CompTIA CV0-003 Online Practice Questions and Exam Preparation

CompTIA CV0-003 Online Questions & Answers

• Question 361:

  An organization is developing a new solution for hosting an external website. The systems administrator needs the ability to manage the OS. Which of the following methods would be MOST suitable to achieve this objective?

  A. Deploy web servers into an laaS provider.
  B. Implement a cloud-based VDI solution.
  C. Provision web servers in a container environment.
  D. Use PaaS components in the cloud to implement the product.
  A. Deploy web servers into an laaS provider.

  ---

  Explanation

  Deploying web servers into an IaaS (Infrastructure as a Service) provider is the most suitable method to achieve the objective of hosting an external website and managing the OS. IaaS is a cloud service model that provides basic computing resources such as servers, storage, network, etc., to the customers. The customers have full control and flexibility over these resources and can install and configure any software they need on them. IaaS is suitable for hosting web servers and managing the OS, as it allows the customers to choose their preferred OS, web server software, settings, etc., and customize them according to their needs.

• Question 362:

  A cloud administrator would like to deploy a cloud solution to its provider using automation techniques. Which of the following must be used? (Choose two.)

  A. Auto-scaling
  B. Tagging
  C. Playbook
  D. Templates
  E. Containers
  F. Serverless
  C. Playbook
  D. Templates

  ---

  Explanation

  Playbook and templates are two things that must be used to deploy a cloud solution to its provider using automation techniques. A playbook is a file or script that defines a set of tasks or actions to be executed on one or more cloud resources or systems. A playbook can automate and standardize the deployment and configuration of cloud solutions using tools such as Ansible, Chef, Puppet, etc. A template is a preconfigured image or blueprint of a cloud resource or system that contains an OS, applications, settings, etc., that can be used to create new resources or systems quickly and consistently. A template can simplify and speed up the deployment of cloud solutions using tools such as AWS CloudFormation, Azure Resource Manager, Google Cloud Deployment Manager, etc.

• Question 363:

  A company is planning to migrate applications to a public cloud, and the Chief Information Officer (CIO) would like to know the cost per business unit for the applications in the cloud. Before the migration, which of the following should the administrator implement FIRST to assist with reporting the cost for each business unit?

  A. An SLA report
  B. Tagging
  C. Quotas
  D. Showback
  B. Tagging

  ---

  Explanation

  Tagging is what the administrator should implement first to assist with reporting the cost for each business unit for applications in a public cloud environment. Tagging is a technique that allows customers to assign metadata or labels to their cloud resources, such as applications, instances, volumes, etc., based on their attributes or criteria. Tagging can help customers to organize, manage, monitor, and report their cloud resources and costs by business unit, project, owner, environment, etc.

  https://www.linkedin.com/pulse/cloud-showback-critical-piece-enterprise-governance-how-gowda-/

• Question 364:

  A cloud administrator needs to deploy a security virtual appliance in a private cloud environment, but this appliance will not be part of the standard catalog of items for other users to request. Which of the following is the BEST way to accomplish this task?

  A. Create an empty VM, import the hard disk of the virtual appliance, and configure the CPU and memory.
  B. Acquire the build scripts from the vendor and recreate the appliance using the baseline templates.
  C. Import the virtual appliance into the environment and deploy it as a VM.
  D. Convert the virtual appliance to a template and deploy a new VM using the template.
  C. Import the virtual appliance into the environment and deploy it as a VM.

  ---

  Explanation

  https://www.techtarget.com/searchcloudcomputing/definition/private-cloud

• Question 365:

  An organization is hosting its dedicated email infrastructure with unlimited mailbox creation capability. The management team would like to migrate to a SaaS-based solution. Which of the following must be considered before the migration?

  A. The SaaS provider's licensing model
  B. The SaaS provider's reputation
  C. The number of servers the SaaS provider has
  D. The number of network links the SaaS provider has
  A. The SaaS provider's licensing model

  ---

  Explanation

  The licensing model of the SaaS provider is an important factor to consider before migrating to a SaaS-based solution for email infrastructure. The licensing model determines how much the organization will pay for the service, how many mailboxes they can create, what features they can access, and what SLAs they can expect. The organization should compare different SaaS providers' licensing models and choose the one that best suits their needs and budget.

  CompTIA Cloud+ Certification Exam Objectives, Domain 1.0 Configuration and Deployment, Objective 1.4 Given a scenario, execute a provided deployment plan.

• Question 366:

  A cloud administrator has finished setting up an application that will use RDP to connect. During testing, users experience a connection timeout error. Which of the following will MOST likely solve the issue?

  A. Checking user passwords
  B. Configuring QoS rules
  C. Enforcing TLS authentication
  D. Opening TCP port 3389
  D. Opening TCP port 3389

  ---

  Explanation

  TCP port 3389 is the default port used by Remote Desktop Protocol (RDP) to connect to a remote system or application over a network. Opening TCP port 3389 on the firewall or network device will most likely solve the issue of users experiencing a connection timeout error when trying to use RDP to connect to an application, as it will allow RDP traffic to pass through. If TCP port 3389 is closed or blocked, RDP traffic will be denied or dropped, resulting in a connection timeout error.

  References: CompTIA Cloud+ Certification Exam Objectives, page 15, section 2.8

  https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/troubleshoot/rdp-error-general-troubleshooting

• Question 367:

  Which of the following actions should a systems administrator perform during the containment phase of a security incident in the cloud?

  A. Deploy a new instance using a known-good base image.
  B. Configure a firewall rule to block the traffic on the affected instance.
  C. Perform a forensic analysis of the affected instance.
  D. Conduct a tabletop exercise involving developers and systems administrators.
  B. Configure a firewall rule to block the traffic on the affected instance.

  ---

  Explanation

  Configuring a firewall rule to block the traffic on the affected instance is what the administrator should perform during the containment phase of a security incident in the cloud. A security incident is an event or situation that affects or may affect the confidentiality, integrity, or availability of cloud resources or data. A security incident response is a process of managing and resolving a security incident using various phases, such as identification, containment, eradication, recovery, etc. The containment phase is where the administrator tries to isolate and prevent the spread or escalation of the security incident. Configuring a firewall rule to block the traffic on the affected instance can help to contain a security incident by cutting off any communication or interaction between the instance and other systems or networks, which may stop any malicious or unauthorized activity or access.

• Question 368:

  A cloud administrator implemented SSO and received a business requirement to increase security when users access the cloud environment. Which of the following should be implemented NEXT to improve the company's security posture?

  A. SSH
  B. MFA
  C. Certificates
  D. Federation
  B. MFA

  ---

  Explanation

  MFA (Multi-Factor Authentication) is a security technique that requires the user to present two or more pieces of evidence to prove their identity when they try to access a system or an application. For example, a password and a physical token, or a fingerprint and a one-time code. MFA can improve the company's security posture by preventing unauthorized access even if the password or single-factor authentication is compromised, as the attacker would also need to have the other factors to log in. According to the web search results, MFA can prevent 99.9% of account attacks1. SSO (Single Sign-On) is a system that allows the user to use one set of login credentials to access multiple systems and applications that previously may have each required their own logins. SSO can improve productivity and user convenience, but it does not replace MFA. In fact, SSO works in conjunction with MFA, as it can enforce MFA for all the systems and applications that are integrated with SSO2. Therefore, implementing SSO does not mean that MFA is not needed.

• Question 369:

  The Chief Information Officer of a financial services company wants to ensure stringent security measures are maintained while migrating customer financial information from a private cloud to the public cloud. The cloud engineer must deploy automated validation and verification checks to prevent unauthorized disclosure of financial information. Which of the following should be configured during the migration?

  A. ACL
  B. VPN
  C. P2V
  D. VDI
  B. VPN

  ---

  Explanation

  One possible answer is:

  B. VPN

  A VPN (Virtual Private Network) is a technology that creates a secure and encrypted connection between a remote device and a private network over the internet. A VPN can help prevent unauthorized disclosure of financial information during

  the migration from a private cloud to the public cloud, as it can protect the data in transit from interception, tampering, or leakage. A VPN can also help maintain compliance with data privacy regulations, such as GDPR or PCI DSS, by

  ensuring that the data is only accessible by authorized parties12. ACL (Access Control List) is a method of controlling access to resources based on user or group permissions. ACL can help enforce security policies and restrict access to sensitive data, but it does not encrypt or protect the data in transit3. P2V (Physical to Virtual) is a process of converting a physical machine into a virtual machine. P2V can help migrate workloads from on-premises servers to cloud servers, but it does not ensure the security of the data during the migration4. VDI (Virtual Desktop Infrastructure) is a technology that provides users with virtual desktops hosted on a centralized server. VDI can help improve the performance, availability, and manageability of desktop environments, but it does not

  address the security of the data during the migration5.

• Question 370:

  An enterprise is considering a cost model for a DBaaS. Which of the following is BEST for a cloud solution?

  A. Per gigabyte
  B. Per seat
  C. Per user
  D. Per device
  A. Per gigabyte

  ---

  Explanation

  https://www.techtarget.com/searchcloudcomputing/tip/Breaking-down-the-costs-of-cloud-storage