CompTIA CV0-004 Online Practice Questions and Exam Preparation

CompTIA CV0-004 Online Questions & Answers

• Question 201:

  A cloud deployment uses three different VPCs. The subnets on each VPC need to communicate with the others over private channels. Which of the following will achieve this objective?

  A. Deploying a load balancer to send traffic to the private IP addresses
  B. Creating peering connections between all VPCs
  C. Adding BGP routes using the VPCs' private IP addresses
  D. Establishing identical routing tables on all VPCs
  B. Creating peering connections between all VPCs

  ---

  Explanation

  To allow subnets on different VPCs to communicate with each other over private channels, the cloud engineer should create peering connections between all the VPCs. VPC Peering allows networks to connect and route traffic using private IP addresses without the need for gateways, VPN connections, or separate physical hardware.

  References: CompTIA Cloud+ Study Guide (Exam CV0-004) by Todd Montgomery and Stephen Olson

• Question 202:

  An organization is hosting its dedicated email infrastructure with unlimited mailbox creation capability. The management team would like to migrate to a SaaS-based solution.

  Which of the following must be considered before the migration?

  A. The SaaS provider's licensing model
  B. The SaaS provider's reputation
  C. The number of servers the SaaS provider has
  D. The number of network links the SaaS provider has
  A. The SaaS provider's licensing model

  ---

  Explanation

  The licensing model of the SaaS provider is an important factor to consider before migrating to a SaaS-based solution for email infrastructure. The licensing model determines how much the organization will pay for the service, how many mailboxes they can create, what features they can access, and what SLAs they can expect. The organization should compare different SaaS providers' licensing models and choose the one that best suits their needs and budget. Reference: CompTIA Cloud+ Certification Exam Objectives, Domain 1.0 Configuration and Deployment, Objective 1.4 Given a scenario, execute a provided deployment plan.

• Question 203:

  A cloud solutions architect needs to have consistency between production, staging, and development environments. Which of the following options will best achieve this goal?

  A. Using Terraform templates with environment variables
  B. Using Grafana in each environment
  C. Using the ELK stack in each environment
  D. Using Jenkins agents in different environments
  A. Using Terraform templates with environment variables

  ---

  Explanation

  Terraform templates with environment variables can ensure consistency across different environments such as production, staging, and development. Terraform allows for infrastructure as code, which can be used to define and maintain infrastructure with consistency.

  References: CompTIA Cloud+ Certification Study Guide (Exam CV0-004) by Scott Wilson and Eric Vanderburg.

• Question 204:

  A project manager is reviewing quality planning techniques. Which of the following involves comparing the results of similar activities?

  A. Performing a cost-benefit analysis
  B. Defining metrics
  C. Benchmarking
  D. Brainstorming
  C. Benchmarking

  ---

  Explanation

  Benchmarking is a quality planning technique that compares results, processes, or best practices from similar activities or organizations. It is used to establish realistic performance standards and identify opportunities for improvement. Unlike cost-benefit analysis, which focuses on financial evaluation, benchmarking emphasizes performance comparison.

  CompTIA Project+ PK0-005 - Quality Planning Techniques; CompTIA Cloud+ CV0-004 Operations and Support domain.

• Question 205:

  Two CVEs are discovered on servers in the company's public cloud virtual network. The CVEs are listed as having an attack vector value of network and CVSS score of 9.0.

  Which of the following actions would be the best way to mitigate the vulnerabilities?

  A. Patching the operating systems
  B. Upgrading the operating systems to the latest beta
  C. Encrypting the operating system disks
  D. Disabling unnecessary open ports
  A. Patching the operating systems

  ---

  Explanation

  For vulnerabilities with a high CVSS score and a network attack vector, the most effective and direct mitigation action is to patch the operating systems. Patching addresses the specific vulnerabilities that have been identified and helps to secure the servers against the known exploits that could take advantage of these CVEs.

  References: CompTIA Cloud+ Guide to Cloud Computing (ISBN: 978-1-64274-282-2)

• Question 206:

  A systems administrator is informed that a database server containing PHI and PII is unencrypted. The environment does not support VM encryption, nor does it have a key management system. The server needs to be able to be rebooted for patching without manual intervention.

  Which of the following will BEST resolve this issue?

  A. Ensure all database queries are encrypted
  B. Create an IPSec tunnel between the database server and its clients
  C. Enable protocol encryption between the storage and the hypervisor
  D. Enable volume encryption on the storage
  E. Enable OS encryption
  D. Enable volume encryption on the storage

  ---

  Explanation

  Volume encryption is a type of encryption that protects data at the storage level by encrypting an entire disk or partition. Volume encryption can provide strong security for data at rest, as it prevents unauthorized access to the data even if the storage device is lost, stolen, or compromised. Volume encryption can also support automatic booting without manual intervention, as it can use a pre-boot authentication mechanism that does not require user input. Enabling volume encryption on the storage is the best way to resolve the issue of having an unencrypted database server containing PHI and PII, as it can protect the sensitive data without relying on VM encryption or a key management system. References:

  CompTIA Cloud+ Certification Exam Objectives, page 14, section 2.7

• Question 207:

  An engineer made a change to an application and needs to select a deployment strategy that meets the following requirements:

  1. Is simple and fast 2. Can be performed on two Identical platforms

  Which of the following strategies should the engineer use?

  A. Blue-green
  B. Canary
  C. Rolling
  D. in-place
  A. Blue-green

  ---

  Explanation

  The blue-green deployment strategy is ideal for scenarios where simplicity and speed are crucial. It involves two identical production environments: one (blue) hosts the current application version, while the other (green) is used to deploy the new version. Once testing is completed on the green environment and it's ready to go live, traffic is switched from blue to green, ensuring a quick and efficient rollout with minimal downtime. This method allows for immediate rollback if issues arise, by simply redirecting the traffic back to the blue environment.

  References: CompTIA Cloud+ material emphasizes the importance of understanding various cloud deployment strategies, including blue-green, and their application in real-world scenarios to ensure efficient and reliable software deployment in cloud environments.

• Question 208:

  A systems administrator is provisioning VMs according to the following requirements:

  5. A VM instance needs to be present in at least two data centers.

  6. During replication, the application hosted on the VM tolerates a maximum latency of one second.

  7. When a VM is unavailable, failover must be immediate.

  Which of the following replication methods will best meet these requirements?

  A. Snapshot
  B. Transactional
  C. Live
  D. Point-in-time
  C. Live

  ---

  Explanation

  Live replication is the process of continuously copying data in real-time to ensure that an exact copy is available in another location. Given the requirement for immediate failover and the presence of the VM instance in at least two data centers, live replication is the best method to meet the one-second maximum latency tolerance and ensure immediate availability in the event of a VM becoming unavailable.

  References: CompTIA Cloud+ Study Guide (Exam CV0-004) - Chapter on Disaster Recovery and Replication Methods

• Question 209:

  A network administrator is budding a site-to-site VPN tunnel from the company's headquarters office 10 the company's public cloud development network. The network administrator confirms the following:

  The VPN tunnel is established on the headquarter office firewall.

  While inside the office, developers report that they cannot connect to the development network resources.

  While outside the office on a client VPN, developers report that they can connect to the development network resources.

  The office and the client VPN have different IP subnet ranges.

  The firewall flow logs show VPN traffic is reaching the development network from the office.

  Which of the following is the next step the next network administrator should take to troubleshoot the VPN tunnel?

  A. Review the development network routing table.
  B. Change the ciphers on the site-to-site VPN.
  C. Restart the site-to-site VPN tunnel.
  D. Check the ACLS on the development workloads
  A. Review the development network routing table.

  ---

  Explanation

  The next step in troubleshooting the VPN tunnel issue is to review the development network routing table. This action will help determine if the routing configurations are correctly directing traffic from the headquarters office through the VPN tunnel to the development network resources. Proper routing ensures that data packets find their way to the correct destinationwithin the cloud environment, which is critical for establishing successful communication between different network segments.References:

  CompTIA Cloud+ materials stress the importance of networking fundamentals in cloud environments, including VPN configurations and routing, to ensure secure and efficient connectivity between on-premises infrastructure and cloud resources.

• Question 210:

  Which of the following compute resources is the most optimal for running a single scripted task on a schedule?

  A. Bare-metal server
  B. Managed container
  C. Virtual machine
  D. Serverless function
  D. Serverless function

  ---

  Explanation

  Serverless functions are ideal for running scripted tasks on a schedule because they can be triggered by events, run the task, and then shut down, incurring costs only for the actual compute time used. This eliminates the need for a continuously running server and is optimal for sporadic or scheduled tasks.

  References: CompTIA Cloud+ Certification Study Guide (Exam CV0-004) by Scott Wilson and Eric Vanderburg.