CompTIA CV0-004 Online Practice Questions and Exam Preparation

CompTIA CV0-004 Online Questions & Answers

• Question 181:

  A cloud engineer is deploying a server in a cloud platform. The engineer reviews a security scan report. Which of the following recommended services should be disabled? (Select two).

  A. Telnet
  B. FTP
  C. Remote log-in
  D. DNS
  E. DHCP
  F. LDAP
  A. Telnet
  B. FTP

  ---

  Explanation

  Telnet and FTP are recommended services to be disabled when deploying a server in a cloud platform, as they are insecure protocols that transmit data in plain text and expose credentials and sensitive information to potential attackers12. Remote log-in, DNS, DHCP, and LDAP are not necessarily recommended to be disabled, as they may provide useful functionality for the server and the cloud environment. However, they should be configured properly and secured with encryption, authentication, and authorization mechanisms34.

  References: CompTIA Cloud+ CV0-003 Exam Objectives, Objective 4.2: Given a scenario, apply security configurations and compliance controls ; CompTIA Quick Start Guide to Tackling Cloud Security Concerns3

• Question 182:

  A cloud engineer was deploying the company's payment processing application, but it failed with the following error log:

  ERFOR:root: Transaction failed http 429 response, please try again

  Which of the following are the most likely causes for this error? (Select two).

  A. API throttling
  B. API gateway outage
  C. Web server outage
  D. Oversubscription
  E. Unauthorized access
  F. Insufficient quota
  A. API throttling
  F. Insufficient quota

  ---

  Explanation

  The error "http 429 response, please try again" typically indicates API throttling, where the number of requests exceeds the rate limit set by the API provider, and insufficient quota, where the allowed number of API calls within a given timeframe has been exceeded.

  References: API throttling and quota management are key concepts in the management of cloud resources, as highlighted in the CompTIA Cloud+ curriculum.

• Question 183:

  A cloud administrator needs to reduce storage costs. Which of the following would best help the administrator reach that goal?

  A. Enabling compression
  B. Implementing deduplication
  C. Using containers
  D. Rightsizing the VMs
  B. Implementing deduplication

  ---

  Explanation

  Deduplication is a process by which redundant data is eliminated, thus reducing the size of the dataset. Deduplication with cloud storage reduces the storage requirements, along with the amount of data to be transferred over the network, resulting in faster and more efficient data protection operations1. Deduplication can help to shrink the data footprint, lower the storage costs, and improve the performance of backup and recovery processes2. Deduplication can be applied at different levels, such as file- level, block-level, or byte-level, depending on the granularity and efficiency of the technique3. Deduplication can also be performed at different locations, such as source, target, or cloud, depending on the architecture and design of the storage system3. By implementing deduplication, a cloud administrator can achieve significant data savings and optimize the cloud storage costs4. References: Data deduplication techniques for efficient cloud storage management: a systematic review; How Data Deduplication Reduces Cloud Data Costs; How Data Deduplication Can Save Cloud Storage Costs?; Data Deduplication Overview; What is Data Deduplication and How Can it Help Reduce Cloud Costs?.

• Question 184:

  An organization's critical data was exfiltrated from a computer system in a cyberattack. A cloud analyst wants to identify the root cause and is reviewing the following security logs of a software web application:

  "2021/12/18 09:33:12" "10. 34. 32.18" "104. 224. 123. 119" "POST / login.php?u=administratorandp=or%201%20=1"

  "2021/12/18 09:33:13" "10.34. 32.18" "104. 224. 123.119" "POST /login.php?u=administratorandp=%27%0A"

  "2021/12/18 09:33:14" "10. 34. 32.18" "104. 224. 123. 119" "POST /login.php?u=administratorandp=%26"

  "2021/12/18 09:33:17" "10.34. 32.18" "104. 224. 123.119" "POST / login.php?u=administratorandp=%3B"

  "2021/12/18 09:33:12" "10.34. 32. 18" "104. 224. 123. 119" "POST / login.php?u=adminandp=or%201%20=1"

  "2021/12/18 09:33:19" "10.34.32.18" "104. 224. 123.119" "POST / login.php?u=adminandp=%27%0A"

  "2021/12/18 09:33:21" "10. 34. 32.18" "104.224. 123.119" "POST / login.php?u=adminandp=%26"

  "2021/12/18 09:33:23" "10. 34. 32.18" "104. 224. 123.119" "POST / login.php?u=adminandp=%3B"

  Which of the following types of attacks occurred?

  A. SQL injection
  B. Cross-site scripting
  C. Reuse of leaked credentials
  D. Privilege escalation
  A. SQL injection

  ---

  Explanation

  The security logs of the software web application show patterns that are typical of an SQL injection attack. This is evidenced by the inclusion of SQL syntax in the user input fields in an attempt to manipulate the database.

  References: CompTIA Cloud+ Study Guide (Exam CV0-004) - Chapter on Cloud Security Threats

• Question 185:

  Which of the following best describes a system that keeps all different versions of a software separate from each other while giving access to all of the versions?

  A. Code documentation
  B. Code control
  C. Code repository
  D. Code versioning
  D. Code versioning

  ---

  Explanation

  A system that keeps all different versions of software separate from each other while providing access to all of the versions is best described by Code versioning. Code versioning systems, such as Git, allow developers to keep track of changes, revert to previous states, and manage multiple versions of codebases.

  References: CompTIA Cloud+ Study Guide (Exam CV0-004) by Todd Montgomery and Stephen Olson

• Question 186:

  A security engineer recently discovered a vulnerability in the operating system of the company VMs. The operations team reviews the issue and decides all VMs need to be updated from version 3.4.0 to 3.4.1.

  Which of the following best describes the type of update that will be applied?

  A. Consistent
  B. Major
  C. Minor
  D. Ephemeral
  C. Minor

  ---

  Explanation

  The update from version 3.4.0 to 3.4.1 is considered a minor update, typically involving small bug fixes or security patches that do not include major feature changes or improvements.

  References: CompTIA Cloud+ Study Guide (Exam CV0-004) - Chapter on Systems Management

• Question 187:

  A company is concerned about the security of its data repository that contains customer PII. A systems administrator is asked to deploy a security control that will prevent the exfiltration of such data.

  Which of the following should the systems administrator implement?

  A. DLP
  B. WAF
  C. FIM
  D. ADC
  A. DLP

  ---

  Explanation

  Implementing DLP (Data Loss Prevention) is the best solution to prevent the exfiltration of customer PII (Personally Identifiable Information) from a data repository. DLP is a security control that monitors, detects, and blocks sensitive data from leaving or being accessed by unauthorized parties. DLP can be applied at different levels, such as network, endpoint, storage, or cloud. DLP can help to protect customer PII from being leaked, stolen, or compromised.

  https://cloud.google.com/blog/products/identity-security/4-steps-to-stop-data-exfiltration-with-google-cloud

• Question 188:

  An on-premises data center is located in an earthquake-prone location. The workload consists of real-time, online transaction processing. Which of the following data protection strategies should be used to back up on-premises data to the cloud while also being cost effective?

  A. Remote replication for failover
  B. A copy that is RAID 1 protected on spinning drives in an on-premises private cloud
  C. A full backup to on-site tape libraries in a private cloud
  D. Air-gapped protection to provide cyber resiliency
  A. Remote replication for failover

  ---

  Explanation

  Remote replication for failover is the data protection strategy that should be used to back up on-premises data to the cloud for an earthquake-prone location. It provides real-time or near-real-time copying of data to a remote location, which can be quickly activated in case the primary site fails.References: Disaster recovery strategies, including remote replication for failover, are part of the cloud-based data protection methods covered in the CompTIA Cloud+ certification.

• Question 189:

  An organization's internal security team mandated that public cloud resources must be accessible only by a corporate VPN and not by direct public internet access.

  Which of the following would achieve this objective?

  A. WAF
  B. ACL
  C. VPC
  D. SSH
  C. VPC

  ---

  Explanation

  A Virtual Private Cloud (VPC) allows users to create a secluded section of the public cloud where resources can be launched in a defined virtual network. This enables an organization to have a section of the cloud that is secured and isolated from the public internet, thus, access to public cloud resources can be restricted to only a corporate VPN. References: CompTIA Cloud+ Study Guide (Exam CV0-004) - Chapter on Cloud Security

• Question 190:

  Which of the following do developers use to keep track of changes made during software development projects?

  A. Code drifting
  B. Code control
  C. Code testing
  D. Code versioning
  D. Code versioning

  ---

  Explanation

  Developers use code versioning to keep track of changes made during software development projects. It is a system that records changes to a file or set of files over time so that specific versions can be recalled later. References: CompTIA Cloud+ Study Guide (Exam CV0-004) - Chapter on Software Development in Cloud Environments