MoreExam
1. Question Content...
EXPLANATION
Answer: X - EXPLANATION Content.
Question1: Developers are frustrated by the deployment delay caused by setting up permissions and firewall rules.Which of the following would be the BEST way to resolve this issue?
Question2: A cloud administrator is given a requirement to maintain a copy of all system logs for seven years. All servers are deployed in a public cloud provider's environment.Which of the following is the MOST cost-efficient solution for retaining these logs?
Question3: A company security policy mandates education and training for new employees. The policy must outline acceptable use policies for SaaS applications. Given these requirements, which of the following security controls is BEST suited?
Question4: An administrator is using a script to create ten new VMs in a public cloud. The script runs and returns no errors. The administrator confirms that all ten VMs show up in the dashboard, but only the first eight reply to pings. Which of the following is the MOST likely cause of the issue?
Question5: A non-critical vulnerability has been identified by a Linux vendor, who has released a patch and recommends that it be applied immediately.Which of the following is the BEST plan for the cloud administrator to install the patch?
Question6: A company's cloud administrator receives an advisory notice from the CSP. The CSP runs quarterly tests on its platform and customer's environments. The cloud administrator reads the notice and sees the company's environment is at risk of buffer over-read exploits. Which of the following tests is the CSP MOST likely running on a quarterly basis?
Question7: A cloud engineer deployed an email server in a public cloud. Users can access the email server, but the emails they send cannot reach their destinations. Which of the following should the cloud engineer do FIRST?
Question8: An upgrade to a web application, which supports 400 users at four sites, is being tested. The application runs on four servers behind a load balancer.The following test plan is proposed:Have 50 users from site A connect to server 1 Have 50 users from site B connect to server 2 Have 50 users from site C connect to server 3 Have 50 users from site D connect to server 4 Which of the following parameters is being properly tested by this plan?
Question9: There has been a change in requirements for two countries where PCI virtual instances exist. As such three virtual instances need to be added in both countries' PCI environments, and two instances need to be removed.Which of the following is the BEST way to ensure compliance is met in those two countries?
Question10: A customer wants to remove a user's access to the SaaS CRM system. Which of the following methods should be executed FIRST?
Question11: A customer wants to schedule a backup job that compares and saves changes from the last full backup. Which of the following backup types should be used?
Question12: A private cloud administrator needs to configure replication on the storage level for a required RPO of 15 minutes and RTO of one hour. Which of the following replication types would be the BEST to use?
Question13: The QA team is testing a newly implemented clinical trial management (CTM) SaaS application that uses a business intelligence application for reporting. The UAT users were instructed to use HTTP and HTTPS.Refer to the application dataflow:1A - The end user accesses the application through a web browser to enter and view clinical data.2A - The CTM application server reads/writes data to/from the database server.1B - The end user accesses the application through a web browser to run reports on clinical data.2B - The CTM application server makes a SOAP call on a non-privileged port to the BI application server.3B - The BI application server gets the data from the database server and presents it to the CTM application server.When UAT users try to access the application using https://ctm.app.com or http://ctm.app.com, they get a message stating: "Browser cannot display the webpage." The QA team has raised a ticket to troubleshoot the issue.
Question14: A cloud administrator needs to configure multiple web servers to participate actively in workload processing.Which of the following will BEST help the administrator achieve this goal?
Question15: A cloud administrator for a state government agency is tasked with giving access to the voter registration application to a government agency in another state. Only authorized officials from each state should access the application. These agencies have a common environment where applications have been deployed in the past. Which of the following should the cloud administrator do to give access to the application?
Question16: A CSA needs to bring a client's public cloud site online at another location in the same region after a disaster. The RPO is eight hours, and the RTO is four hours. Which of the following is the BEST way to accomplish this goal?
Question17: Based on demand, an IaaS provider wants to deploy a security application for its customers.Which of the following is the BEST technique for the IaaS provider to apply this to target systems?
Question18: A large law firm is migrating all of its systems to the cloud to meet growing business needs. The firm wants to reduce IT staff while maintaining day-to-day operations, such as user provisioning, folder management, and permissions. Which of the following MUST the cloud provider and cloud customer implement to ensure user non-repudiation?
Question19: A newly established CSP allows for drive shipping to upload new data into the environment. Sensitive data on 40TB of storage needs to be transferred within one week. Which of the following is the MOST efficient and secure method for shipment of the data to the CSP with minimal downtime?
Question20: An e-commerce business recently experienced a two-hour outage from its hosted web service provider. According to the SLA, the business needs to determine how much data can be restored. On which of the following service-level components should the business focus?
Question21: A cloud-based web proxy is blocking key sites that a business requires for operation. After validation, the sites are legitimate, and access is required for end users to complete their work.Which of the following is the BEST solution to allow access to the sites?
Question22: A Big Data analytics company wants to ensure its data is protected at rest.Which of the following is the BEST hardware-based solution?
Question23: A customer has indicated that bi-weekly full backups are taking too long to complete.Which of the following would be the BEST action if minimizing restore time is very important to the customer?
Question24: A company has implemented a change management process that allows standard changes during business hours. The company's private cloud hardware needs firmware updates and supports rolling upgrades. Which of the following considerations should be given to upgrade firmware and make the change as transparent as possible to users?
Question25: A company requires all system logs to be saved for a minimum 30 days. However, many employees are reporting storage near capacity alerts. A cloud administrator is trying to fix and prevent this issue from happening again.Which of the following is the BEST option?
Question26: An administrator is implementing a new SaaS application. The administrator has been directed to enhance the user authentication experience.Which of the following technologies BEST meets this requirement?
Question27: Ann, an internal user, has been accessing an internal SaaS solution on a different subnet for the last several months. When Ann tries to connect to the application today, she receives an error stating the resource cannot be found. When checking with her teammates, she discovers some users can access the resource and others cannot. Which of the following tools would be the BEST option to determine where the issue is located?
Question28: A new private cloud platform is being deployed by an engineer. SLA requirements state that any clusters should have a baseline redundancy sufficient to handle the failure of at least two hosts. The engineer records the following metrics after the deployment:
Question29: A manufacturing company has the following DR requirements for its IaaS environment:RPO of 24 hoursRTO of 8 hoursThe company experiences a disaster and has a two-site hot/cold configuration. Which of the following is the BEST way for the company to recover?
Question30: A large finance firm processes three times as many transactions in December of each year. The transactions are processed in a private cloud. Management wants to avoid adding permanent resources to accommodate the single month increase. Which of the following is the BEST way to meet the need?
Question31: A cloud engineer needs to deploy a new virtual firewall in a private cloud. Which of the following should the engineer do as a FIRST step?
Question32: A courier company has virtualized its packing software application. The CSA needs to confirm the deployment is utilizing the correct amount of CPU per virtual instance. After confirming the deployment requirements, the CSA should log into the cloud services portal to ensure that:
Question33: A company needs to meet the security requirements for PII. Which of the following cloud service models allows the company to have the MOST control to meet the security requirements?
Question34: A cloud architect is tasked with isolating traffic between subnets in an IaaS platform. The networks should be able to statefully communicate with each other. Given this scenario, which of the following should the architect implement?
Question35: A cloud deployment engineer is modifying versions of the existing template image to instantiate new VMs. The engineer accomplishes this through the cloud self-service portal. After the version is changed and a new VM is successfully started, it does not have any connectivity, and all ping tests to other VMs fail. Which of the following would be the BEST approach to solve the problem?
Question36: A cloud administrator has deployed a new all-flash storage array with deduplication and compression enabled, and moved some of the VMs into it. The goal was to achieve 4:1 storage efficiency while maintaining sub- millisecond latency. Which of the following results would BEST suit the requirements?
Question37: A healthcare provider determines a Europe-based SaaS electronic medical record system will meet all functional requirements. The healthcare provider plans to sign a contract to use the system starting in the next calendar year. Which of the following should be reviewed prior to signing the contract?
Question38: A hosted file share was infected with CryptoLocker and now root cause analysis needs to be performed. Place the tasks in the correct order according to the troubleshooting methodology.
Question39: A company upgraded a hosted vulnerability scanner to the latest version, and now tickets are not being created to assign critical vulnerabilities. After confirming the ticketing issue, all the scanning services are confirmed to be running on the VM. Which of the following is the MOST likely cause and best method to fix the issue?
Question40: A rural manufacturing company wants to move all IT services, including the industrial control systems, to the cloud.Given this scenario, which of the following cloud services elements would be a challenge to the deployment?
Question41: Which of the following provides the BEST approach for deploying multiple new firewalls into an IaaS cloud environment with minimal errors?
Question42: Given the IaaS cloud service model, at which of the following layers of the platform does microsegmentation BEST apply?
Question43: A company has decided to scale its e-commerce application from its corporate datacenter to a commercial cloud provider to meet an anticipated increase in demand during an upcoming holiday.The majority of the application load takes place on the application server under normal conditions.For this reason, the company decides to deploy additional application servers into a commercial cloud provider using the on-premises orchestration engine that installs and configures common software and network configurations.The remote computing environment is connected to the on-premises datacenter via a site-to-site IPSec tunnel.The external DNS provider has been configured to use weighted round-robin routing to load balance connections from the Internet.During testing, the company discovers that only 20% of connections completed successfully.Review the network architecture and supporting documents and fulfill these requirements:Part1:1. Analyze the configuration of the following components: DNS, Firewall1, Firewall2, Router1, Rouler2, VPN and Orchestrator Server.2. Identify the problematic device(s).Instructions:If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.Simulation
Question44: A system's application servers need to be patched. The requirements for maintenance work are as follows:System downtime is not allowed.The application server in use must be in the sane patch status. System performance must be maintained during patching work.Testing after patching must be done before the application server is in use. If any trouble occurs, recover the previous version in ten minutes.Which of the following methodologies should be selected?
Question45: A company needs to extend its on-premises private cloud to an external cloud provider to meet the needs of additional storage and database services. The cloud architect also needs to implement a technique to meet data-in-transit requirements. Which of the following is the BEST design to meet the company's needs?
Question46: Several suspicious emails are being reported from end users. Organizational email is hosted by a SaaS provider. Upon investigation, the URL in the email links to a phishing site where users are prompted to enter their domain credentials to reset their passwords. Which of the following should the cloud administrator do to protect potential account compromise?
Question47: Which of the following would be appropriate when considering inbound access security for a web-based SaaS solution?
Question48: At 2:00 a.m each day, the database team runs a batch job to import the sales data for the day, index it, and generate sales reports for the next day. The team has informed the cloud administrator that sales data is expected to increase in the next month and will take longer to complete. The current environment uses several batch servers that process chunks of data individually.Which of the following is the BEST approach for the cloud administrator to take to handle the increased load?
Question49: A multinational corporation needs to migrate servers, which are supporting a national defense project, to a new datacenter. The data in project is approximately 20GB in size. The engineer on the project is considering datacenters in several countries as possible destinations. All sites in consideration are on a high-speed MPLS network (10Gb+ connections). Which of the following environmental constraints is MOST likely to rule out a possible site as an option?
Question50: A company wants to take advantage of cloud benefits while retaining control of and maintaining compliance with all its security policy obligations. Based on the non-functional requirements, which of the following should the company use?
Question51: A systems administrator created several new VMs on a private cloud and wants to ensure the new baseline still meets corporate guidelines. The administrator finds the following new load numbers on the hosts:If corporate policy requires N+1 host capacity, which of the following metrics is MOST likely to present a problem?
Question52: A company is required to ensure all access to its cloud instance for all users to utilize two-factor authentication.The QA team confirms all functional requirements successfully test. After deployment, all business users report the two-factor authentication is not enforced while accessing the instance. Which of the following would be the MOST likely reason the QA team did not catch the issue?
Question53: A cloud engineer is upgrading a high-performance computing cluster for the private cloud. The existing cluster is being replaced with GPU servers. A single GPU server is capable of the same teraflops output as 10 CPU servers. The current cluster configuration is as follows:100 quad-core CPU servers capable of producing 100 teraflops.The baseline and current usage is 100%.The new cluster was set up and benchmarked in four different configurations. Which of the following configurations will meet the baseline teraflops performance of the cluster while maintaining the current usage?
Question54: Company A just acquired Company B and needs to migrate critical applications to Company A's private cloud infrastructure. Company B's applications are running on legacy servers and cannot be removed from the current datacenter where they reside. Which of the following migration strategies should the cloud administrator use?
Question55: A company provides IaaS services. Which of the following disk provisioning models for creating standard template should the company use to provision virtual instances?
Question56: A business is demanding faster IT services turnaround from its IT groups. The current lead time between request and delivery is three weeks for a task that would take a competitor two days. An architect is asked to develop a solution to reduce the lead time of the request while ensuring adherence to the company policies. Which of the following is the BEST approach to achieve the stated objective?
Question57: A company has a private cloud NAC solution in place to prevent unauthorized/non-company assets from connecting to the internal network. A cloud systems administrator cannot add a new physical server to the existing functioning cluster.Which of the following is the MOST likely cause of this issue?
Question58: Which of the following is the BEST way to ensure accounts in a cloud environment are disabled as soon as they no longer need to be active?
Question59: A cloud administrator configures a new web server for the site https://companyname.com. The administrator installs a wildcard SSL certificate for *.companyname.com. When users attempt to access the site, a certificate error is received. Which of the following is the MOST likely cause of the error?
Question60: Ann, the lead product developer for a company, just hired three new developers. Ann asked the cloud administrator to give these developers access to the fileshares in the public cloud environment. Which of the following is the BEST approach for the cloud administrator to take?
Question61: A company has an SLA of 15ms for storage latency.Given the above metrics, which of the following is the MOST appropriate change to the environment?
Question62: Developers are frustrated by the deployment delay caused by setting up permissions and firewall rules.Which of the following would be the BEST way to resolve this issue?
Question63: A new browser version has been deployed to all users at a company. After the deployment, users report that they can no longer access the company's secure time-card system, which is hosted by a SaaS provider. A technician investigates and discovers a security error is received upon opening the site. If the browser is rolled back to the older version, the site is accessible again. Which of the following is the MOST likely cause of the security error users are seeing?
Question64: Joe, a cloud administrator, is no longer able to SSH to his cloud management console after he returns from a two-week vacation. A coworker was able to connect from the management station with no issue. During the last two weeks, the desktop team replaced all administrator machines with newer ones. Which of the following must Joe do FIRST to troubleshoot his access?
Question65: In a private cloud environment, which of the following is the BEST way to update 20 VMs with the same patch that has been regression tested and approved for rollout?
Question66: Cloud developers are experiencing a delay caused by the static code review before each deployment. The security operator and developer must address the issue without cutting corners with security testing. Which of the following would BEST address the delay issue?
Question67: A cloud implementation engineer successfully created a new VM. However, the engineer notices the new VM is not accessible from another network. A ping test works from another VM on the same subnet. Which of the following is the MOST likely problem?
Question68: A cloud service company is proposing a solution to a major sporting venue. The solution offers 99.999% availability during special events, which is proven through specialized testing. Which of the following techniques should be applied to confirm the high availability claimed by the company? (Select TWO.)
Question69: Government agencies currently operate their own websites, each with its own directory services. There is a mandate to minimize IT administration.Which of the following should the cloud services architect choose to BEST meet this mandate?
Question70: Which of the following solutions BEST complies with laws requiring secure data-at-rest for a critical application while keeping in mind the need for reduced costs?
Question71: A customer is building a web cluster in which all nodes must access a shared pool of images.Which of the following storage types would be BEST for this workload?
Question72: A company's Chief Information Officer (CIO) wants to manage PII by delegating access to sensitive files to the human resources department. The cloud engineer is tasked with selecting and implementing an appropriate technique to achieve the stated objective. Which of the following control methods would be BEST for the cloud engineer to implement?
Question73: A company is interested in a DRP. The purpose of the plan is to recover business as soon as possible. The MOST effective technique is:
Question74: A hospital is leveraging a third-party-hosted, SaaS-based EMRS for all its regional locations. The EMRS will consolidate all existent stand-alone regional systems. All regional systems managers are concerned about the new system availability. Which of the following should the new EMRS architect do to address the manager's concerns?
Question75: An administrator needs to deploy a new release of an application in a way that allows a quick rollback to the previous version of the application. Which of the following is the BEST strategy to apply?
Question76: A company changed its policy to have seven-year data retention in the public cloud. Which of the following would be the MOST cost-effective way to meet retention requirements?
Question77: A100at approximately 30% utilization. At midnight, a batch job is scheduled to run that will drive the CPU utilization up to 75% for approximately an hour. Any time the CPU utilization is at 40% or higher for longer than ten minutes, administrators will receive an alert. Which of the following is the BEST method to ensure administrators do not experience message fatigue due to false alerts?
Question78: A cloud administrator is provisioning five VMs, each with a minimum of 8GB of RAM and a varying load throughout the day. The hypervisor has only 32GB of RAM. Which of the following features should the administrator use?
Question79: The risk and compliance team mandates that all PII should be sent via secure and encrypted channels via webmail. As the SaaS administrator, which of the following is the BEST method for implementing data governance?
Question80: Worldwide users from an organization are experiencing intermittent access to a global cloud application. The cloud provider availability dashboard shows all resource availability has been 100% in the last two weeks. No network outages have been reported. Which of the following should the organization's administrator do BEFORE calling the cloud provider?
Question81: A company is using storage-as-a-service from an IaaS provider for application services. The company has a mandate to protect personal information being stored on the cloud. The service provided includes encryption for in-transit data and requires a security solution for data-at-rest.Which of the following should be deployed to secure the personal information?
Question82: A cloud administrator for a customer's environment must ensure the availability of critical applications. The cloud provider hosting the infrastructure lost power, and the environment was down for four hours. Which of the following solutions is MOST suitable for ensuring availability of critical applications?
Question83: A cloud administrator is required to implement a solution to handle data-at-rest encryption requirements for a database. Which of the following would BEST satisfy the requirements?
Question84: A customer has indicated that bi-weekly full backups are taking too long to complete.Which of the following would be the BEST action if minimizing restore time is very important to the customer?
Question85: A company purchased a SaaS CRM application. The signed SLA meets year-round performance requirements. Three months after deployment, customers start reporting a slow application response time. System availability, connectivity, and proper functionality still meet the SLA.Which of the following is MOST likely the reason for the poor response time?
Question86: A private cloud is using the iSCSI protocol for connection from storage to hypervisors. This connection is not encrypted currently, and the systems administrator is tasked with enabling on-the-fly encryption.Which of the following technologies should the administrator use?
Question87: A company is migrating its application to a cloud provider. Six months before going live, a representative from each stakeholder group validated the functionality and performance in the QA environment and did not identify any issues. After going live, the system response time is slower that the testing environment. Which of the following is the MOST likely gap in the testing plan?
Question88: The legal department requires eDiscovery of hosted file shares. To set up access, which of the following is the BEST method to ensure the eDiscovery analyst only has the ability to search but not change configuration or settings?
Question89: A pharmaceutical company is migrating its systems and infrastructure to the cloud. Due to security restrictions and regulatory policies, the company Chief Executive Officer (CEO) is concerned about moving this information to the cloud.Based on the CEO's concern, which of the following should the company do First?
Question90: A Type 1 hypervisor has the following specifications:RAM 128GBCPU 4 socket quad-core Storage 16TBEach VM must have 8GB RAM, 1 vCPU, and 512GB storage. Which of the following is the MAXIMUM number of VMs that can be hosted on this hypervisor?
Question91: A company has an internal SLA for CPU and RAM oversubscription that should stay below 120%. Storage utilization should stay below 90% with oversubscription below 160%. Given the following:Which of the following should be done to meet the SLA?
Question92: A new application with availability SLA requirements of 99.99% has been deployed in a cloud. For a test spanning a month, which of the following unavailability times would mean the test was successful? (Select TWO).
Question93: A financial services company has a requirement to keep backups on premises for 30 days and off-site for up to seven years to a location that is within 100mi (161km) of the primary datacenter location. Recovery times for backups kept on-site have an RTO of one hour, while recovery times for backups kept off-site have an RTO of four hours. Which of the following solutions BEST solves this requirement?
Question94: A public cloud provider recently updated one of its services to provide a new type of application load balancer. The cloud administrator is tasked with building out a proof-of-concept using this new service type. The administrator sets out to update the scripts and notices the cloud provider does not list the load balancer as an available option type for deploying this service. Which of the following is the MOST likely reason?
Question95: An automation performs the following on a monthly basis:- Disable accounts that have not logged on in the last 60 days- Remove firewall rules with zero hits in the last 30 days- Remove DNS entries that have not been updated in the last 60 days- Archive all logs that are more than 30 days oldSix weeks after this new automation is implemented, an internal client reports that quarterly replication failover testing has failed.Which of the following is the MOST likely cause of the failed test?