This has caused an outage of the organization's web server infrastructure. Which of the following should be implemented to prevent this in the future as a mitigation method? A. Enable DNSSEC B. Enable DLP C. Deploy a vADC appliance D. Configure microsegmentation
C
Bruce is a member of a group named Long_Beach. The following NTFS permissions are set on a folder called Timetables: Operator - List Folder Contents Long_Beach - Read, Write Everyone - Read, Modify What permissions will Bruce have to the contents of the Timetables folder? A. Read B. All permissions C. Read, modify, write D. Modify
C
Developers in your organization are complaining about how long it takes to deploy virtual machines with specialized storage configurations, load balancers, and databases in a cloud virtual network when testing a new application. You need to speed up the deployment of test environments. What should you do? A. Update the SLA B. Use orchestration C. Create a cloud deployment template D. Deploy virtual machine images
C
Following a major database migration, a company hires a small IT firm. To assist the company, a security administrator assigns an analyst to locate potential opportunities for malicious parties to exploit the system within the new database and associated platform. Which practice is the analyst executing? A. Performance testing B. Functional testing C. Pen testing D. Regression testing
C
IT technicians installed environmental sensors connected to power distribution units (PDUs) throughout a large datacenter. A network design shows an intermediary application receiving sensor logs that are then pushed to a centralized monitoring application in the cloud. How is the data getting to the monitoring solution? A. Linux server is using syslog logging service. B. Monitoring thresholds are set up. C. SNMP is configured on the devices. D. CSP logging service is running.
C
One of the VMs that houses an organization's big data analytics database has become corrupted from an operating system misconfiguration. What kind of backup can the administrator use to quickly restore it to the previous state? A. Filesystem backup B. Database dump C. System-state backup D. Application-level backup
C
The data center for a government agency is migrating services to a community cloud hosted by a public cloud provider. There is 600TB of data that must be migrated to the cloud. Which option should be used? A. Data and network compression B. Storage mirroring C. Offline migration D. Data deduplication
C
The finance director recently learned how easy it is to intercept data and has concerns about someone tapping into the network to get the financial data. The cloud administrator assures the director that the financial data is encrypted before it leaves the program and that it stays encrypted unless being used by the program. What kind of encryption is the financial data using? A. API endpoint B. Operating system C. Application D. Filesystem
C
To meet regulatory requirements, the system administrator must store customer transaction records for seven years. The data will most likely never be accessed after the second year and can be stored offline if possible to reduce storage costs. What type of storage operation should be implemented to achieve this goal? A. Replication B. File transfer C. Archive D. Data store
C
To save on licensing costs, the on-premises, IaaS-hosted databases need to be migrated to a public DBaaS solution. Which of the following would be the BEST technique? A. Live migration B. Physical-to-virtual C. Database replication D. Storage-level mirroring
C
What does NAS normally appear as to a client operating system? A. A disk B. An FTP server C. A file server D. An object
C
What is another term for authentication? A. ACL B. Single sign-on C. Identification D. Authorization
C
What is required before load testing can be performed against an application? A. IP address B. Public key C. Baseline D. Private key
C
What technology allows memory to be "borrowed" from virtual machines and put into a pool by the hypervisor? A. Memory overcommitment B. Memory bursting C. Memory ballooning D. VT-x
C
What term describes policies that are set to control the entire lifecycle of data, from creation through destruction? A. Versioning B. Retention C. Records management D. WORM
C
When configuring a network storage system for a company-wide function, which document should serve as a primary reference to effectively manage the project while also remaining compliant with company policy? A. Service manual B. Workflow diagram C. Operating procedures D. Change management
C
Which CPU technology allows hardware virtualization on Intel processors? A. vCPU B. CPU cache C. VT-x D. Hyperthreading
C
Which IP address cannot be routed on the public Internet? A. 2.0.0.1/8 B. 128.1.0.1/16 C. 10.0.0.1/8 D. 193.168.1.1/24
C
Which cloud characteristic best maps to unanticipated storage requirements that are quickly met? A. Metered usage B. Self-provisioning C. Rapid elasticity D. Broad access
C
Which command shows the routing table on a Windows machine? A. 'netstat -p tcp' B. 'ping' C. 'route print' D. 'arp -a'
C
Which memory management feature is used to help speed up data retrieval? A. Ballooning B. Overcommitment C. Bursting D. Paging
C
Which of the following defines a measure of CPU activity over a length of time? A. Capacity planning B. Baseline C. System load D. Trend analysis
C
Which of the following is NOT a motivator for a cloud administrator to apply patches? A. Application bugs B. Security flaws C. Patching is scheduled D. Feature enhancements
C
Which of the following is relevant to capacity planning in a SaaS environment? A. Scalability B. Clustering C. Licensing D. A hypervisor
C
Which of the following virtualization technologies groups multiple network storage devices into a single storage unit that can be managed from a central console and used by a virtual machine or host computer? A. Virtual NIC B. Virtual HBA C. Storage virtualization D. Virtual switch
C
Which solution increases the availability of an application? A. Scaling up B. Scaling down C. Failover clustering D. Scaling in
C
You have two simultaneous application environments at your company. What kind of deployment is this? A. Pipeline deployment B. Red deployment C. Blue-green deployment D. Green-red deployment
C
You need to archive some log files, and you want to make sure that they can never be changed once they have been copied to the storage. Which type of storage would be best for the task? A. SSD B. Rotational media C. WORM D. USB drive
C
You need to ensure that network traffic from CloudVNet1 first goes through CloudVNet2 before continuing to the Internet. What should you configure? A. Load balancer B. NAT gateway C. Route table D. Firewall rule
C
You need to resize a cloud virtual machine with more vCPUs to accommodate a busy IT workload. Which term best describes this action? A. Scaling out B. Scaling in C. Scaling up D. Scaling down
C
You plan to reuse on-premises virtual machines in the cloud. What type of migration will you be performing? A. P2V B. P2P C. V2V D. V2P
C
You plan to test configuration changes to a virtual machine. You need a method of quickly reverting to the previous configuration. Which option presents the quickest solution? A. Virtual machine clone B. Virtual machine replica C. Virtual machine snapshot D. Virtual machine template
C
Your organization uses a SaaS solution from a public cloud provider. Which of the following statements regarding this service usage is correct? A. Hardening and patching the SaaS supporting infrastructure is the consumer's responsibility. B. Cloud virtual machine deployment is an example of SaaS. C. Hardening and patching the SaaS supporting infrastructure is the provider's responsibility. D. Cloud database server deployment is an example of SaaS.
C
A cloud administrator is troubleshooting connectivity issues between Virtual Private Clouds (VPCs). Which of the following steps should the administrator perform? (Select all that apply.) A. Ensure HTTP header information is compatible B. Check for high packet retransmissions C. Update security group memberships D. Update name resolution
C, D
About 70% of the company's customers are based on the east coast of the United States, while the company's headquarters is on the west coast. The company has resources in both a west and east coast region. What reasons may have influenced the company's decision to set up two regional cloud locations? (Select all that apply.) A. To implement a business impact analysis (BIA) B. To setup an external cold site C. To follow a disaster recovery playbook D. To replicate virtual machines (VMs)
C, D
A SaaS provider wants to maintain maximum availability for its service. Which of the following should be implemented to attain the maximum SLA? A. An active-active site B. A cold site C. A warm site D. A hot site
D
A backup administrator on the team requested more storage capacity for backup media. Instead of increasing storage capacity, another backup administrator on the team enabled the deduplication feature. How will this feature benefit the team's storage needs? A. Creates a software-defined storage (SDS) B. Changes storage to thin provisioned C. Creates a RAID volume D. Removes duplicate data blocks
D
A SAN that holds VM files is running out of storage space. Which of the following will BEST increase the amount of effective storage on the SAN? A. Enable encryption B. Convert the SAN from RAID 50 to RAID 60 C. Increase IOPS D. Configure deduplication
D
A cloud administrator is supporting an application that has several reliability issues. The administrator needs visibility into the performance characteristics of the application. Which of the following will MOST likely be used in a reporting dashboard? A. Results from the last performance and workload testing B. Data from files containing error messages from the application C. Detail log data from syslog files of the application D. Metrics and time-series data measuring key performance indicators
D
A cloud administrator is trying to forecast licensing costs for their five year strategic plan. Which of the following licensing structures should they most likely plan for? A. Volume based B. Core based C. Perpetual D. Subscription
D
A cloud administrator needs to apply an emergency hotfix to one of the instances. What type of backup should the administrator capture before applying the hotfix to the system? A. Full backup B. Synthetic full backup C. Differential backup D. Snapshot backup
D
A cloud server administrator has just set up NetIQ eDirectory as the directory services governing account management. Which protocol should the administrator coordinate with the network administrator to enable? A. LDAP B. HTTPS C. Secure Shell D. X.500
D
A cloud technician is attempting to look for pre-configured automated tasks that are already built. The technician finds some useful YAML files. Which of the following tools will the technician need to use? A. Chef B. Puppet C. PowerShell D. Ansible
D
A company has deployed a new cloud solution and is required to meet security compliance. Which of the following will MOST likely be executed in the cloud solution to meet security requirements? A. Regression testing B. Usability testing C. Performance testing D. Vulnerability testing
D
A company has dispatched one of its information technology teams to begin the initial setup for a new office location in a different state. The team will begin by building networking and architectural diagrams, as well as migrating data from the home office to the new location. What should the team utilize to secure this connection? A. Point-to-point tunneling protocol B. Point-to-site VPN C. DNSSEC D. Site-to-site VPN
D
A company is hosting core and and secondary applications with various cloud providers. An administrator needs to implement a way to simplify access to all the applications using the same username and password. Which of the following would be the BEST solution? A. Configure a script to sync all logins and passwords for all application B. Manually configure all logins and passwords in each application C. Use an authorization solution in each cloud provider D. Implement a cloud-based identity management solution for all applications
D
A company just successfully completed a DR test and is ready to shut down its DR site and resume normal operations. Which of the following actions should the cloud administrator take FIRST? A. Initiate a failover B. Configure the network C. Restore backups D. Perform a failback
D
A company sets up a hybrid cloud environment to take advantage of cloud virtual instances to increase resources during peak hours for a set of load-balanced web servers. The on-premises load balancers need secure and accessible communication with the web servers in the cloud. How can a cloud administrator set up the network to stretch from on-premises to the cloud? A. Implement DNS over TLS (DoT). B. Implement a microsegmentation on the cloud platform. C. Implement a multi-tier service chain. D. Implement a VXLAN across both environments.
D
A department utilizing a large file system for its storage would like to avoid running out of space and subsequently necessitating the need for additional memory. Of the units within the department, the development team requires the most storage for projects, while the other teams can utilize much less with proper storage management. What would be an ideal option to ensure that the other departments do not overuse their space allocation? A. Deduplication B. Soft quota C. Data compression D. Storage filesystem quota
D
A new runbook script that automates the removal of unused user accounts is failing. When testing the script, you had no problems. What is the most likely cause of the problem? A. Runbooks cannot run scripts B. Expired PKI certificate C. Script syntax errors D. Insufficient permissions
D
A security administrator wants to enhance security by creating a flexible and scalable policy that separates infrastructure at the workload level. Which of the following solutions is best applicable to the administrator? A. Tiers B. Virtual local area networks C. Virtual extensible LAN D. Microsegmentation
D
A security architect wants to set up permissions dynamically based on assigned functions within the company. What type of permissions structure would best suit their objective? A. Rule-based Access Control B. Mandatory Access Control (MAC) C. Discretionary Access Control (DAC) D. Role-based Access Control (RBAC)
D
A server technician receives multiple complaints from users with varying permissions that a critical resource is inaccessible. What troubleshooting step should the technician perform next? A. Document the findings B. Restart the cloud services C. Check an account with similar permissions D. Establish theory of probable cause
D
A small marketing firm is preparing a business continuity plan and needs to select the right kind of disaster recovery site. The firm's business relies on created and approved marketing campaign files to run daily campaigns and internet connectivity to run the business on the front end. The firm also uses customer relationship management software, as well as the website, for sales. The firm is in a tornado-prone area, but the firm's customers reside all across the country. One day of being unable to post a customer's campaign can cause the firm to lose business. What is the best disaster recovery solution for the marketing firm? A. Hot site B. Warm site C. Cold site D. Cloud site
D
A systems administrator has finished installing monthly updates to servers in a cloud environment. The administrator notices certain portions of the playbooks are no longer functioning. Executing the playbook commands manually on a server does not work as well. There are no other reports of issues. Which of the following is the MOST likely cause of this issue? A. Deprecated features B. Patching failure C. Service overload D. Change management failure E. Job validation issues
D
A systems administrator is creating a VM and wants to ensure disk space is not allocated to the VM until it is needed. Which of the following techniques should the administrator use to ensure this? A. iSCSI storage B. Deduplication C. Software-defined storage D. Thin provisioning
D
A tier 1 support technician has been holding a support ticket for a system problem for an hour and has only identified the problem. Company policy requires tier 1 support tickets to escalate after an hour if the technician cannot resolve the problem. After escalating the ticket, what would the tier 2 technician do next? A. Perform a root cause analysis. B. Verify the system is functional. C. Establish another theory of probable cause. D. Determine the scope of the problem.
D
After a hardware upgrade on a private cloud system, the systems administrator notices a considerable drop in network performance. Which of the following is MOST likely the cause? A. The cluster placement B. The CPU C. The memory D. The driver
D
After accidentally uploading a password for an IAM user in plain text, which of the following should a cloud administrator do FIRST? A. Remove the published plain-text password B. Identify the resources that are accessible to the affected IAM user C. Delete the affected IAM user D. Change the affected IAM user's password E. Notify users that a data breach has occurred
D
After creating a large number of virtual machines, you notice that your shared storage space is critically low. What can you do to help alleviate this storage problem as quickly and cheaply as possible? A. Overprovision the shared storage B. Thick-provision the virtual machines C. Add more drives to the shared storage D. Thin-provision the virtual machines
D
An AWS VM instance must have its memory reconfigured to meet current demand. What must a user do prior to changing the instance type? A. Power on the instance B. Page the memory C. Renew the license D. Power off the instance
D
An AWS technician is utilizing a remote desktop to investigate a company's internal application that is experiencing bug-like symptoms. Which tool would allow workstations used by the app users to accept any patches or updates, following the technician fixing any discovered issues? A. Kerberos B. NFS C. WorkDocs D. Workspaces
D
An administrator is testing the deployment of a recent software update. The administrator would like to test the update from a single workstation with a premade configuration. What is the administrator most likely utilizing for this test? A. SDN B. Hyperconvergence C. Patch D. Container
D
An administrator is troubleshooting a cloud client that is unable to communicate with other devices on the same subnet. The administrator opens a command prompt on the client, enters ipconfig, and sees that the client's IPv4 address is 169.254.0.0 and the subnet mask is 255.255.0.0. Why isn't the client communicating? A. There are not enough VLANs available for the client to connect. B. The client has no default gateway. C. The network is too congested for the client to communicate. D. The client did not receive an IP address assignment.
D
An administrator is viewing the organization's lifecycle roadmap. What kind of information will the administrator NOT see on the Gantt chart? A. The status of deployments B. Deployment budgeting C. Deployment planning D. Deployment personnel
D
An employee sent a digitally signed resignation email to the HR department. Which goal of encryption proves that the employee sent the email? A. Confidentiality B. Digital signatures C. Integrity D. Non-repudiation
D
An organization has configured a VPC (Virtual Private Cloud) but is often unable to access it due to repeated CSP (Cloud Service Provider) outages. The administrator checks the VPC downtime against the Service Level Agreement (SLA) and verifies the downtime is over the acceptable limits. What kind of issue does this represent? A. Network connectivity B. Performance C. Instance configuration D. Vendor-related
D
An organization has received formal notice that it must not allow any modifications to specific information within the organization. What kind of process is this? A. File integrity monitoring B. Role-based access control C. Network segmentation D. Legal hold
D
An organization is developing a new solution for hosting an external website. The systems administrator needs the ability to manage the OS. Which of the following methods would be MOST suitable to achieve this objective? A. Provision web servers in a container environment B. Use PaaS components in the cloud to implement the product C. Implement a cloud-based VDI solution D. Deploy web servers into an IaaS provider
D
At which phase of the lifecycle roadmap would a cloud application serve as a reference for upcoming services to an organization? A. Deployment phase B. Maintenance phase C. Deprecation phase D. Development phase
D
Company A has acquired Company B and is in the process of integrating their cloud resources. Company B needs access to Company A's cloud resources while retaining its IAM solution. Which of the following should be implemented? A. Multifactor authentication B. Single sign-on C. Directory service D. Identity federation
D
Customers are complaining that your retail company's website is acting sluggish. The website is hosted on your internal private cloud. What can be used to mitigate this issue? A. Metering B. Target hosts C. Multitenancy D. Cloud bursting
D
If a company requires a storage solution that possesses both redundancy and maximum storage efficiency (to keep costs down), which of the following options would make the most sense? A. RAID 0 B. RAID 1 C. RAID 10 D. RAID 5
D
On the most fundamental level, every network allows access to system resources based on what? A. Permissions B. Passwords C. Active Directory D. Identity
D
Some VMs that are hosted on a dedicated host server have each been allocated with 32GB of memory. Some of the VMs are not utilizing more than 30% of the allocation. Which of the following should be enabled to optimized the memory utilization? A. Affinity rules in the hypervisor B. Auto-scaling of compute C. Oversubscription D. Dynamic memory allocations on guests
D
The Family Educational Rights and Privacy Act (FERPA) requires a college to keep all students' permanent records for at least 60 years, however, the college rarely needs to access a student's record 5 years after a student completes a degree. What AWS S3 storage tier should the cloud administrator select to house the records for students who completed a degree over 5 years ago? A. Standard B. Intelligent tiering C. Standard infrequent D. Glacier
D
The company's datacenter is set up to work with a cloud service provider (CSP) as a hybrid cloud environment. IT management wants to leverage cloud resources to support on-premises web servers during peak hours. What cloud feature or service can the company take advantage of to fulfill this requirement? A. Auto-scaling B. Horizontal scaling C. Vertical scaling D. Cloud bursting
D
The system administrator has been pinging a new web server by its URL and getting strange and seemingly unexplainable responses from unrecognized systems. She recalls that the new web farm is on a reclaimed subnet that was no longer in use in their cloud server fleet. What would you recommend she investigate to resolve the issue? A. DHCP B. Orphaned services C. Stale network access control lists D. DNS
D
To conserve disk space, you wish to ensure disk volumes do not store duplicate data blocks. What should you enable? A. Thick provisioning B. Thin provisioning C. Compression D. Deduplication
D
What can result from overallocating vCPUs to a VM? A. The hypervisor crashes. B. vCPUs cannot be overallocated; the maximum is dictated by the hardware the VM is running on. C. The VM crashes. D. CPU work is queued by the hypervisor.
D
What kind of tool can you use to capture network traffic for later review? A. Packet analyzer software B. OpenSSL client C. `curl` D. Packet capture software
D
What must exist prior to determining unacceptable application performance? A. Cloud logging B. Log forwarding C. Virtual machine extension D. Baseline
D
What type of backup job is not created from the original data but is aggregated from other backup jobs? A. Incremental Backup B. Differential Backup C. Full Backup D. Synthetic Full Backup
D
When following troubleshooting methodology, which step takes place after establishing an action plan but before verifying that function has returned to the system? A. Implement preventative measures B. Test the theory C. Perform a root cause analysis D. Implement the solution or escalate
D
Which CLI tool shows the mapping of IP addresses to physical addresses on a Windows machine? A. `tracert` B. `netstat` C. `ping` D. `arp`
D
Which CPU technology executes multiple concurrent computations? A. CPU cache B. VT-x C. vCPU D. Simultaneous multithreading
D
Which file system configuration determines who has file access? A. Authentication B. Zoning C. Obfuscation D. ACL
D
Which of the following activities is directly related to system hardening? A. Monitoring system performance B. Renewing expired PKI certificates C. Deleting expired PKI certificates D. Disabling unneeded services
D
Which of the following would NOT be an example of appropriate consumer responsibility when patching cloud resources running on an infrastructure as a service (IaaS) solution? A. Patch virtual machine (VM) OS. B. Patch web service in VM. C. Patch container software. D. Patch virtual host hypervisor.
D
Which statement regarding file system encryption is correct? A. Private keys encrypt, public keys decrypt. B. File encryption requires a symmetric key. C. Hashing algorithms require a private key. D. Public keys encrypt, private keys decrypt.
D
Which type of backup captures changes since the last incremental backup? A. Redirect-on-write B. Copy-on-write C. Full D. Incremental
D
Which type of document identifies how to recover a failed system? A. BIA B. SLA C. BCP D. DRP
D
Which type of migration uses an on-premises physical server as the source and results in a cloud virtual machine? A. P2P B. V2P C. V2V D. P2V
D
While applying patches to similarly configured Linux virtual machines, you receive alerts that the patches failed to apply to some systems. What is the most likely reason for the failure? A. Missing baselines B. Insufficient permissions C. Insufficient network bandwidth D. Missing dependencies
D
You are attempting to remotely start a Windows Server 2019 host installed with the Server Core option. However, you are unable to establish a remote connection using RDP. How should you restart this server? A. Restart the server from the Start menu B. Restart the server from Server Manager over RDP C. Run the PowerShell cmdlet Reboot-Computer D. Run the PowerShell cmdlet Restart-Computer
D
You are capturing network traffic to monitor for any suspicious activities. You are running IPSec on your network. You notice that the whole packet is encrypted. What form of IPSec are you using? A. Secure B. Full encryption C. Transport D. Tunneling
D
You are configuring cloud backup settings. Only data modified since the last incremental backup must be captured. Which type of backup should you configure? A. Copy-on-write B. Differential C. Full D. Incremental
D
You are deploying a new cloud database. Which factor is the most likely to determine whether existing licenses can be used? A. The virtual machine operating system used B. Installed virtual machine guest extensions C. The amount of virtual machine RAM D. The number of virtual machine vCPUs
D
You are deploying a new cloud virtual machine. The virtual machine will host an app that is very CPU intensive. While creating the virtual machine, what should you do? A. Increase IOPS B. Decrease IOPS C. Configure storage mirroring D. Add more vCPUs
D
You are looking to easily encrypt all network traffic on your internal network. What should you use? A. SSL B. GRE C. TLS D. IPSec
D
You are looking to invalidate a PKI certificate. What should you do? A. Issue a new certificate B. Renew the certificate C. Make a new certificate D. Add the certificate to the CRL
D
You are manually deploying a cloud virtual machine. During the wizard, you are prompted to select the number of vCPUs and the amount of RAM. Which term encompasses this type of selection? A. Scaling up B. Sizing up C. Scaling down D. Sizing
D
You are responsible for migrating a large amount of on-premises data to the cloud. Which of the following could potentially cause problems with the migration? A. Cloud IP address B. Format of the data C. Cloud listening port D. Amount of data
D
You company's primary application is critical to the power generation industry and must be highly available. When critical patches need to be installed, downtime is not an option that your customers can tolerate. You have designed a web architecture to take this into account and that allows you to have an exact copy of your production fleet that can be brought online to replace your existing deployment for patching and maintenance. What type of model did you implement? A. DevOps B. Cluster C. Rolling D. Blue-green
D
You discover that some services have stopped working on one of your Linux virtual machines after you deployed a new patch to it. What can you do to easily fix this? A. Restart B. Clone C. Reinstall D. Roll back
D
You have a developer who is attempting to access an older file server that is set to be decommissioned from a Windows Server 2019 virtual machine. They are not prompted for any credentials. Only an error message is produced. You have verified that the firewall rules are set correctly, and the file server can be pinged from the virtual machine. You are also able to access the file server from an older Windows Server virtual machine. What is most likely the cause of the issue? A. The virtual machine does not have the proper credentials to log into the file server. B. All network traffic is blocked between the virtual machine and the file server. C. You need to set different firewall rules for SMB access from Windows Server 2019. D. The file server is running SMB 1, which is not enabled by default on Server 2019.
D
You have upgraded one of your servers with an additional CPU and new RAM. After the upgrade, your operating system says that it has an invalid license. What is a possible cause of this? A. Faulty RAM B. Storage limitation C. Faulty CPU D. Licensing CPU limit
D
You manage your corporate network, and you want to allow incoming HTTP traffic into your network. What firewall setting should you configure to allow this? A. Zoning B. Authorization C. Obfuscation D. ACL
D
You need a secure connection from your on-premises network to a cloud network. What should you configure? A. Route table B. Load balancer C. NAT gateway D. VPN
D
You need to continue running uninterrupted a mission-critical app that is currently running on a local virtual machine whose physical host machine must be turned off and moved. What can you do? A. Use a private cloud B. Deploy a virtual machine C. Use dedicated hosting in the cloud D. Move the local virtual machine to the cloud
D
You need to reduce network latency when users in Asia request content stored on a farm of web servers located in North America. What should you configure? A. Runbook B. Public IP address C. Batch jobs D. CDN
D
Your business sets the maximum amount of data that can be lost in a disaster scenario as two days' worth of data. What term describes this? A. Archiving B. Recovery time objective (RTO) C. Site mirroring D. Recovery point objective (RPO)
D
Your company has configured an on-premises digital certificate issuer. Certificates have been issued and configured for cloud services. What must be configured on user devices to ensure proper functionality? A. Certificate revocation list B. Public key infrastructure C. Key escrow D. Certificate authority
D
Your network is set up with your DNS server being hosted in the cloud. Since a recent firewall configuration change, you are unable to communicate with your DNS server. What is likely the issue? A. The DNS server is down. B. The DNS records are out of date. C. The DNS server's IP address on the company's computers must be updated. D. Port 53 has been blocked at the firewall.
D
Your organization has purchased hypervisor hosts and storage arrays. Departmental use of these resources will be measured. The provisioning of resources will be done by users using a web interface. What type of cloud is this? A. Hybrid B. Community C. Public D. Private
D
Your organization uses PaaS solutions from a public cloud provider. Which of the following statements regarding this service usage is correct? A. A cloud virtual machine deployment is an example of PaaS. B. A cloud office suite is an example of PaaS. C. A cloud telecommunications suite is an example of PaaS. D. A cloud database server deployment is an example of PaaS.
D
A cloud architect is designing the VPCs for a new hybrid cloud deployment. The business requires the following: -- High availability -- Horizontal auto-scaling -- 60 nodes peak capacity per region -- Five reserved network IP addresses per subnet -- /24 range Which of the following would BEST meet the above requirements? A. Create two /26 subnets in different regions B. Create two /27 subnets in different regions C. Create three /26 subnets in different regions D. Create three /25 subnets in different regions E. Create three /27 subnets in different regions F. Create two /25 subnets in different regions
F
An organization purchased new servers with GPUs for render farms. The servers have limited CPU resources. Which of the following GPU configurations will be the MOST optimal for virtualizing this environment? A. Shared B. vGPU C. Dedicated D. Passthrough
A
A systems administrator needs to configure monitoring for a private cloud environment. The administrator has decided to use SNMP for this task. Which of the following ports should the administrator open on the monitoring server's firewall? A. 53 B. 161 C. 139 D. 123
B
The human resources department was charged for a cloud service that belongs to another department. All other cloud costs seem to be correct. Which of the following is the MOST likely cause for this error? A. Misconfigured templates B. Incorrect security groups C. Misconfigured chargeback D. Misconfigured tags
D
The security team for a large corporation is investigating a data breach. The team members are all trying to do the same tasks but are interfering with each other's work. Which of the following did the team MOST likely forget to implement? A. A calling tree B. Incident type categories C. Change management D. Roles and responsibilities
D
An organization requires the following to be achieved between the finance and marketing departments: -- Allow HTTPS/HTTP.- - Disable FTP and SMB traffic. Which of the following is the MOST suitable method to meet the requirements? A. Configure an ACL between the VLANs B. Configure on-demand routing between the VLANs C. Implement 802.1X in these VLANs D. Implement an load balancing solution to load balance the VLAN traffic
A
To make sure that all users are allowed to access only approved resources, the cloud administrator is auditing public cloud identity systems. The cloud administrator wants to control specific access and operations. What is the cloud administrator defining? A. User permissions B. Federated access C. Access control lists D. Resource access definitions
D
Which cloud-based systems abstract and hide much of the complexity of modern cloud systems and also reduce operational errors by executing tested cloud systems, scripts, workflows, or runbooks to make sure the systems are configured correctly? A. SDN B. REST/API C. XML D. Orchestration
D
Which of the following will mitigate the risk of users who have access to an instance modifying the system configurations? A. Deploy an anti-malware solution B. Implement whole-disk encryption C. Deploy the latest OS patches D. Implement mandatory access control
D
Due to a policy change, a few of a customer's application VMs have been migrated to synchronously replicated storage. The customer now reports that performance is lower. The systems administrator checks the resource usage and discovers CPU utilization is at 60% and available memory is at 30%. Which of the following is the MOST likely cause? A. The new configuration is adding latency B. The application is not compatible with the new settings C. There is not enough vCPU assigned D. The memory of the VM is underallocated
A
Which of the following would be considered an example of IaaS? A. Providing hardware resources over the Internet B. A multiuser program that is hosted by a third party C. Providing productivity software for use over the Internet D. A database that is hosted in the cloud
A
A company has a cloud infrastructure service, and the cloud architect needs to set up a DR site. Which of the following should be configured in between the cloud environment and the DR site? A. Replication B. Playbook C. Failback D. Zoning
A
A systems administrator is deploying a solution that requires a virtual network in a private cloud environment. The solution design requires the virtual network to transport multiple payload types. Which of the following network virtualization options would BEST satisfy the requirement? A. STT B. VXLAN C. GENEVE D. NVGRE
C
A systems administrator needs to configure an email client to ensure data integrity of the email messages. Which of the following provides the BEST mechanism to achieve this goal? A. SHA-256 hashes B. SHA-1 hashes C. Digital signature D. Cyclic redundancy check
C
A software development manager is looking for a solution that will allow a team of developers to work in isolated environments that can be spun up and torn down quickly. Which of the following is the MOST appropriate solution? A. Software-defined storage B. Ballooning C. Containers D. File subscriptions
C
A systems administrator would like to reduce the network delay between two servers. Which of the following will reduce the network delay without taxing other system resources? A. Configure a VPN tunnel between the servers B. Enable compression between the servers C. Decrease the MTU size on both servers D. Adjust the CPU resources on both servers
C
A resource pool in a cloud tenant has 90 GB of memory and 120 cores. The cloud administrator needs to maintain a 30% buffer for resources for optimal performance of the hypervisor. Which of the following would allow for the maximum number of two-core machines with equal memory? A. 40 VMs, 1.5GB of memory B. 60 VMs, 1 GB of memory C. 30 VMs, 3GB of memory D. 45 VMs, 2 GB of memory
A
A systems administrator needs to configure SSO authentication in a hybrid cloud environment. Which of the following is the BEST technique to use? A. Federation B. Access controls C. Multifactor authentication D. Certificate authentication
A
An organization has multiple VLANs configured to segregate the network traffic. Following is the breakdown of the network segmentation: -- Production traffic (10.10.0.0/24) -- Network backup (10.20.0.0/25) -- Virtual IP network (10.20.0.128/25) The following configuration exists on the server: Server name Interface IP address Gateway COMPSRV01 Production 10.10.0.12/24 10.10.0.1 COMPSRV01 Network backup 10.20.0.12/25 10.10.0.1 The backup administrator observes that the weekly backup is failing for this server. Which of the following commands should the administrator run to identify the issue? A. ROUTE PRINT B. NETSTAT -A C. IPCONFIG /ALL D. NET SM
A
An organization is running a database application on a SATA disk, and a customer is experiencing slow performance most of the time. Which of the following should be implemented to improve application performance? A. Upgrade the environment and use SSD drives B. Increase disk capacity C. Upgrade the application D. Increase the memory and network bandwidth
A
A cloud administrator recently noticed that a number of files stored at a SaaS provider's file-sharing service were deleted. As part of the root cause analysis, the administrator noticed the parent folder permissions were modified last week. The administrator then used a test user account and determined the permissions on the files allowed everyone to have write access. Which of the following is the best step for the administrator to take NEXT? A. Define and configure the proper permissions for the file-sharing service B. Acquire a third-party DLP solution to implement and manage access C. Identify the changes to the file-sharing service and document D. Test the current access permissions to the file-sharing service
A
A company has decided to get multiple compliance and security certifications for its public cloud environment. However, the company has few staff members to handle the extra workload, and it has limited knowledge of the current infrastructure. Which of the following will help the company meet the compliance requirements as quickly as possible? A. DLP B. NAC C. FIM D. CASB
A
A company has developed a cloud-ready application. Before deployment, an administrator needs to select a deployment technology that provides a high level of portability and is lightweight in terms of footprint and resource requirements. Which of the following solutions will be BEST to help the administrator achieve the requirements? A. Containers B. Infrastructure as code C. Desktop virtualization D. Virtual machines
A
A company wants to check its infrastructure and application for security issues regularly. Which of the following should the company implement? A. Vulnerability testing B. Performance testing C. Penetration testing D. Regression testing
A
A systems administrator is informed that a database server containing PHI and PII is unencrypted. The environment does not support VM encryption, nor does it have a key management system. The server needs to be able to be rebooted for patching without manual intervention. Which of the following will BEST resolve this issue? A. Enable protocol encryption between the storage and the hypervisor B. Ensure all database queries are encrypted C. Create an IPSec tunnel between the database server and its clients D. Enable OS encryption E. Enable volume encryption on the storage
E
The system administrator has noticed a slowdown in the response times of his SQL database and has been tasked to investigate the root cause of the delays. The administrator has decided to configure monitoring application to gather additional data on what may be the cause of the delays. What are some of the objects should be recommended to collect data on? (Choose three.) A. Network packet drops B. CPU C. Read replica I/O D. Machine image E. Load balancer latency F. SLA
A, B, C
Two cloud engineer are working together to combine two like systems into one. What type of activity would necessitate this? (Choose two.) A. Acquisition B. HIPAA C. Merger D. SARBOX E. Divestiture F. Bursting
A, C
A company wants to implement business continuity, and the cloud solution architect needs to design the correct solution. Which of the following will provide the data to measure business continuity? (Choose two.) A. A service-level agreement B. A backup and restore C. A network diagram D. Playbooks E. A recovery time objective F. Automation scripts
A, E
A company has an in-house-developed application. The administrator wants to utilize cloud services for additional peak usage workloads. The application has a very unique stack of dependencies. Which of the following cloud service subscription types would BEST meet these requirements? A. PaaS B. IaaS C. SaaS D. DBaaS
B
A company is switching from one cloud provider to another and needs to complete the migration as quickly as possible. Which of the following is the MOST important consideration to ensure a seamless migration? A. Network utilization B. Feature compatibility C. The cost of the environment D. The I/O of the storage
B
A cloud engineer is responsible for managing a public cloud environment. There is currently one virtual network that is used to host the servers in the cloud environment. The environment is rapidly growing, and the network does not have any more available IP addresses. Which of the following should the engineer do to accommodate additional servers in this environment? A. Enable DHCP on the networks. B. Create a VPC and peer the networks. C. Implement dynamic routing. D. Obtain a new IPAM subscription.
B
A VDI administrator has received reports of poor application performance. Which of the following should the administrator troubleshoot FIRST? A. The network environment B. Server resources C. Client devices D. Container resources
B
A cloud administrator has finished setting up an application that will use RDP to connect. During testing, users experience a connection timeout error. Which of the following will MOST likely solve the issue? A. Enforcing TLS authentication B. Opening TCP port 3389 C. Checking user passwords D. Configuring QoS rules
B
A cloud administrator is reviewing a new application implementation document. The administrator needs to make sure all the known bugs and fixes are applied, and unwanted ports and services are disabled. Which of the following techniques would BEST help the administrator assess these business requirements? A. Usability testing B. Vulnerability testing C. Regression testing D. Performance testing
B
A cloud administrator needs to implement a mechanism to monitor the expense of the company's cloud resources. Which of the following is the BEST option to execute this task with minimal effort? A. Use the API to collect expense information from cloud resources B. Implement a financial tool to monitor cloud resource expenses C. Set custom notifications for exceeding budget thresholds D. Ask the cloud provider to send a daily expense report
B
A cloud administrator recently deployed an update to the network drivers of several servers. Following the update, one of the servers no longer responds to remote login requests. The cloud administrator investigates the issue and gathers the following information: -- The cloud management console shows the VM is running and the CPU and memory utilization is at or near 0%. -- The cloud management console does not show an IP address for that server. -- A DNS lookup shows the hostname resolves to an IP address. -- The server is a member of the same security group as the others. -- The cloud administrator is able to log in remotely to the other servers without issue. Which of the following is the MOST likely cause of the server being unavailable? A. The update caused an increase in the output to the logs, and the server is too busy to respond. B. The network driver updates did not apply successfully, and the interface is in a down state. C. The ACL policy for the server was updated as part of the server reboot, preventing login access. D. The server was assigned a new IP address, and DNS entry for the server name was not updated.
B
A company recently subscribed to a SaaS collaboration service for its business users. The company also has an on-premises collaboration solution and would like users to have a seamless experience regardless of the collaboration solution being used. Which of the following should the administrator implement? A. VDI B. SSO C. WAF D. LDAP
B
A global web-hosting company is concerned about the availability of its platform during an upcoming event. Web traffic is forecasted to increase substantially during the next week. The site contains mainly static content. Which of the following solutions will assist with the increased workload? A. DoH B. CDN C. IPS D. WAF
B
A marketing team is using a SaaS-based service to send emails to large groups of potential customers. The internally managed CRM system is configured to generate a list of target customers automatically on a weekly basis, and then use that list to send emails to each customer as part of a marketing campaign. Last week, the first email campaign sent emails successfully to 3,000 potential customers. This week, the email campaign attempted to send out 50,000 emails, but only 10,000 were sent. Which of the following is the MOST likely reason for not sending all the emails? A. Misconfigured auto-scaling B. API request limit C. Incorrect billing account D. Bandwidth limitation
B
A media company has made the decision to migrate a physical, internal file server to the cloud and use a web-based interface to access and manage the files. The users must be able to use their current corporate logins. Which of the following is the MOST efficient way to achieve this goal? A. Copy the files to the object storage location in a public cloud B. Use a SaaS service with a directory service federation C. Deploy a VM in a cloud, attach storage, and copy the files across D. Deploy a fileshare in a public cloud and copy the files across
B
A small clinic is moving its health and accounting systems to a SaaS solution. The clinic holds patient- and business-sensitive information. Which of the following is the company expected to do to protect its data? A. Install antivirus and disable unneeded services on all SaaS servers. B. Document, configure, and enforce strong account management policies. C. Harden the underlying infrastructure: servers, firewalls, and load balancers. D. Disable and document unneeded ports and protocols on the SaaS servers.
B
A storage array that is used exclusively for datastores is being decommissioned, and a new array has been installed. Now the private cloud administrator needs to migrate the data. Which of the following migration methods would be the BEST to use? A. Conduct a V2V migration B. Perform a storage live migration C. Use a storage vendor migration appliance D. Rsync the data between arrays
B
A systems administrator has migrated an internal application to a public cloud. The new web server is running under a TLS connection and has the same TLS certificate as the internal application that is deployed. However, the IT department reports that only internal users who are using new versions of the browsers are able to load the application home page. Which of the following is the MOST likely cause of the issue? A. The cloud web server is using a self-signed certificate that is not supported by older browsers B. The cloud web server is using strong ciphers that are not supported by older browsers C. The local firewall from older browsers is not allowing outbound connections D. The local firewall from older browsers is not allowing inbound connections
B
A systems administrator is creating a playbook to run tasks against a server on a set schedule. Which of the following authentication techniques should the systems administrator use within the playbook? A. Use the server's root credentials B. Create a service account on the server C. Hard-code the password within the playbook D. Use the administrator's SSO credentials
B
A systems administrator needs to convert ten physical servers to virtual. Which of the following would be the MOST efficient conversion method for the administrator to use? A. Clone the hard drive B. Use the vendor's conversion tool C. Restore from backup D. Rebuild the servers from scratch
B
A systems administrator recently deployed a VDI solution in a cloud environment; however, users are now experiencing poor rendering performance when trying to display 3-D content on their virtual desktops, especially at peak times. Which of the following actions will MOST likely solve this issue? A. Add more vGPU licenses to the host B. Select vGPU profiles with higher video RAM C. Update the quest graphics drivers from the official repository D. Instruct users to access virtual workstations only on the VLAN
B
A systems administrator wants to have near-real-time information on the volume of data being exchanged between an application server and its clients on the Internet. Which of the following should the systems administrator implement to achieve this objective? A. DNSSEC B. Network flows C. A stateful firewall D. DLP
B
After analyzing a web server's logs, a systems administrator sees that users are connecting to the company's application through HTTP instead of HTTPS. The administrator then configures a redirect from HTTP to HTTPS on the web server, and the application responds with a connection time-out message. Which of the following should the administrator verify NEXT? A. The concurrent connection limit B. The firewall rules C. The TLS certificate D. The folder permissions
B
Alan is a systems administrator working in a corporate data center, and he has been tasked with hiding storage resources from a server that does not need access to the storage device hosting the storage resources. What can Alan configure on the storage controller to accomplish this task? A. Zoning B. LUN masking C. VLANs D. Port masking
B
An OS administrator is reporting slow storage throughput on a few VMs in a private IaaS cloud. Performance graphs on the host show no increase in CPU or memory. However, performance graphs on the storage show a decrease of throughput in both IOPS and MBps but not much increase in latency. There is no increase in workload, and latency is stable on the NFS storage arrays that are used by those VMs. Which of the following should be verified NEXT? A. Network B. Application C. SAN D. VM GPU settings
B
An administrator deploys a new virtual machine. After logging on to the virtual machine, she notices that it has a different time setting than the host. What is most likely the cause of this issue? A. The vNIC is not configured correctly. B. The guest tools are not installed. C. The VLAN tag is incorrect. D. The virtual machine cannot communicate with the network.
B
An administrator is performing an in-place upgrade on a guest VM operating system. Which of the following can be performed as a quick method to roll back to an earlier state, if necessary? A. A differential backup B. A VM-level snapshot C. A full backup of the database D. A configuration file backup
B
An organization has two businesses that are developing different software products. They are using a single cloud provider with multiple IaaS instances. The organization identifies that the tracking of costs for each business are inaccurate. Which of the following is the BEST method for resolving this issue? A. Perform segregation of the VLAN and capture egress and ingress values of each network interface B. Tag each server with a dedicated cost and sum them based on the businesses C. Create a dedicated subscription for the businesses to manage the costs D. Split the total monthly invoice equally between the businesses
B
An organization is implementing a new requirement to facilitate users with faster downloads of corporate application content. At the same time, the organization is also expanding cloud regions. Which of the following would be suitable to optimize the network for this requirement? A. Implement SR-IOV on the server instances B. Implement CDN for overall cloud application C. Implement auto-scaling of the compute resources D. Implement an application container solution
B
What RAID level would be used for a database file that requires minimum write requests to the database, a large amount of read requests to the database, and fault tolerance for the database? A. RAID 10 B. RAID 5 C. RAID 0 D. RAID 1
B
Which of the following strategies will mitigate the risk of a zero-day vulnerability MOST efficiently? A. Having a detailed incident response plan B. Keeping all resources up to date C. Creating a standby environment with a different cloud provider D. Using only open-source technologies
B
Which term is used to define the increasing number of services delivered over the Internet? A. MaaS B. XaaS C. C-MaaS D. CaaS
B
You administer a website that receives thousands of hits per second. You notice the web server hosting the website is operating at close to capacity. What solution would you recommend to improve the performance of the website? A. Network bandwidth B. Network load balancing C. Caching D. Compression
B
An organization suffered a critical failure of its primary datacenter and made the decision to switch to the DR site. After one week of using the DR site, the primary datacenter is now ready to resume operations. Which of the following is the MOST efficient way to bring the block storage in the primary datacenter up to date with the DR site? A. Restore incremental backups. B. Restore full backups. C. Set up replication. D. Copy the data across both sites.
C
Lateral-moving malware has infected the server infrastructure. Which of the following network changes would MOST effectively prevent lateral movement in the future? A. Segment the physical network using a VLAN B. Implement 802.1X in the network infrastructure C. Implement microsegmentation on the network D. Implement DNSSEC in all DNS servers
C
A cloud administrator is setting up a DR site on a different zone of the same CSP. The application servers are replicated using the VM replication, and the database replication is set up using log shipping. Upon testing the DR site, the application servers are unable to access the database servers. The administrator has verified the systems are running and are accessible from the CSP portal. Which of the following should the administrator do to fix this issue? A. Change the database application IP B. Edit the DNS record at the DR site for the application servers C. Update the connection string D. Create a database cluster between the primary site and the DR site
C
A company is utilizing a private cloud solution that is hosted within its datacenter. The company wants to launch a new business application, which requires the resources below: Max sessions Nodes req Req vCPU/node Req RAM/node 1.000 2 4 32 5.000 4 6 64 10,000 6 8 64 25,000 8 8 128 The current private cloud has 30 vCPUs and 512GB RAM available. The company is looking for a quick solution to launch this application, with expected maximum sessions to be close to 24,000 at launch and an average of approximately 5,000 sessions. Which of the following solutions would help the company accommodate the new workload in the SHORTEST amount of time and with the maximum financial benefits? A. Add more capacity to the private cloud B. Migrate all workloads to a public cloud provider C. Set up cloud bursting for the additional resources D. Configure auto-scaling within the private cloud
C
A systems administrator disabled TLS 1.0 and 1.1, as well as RC4, 3DES, and AES-128 ciphers for TLS 1.2, on a web server. A client now reports being unable to access the web server, but the administrator verifies that the server is online, the web service is running, and other users can reach the server as well. Which of the following should the administrator recommend the user do FIRST? A. Turn off the software firewall B. Establish a VPN tunnel between the computer and the web server C. Update the web browser to the latest version D. Disable antivirus/anti-malware software
C
A systems administrator is building a new virtualization cluster. The cluster consists of five virtual hosts, which each have flash and spinning disks. This storage is shared among all the virtual hosts, where a virtual machine running on one host may store data on another host. This is an example of: A. a network file system B. thick-provisioned disks C. hyperconverged storage D. a storage area network
C
Performance issues are measured by the load on a system. Which of the following should the system administrator be concerned about as integrating new marketing group into PaaS cloud fleet? A. APIs B. Licensing C. Users D. Cores
C
The cloud administrator has been tasked to develop a cross-cloud provider migration plan as part of company's business continuity plan. As the cloud administrator assesses the feasibility of migrating applications from one public cloud provider to another, what is the service model that has the most lock-ins and is the most complex to migrate? A. XaaS B. IaaS C. SaaS D. PaaS
C
Users are experiencing slow response times from an intranet website that is hosted on a cloud platform. There is a site-to-site VPN connection to the cloud provider over a link of 100Mbps. Which of the following solutions will resolve the issue the FASTEST? A. Upgrade the link to 200Mbps B. Order a direct link to the provider C. Enable quality of service D. Change the connection to point-to-site VPN
C
Which of the following would be the BEST option for discussion of what individuals should do in an incident response or disaster recovery scenario? A. A business continuity plan B. A tabletop exercise C. Incident response/disaster recovery documentation D. A root cause analysis
C
A cloud administrator is reviewing the authentication and authorization mechanism implemented within the cloud environment. Upon review, the administrator discovers the sales group is part of the finance group, and the sales team members can access the financial application. Single sign-on is also implemented, which makes access much easier. Which of the following access control rules should be changed? A. Discretionary-based B. Mandatory-based C. Attribute-based D. Role-based
D
A cloud engineer is responsible for managing two cloud environments from different MSPs. The security department would like to inspect all traffic from the two cloud environments. Which of the following network topology solutions should the cloud engineer implement to reduce long-term maintenance? A. Chain B. Star C. Mesh D. Hub and spoke
D
A cloud administrator is building a new VM for a network security appliance. The security appliance installer says the CPU clock speed does not meet the requirements. Which of the following will MOST likely solve the issue? A. Enable hyperthreading on the virtual host B. Enable CPU masking on the VM C. Add more vCPUs to the VM D. Move the VM to a host with a faster CPU
D
A company recently experienced a power outage that lasted 30 minutes. During this time, a whole rack of servers was inaccessible, even though the servers did not lose power. Which of the following should be investigated FIRST? A. SAN power B. Rack power C. Server power D. Switch power
D
A company that utilizes an IaaS service provider has contracted with a vendor to perform a penetration test on its environment. The vendor is able to exploit the virtualization layer and obtain access to other instances within the cloud provider's environment that do not belong to the company. Which of the following BEST describes this attack? A. Heap spraying B. Directory traversal C. Buffer overflow D. VM escape
D
A developer is no longer able to access a public cloud API deployment, which was working ten minutes prior. Which of the following is MOST likely the cause? A. Depleted network bandwidth B. Invalid API token C. Invalid API request D. API provider rate limiting
D
A systems administrator is configuring RAID for a new server. This server will host files for users and replicate to an identical server. While redundancy is necessary, the most important need is to maximize storage. Which of the following RAID types should the administrator choose? A. 10 B. 6 C. 50 D. 5
D
A systems administrator is configuring a storage array. Which of the following should the administrator configure to set up mirroring on this array? A. RAID 5 B. RAID 6 C. RAID 0 D. RAID 1
D
A systems administrator is deploying a new storage array for backups. The array provides 1PB of raw disk space and uses 14TB nearline SAS drives. The solution must tolerate at least two failed drives in a single RAID set. Which of the following RAID levels satisfies this requirement? A. RAID 10 B. RAID 1 C. RAID 0 D. RAID 6 E. RAID 5
D
A systems administrator is reviewing two CPU models for a cloud deployment. Both CPUs have the same number of cores/threads and run at the same clock speed. Which of the following will BEST identify the CPU with more computational power? A. Simultaneous multithreading B. Bus speed C. L3 cache D. Instructions per cycle
D
A systems administrator recently upgraded the processors in a web application host. Upon the next login, the administrator sees a new alert regarding the license being out of compliance. Which of the following licensing models is the application MOST likely using? A. Volume-based B. Per user C. Per device D. Core-based
D
A technician is working with an American company that is using cloud services to provide video-based training for its customers. Recently, due to a surge in demand, customers in Europe are experiencing latency. Which of the following services should the technician deploy to eliminate the latency issue? A. Cloud bursting B. A new cloud provider C. Auto-scaling D. A content delivery network
D
An IaaS application has a two-hour RTO and a four-hour RPO. The application takes one hour to back up its data or restore from a local backup file. A systems administrator is tasked with configuring the backup policy. Which of the following should the administrator configure to achieve the application requirements with the LEAST cost? A. Back up to object storage every hour B. Back up to long-term storage every four hours C. Back up to long-term storage every night D. Back up to object storage every three hours
D
An organization is hosting a cloud-based web server infrastructure that provides web-hosting solutions. Sudden continuous bursts of traffic have caused the web servers to saturate CPU and network utilizations. Which of the following should be implemented to prevent such disruptive traffic from reaching the web servers? A. A solution to achieve microsegmentation B. Solutions to perform NAC and DLP C. QoS on the network D. DDoS protection
D