EMT Practice Test

1. Question Content...


Question List

Question1: A company migrated its CRM system to a SaaS solution. The security team is updating the RAG matrix for the newly migrated CRM. Given the following table:

Which of the following responsibility assignments best aligns with the shared responsibility model for the new CRM?

Question2: An DevOps engineer is receiving reports that users can no longer access the company's web application after hardening of a web server. The users are receiving the following error:
ERR_SSLJ/ERSION_OR_CIPHER_MISMATCH.
Which of the following actions should the engineer take to resolve the issue?

Question3: A cloud architect is preparing environments to develop a new application that will process sensitive dat a. The project team consists of one internal developer, two external consultants, and three testers. Which of the following is the most important security control for the cloud architect to consider implementing?

Question4: Users report being unable to access an application that uses TLS 1.1. The users are able to access other applications on the internet. Which of the following is the most likely reason for this issue?

Question5: An IT manager needs to deploy a cloud solution that meets the following requirements:
* Users must use two authentication methods to access resources.
* Each user must have 10GB of storage space by default.
Which of the following combinations should the manager use to provision these requirements?

Question6: You are a cloud engineer working for a cloud service provider that is responsible for an IaaS offering.
Your customer, who creates VMs and manages virtual storage, has noticed I/O bandwidth issues and low IOPS (under 9000).
Your manager wants you to verify the proper storage configuration as dictated by your service level agreement (SLA).
The SLA specifies:
. Each SFP on the hypervisor host must be set to the maximum link speed allowed by the SAN array. . All SAN array disk groups must be configured in a RAID 5.
. The SAN array must be fully configured for redundant fabric paths. . IOPS should not fall below 14000 INSTRUCTIONS Click on each service processor to review the displayed information. Then click on the drop-down menus to change the settings of each device as necessary to conform to the SLA requirements.



Question7: A cloud solutions architect needs to have consistency between production, staging, and development environments. Which of the following options will best achieve this goal?

Question8: A cloud administrator shortens the amount of time a backup runs. An executive in the company requires a guarantee that the backups can be restored with no data loss. Which of the following backup features should the administrator lest for?

Question9: A cloud engineer is developing an operating expense report that will be used to purchase various cloud billing models for virtual machine instances. The cloud billing model must meet the following requirements:
* The instance cannot be ephemeral.
* The minimum life cycle of the instance is expected to be five years.
* The software license is charged per physical CPU count.
Which of the following models would best meet these requirements?

Question10: An on-premises data center is located in an earthquake-prone location. The workload consists of real-time, online transaction processing. Which ot the following data protection strategies should be used to back up on-premises data to the cloud while also being cost effective?

Question11: A cloud engineer is designing a high-performance computing cluster for proprietary software. The software requires low network latency and high throughput between cluster nodes.
Which of the following would have the greatest impact on latency and throughput when designing the HPC infrastructure?

Question12: A cloud engineer wants to deploy a new application to the cloud and is writing the following script:

Which of the following actions will this script perform?

Question13: Which of the following integration systems would best reduce unnecessary network traffic by allowing data to travel bidirectionally and facilitating real-time results for developers who need to display critical information within applications?

Question14: Which of the following communication methods between on-premises and cloud environments would ensure minimal-to-low latency and overhead?

Question15: A company wants to combine solutions in a central and scalable environment to achieve the following goals:
* Control
* Visibility
* Automation
* Cost efficiency
Which of the following best describes what the company should implement?

Question16: A cloud engineer wants to implement a disaster recovery strategy that:
. Is cost-effective.
. Reduces the amount of data loss in case of a disaster.
. Enables recovery with the least amount of downtime.
Which of the following disaster recovery strategies best describes what the cloud engineer wants to achieve?

Question17: Which of the following storage resources provides higher availability and speed for currently used files?

Question18: Which of the following types of storage provides the greatest performance advantage for a traditional relational database?

Question19: A company that has several branches worldwide needs to facilitate full access to a specific cloud resource to a branch in Spain. Other branches will have only read access. Which of the following is the best way to grant access to the branch in Spain?

Question20: A cloud developer is creating a static website that customers will be accessing globally. Which of the following services will help reduce latency?

Question21: A cloud administrator learns that a major version update. 4.6.0. is available for a business-critical application. The application is currently on version 4.5.2. with additional minor versions 3, 4, and 5 available. The administrator needs to perform the update while minimizing downtime. Which of the following should the administrator do first?

Question22: A company implements a web farm with 100 servers behind an application load balancer. Dunng scaling events, new web servers that are placed in service have not loaded all their modules, which causes some requests to the web farm to fail. Which of the following should the cloud engineer implement to address the scaling issue?

Question23: A company uses containers to implement a web application. The development team completed internal testing of a new feature and is ready to move the feature to the production environment. Which of the following deployment models would best meet the company's needs while minimizing cost and targeting a specific subset of its users?

Question24: Which of the following is an auditing procedure that ensures service providers securely manage the data to protect the interests of the organization and the privacy of its clients?

Question25: Which of the following can reduce the risk of CI/CD pipelines leaking secrets?

Question26: A company needs to deploy its own code directly in the cloud without provisioning additional infrastructure. Which of the following is the best cloud service model for the company to use?

Question27: A systems administrator notices a surge of network traffic is coming from the monitoring server. The administrator discovers that large amounts of data are being downloaded to an external source. While investigating, the administrator reviews the following logs:

Which of the following ports has been compromised?

Question28: A cloud engineer is deploying a cloud solution that will be used on premises with need-to-know access. Which of the following cloud deployment models best meets this requirement?

Question29: A security engineer Identifies a vulnerability m a containerized application. The vulnerability can be exploited by a privileged process to read tie content of the host's memory. The security engineer reviews the following Dockerfile to determine a solution to mitigate similar exploits:

Which of the following is the best solution to prevent similar exploits by privileged processes?

Question30: An administrator is setting up a cloud backup solution that requires the following features:
* Cost effective
* Granular recovery
* Multilocation
Which of the following backup types best meets these requirements?

Question31: A company wants to build its new platform using a public cloud. The workload requirements include the following:
* Implementation of custom CIS compliance
* Patch for vulnerabilities within 24 hours
* Warrant at least 1,800 IOPS per volume
Which of the following meets the requirements?

Question32: Once a change has been made to templates, which of the following commands should a cloud architect use next to deploy an laaS platform?

Question33: A highly regulated business is required to work remotely, and the risk tolerance is very low. You are tasked with providing an identity solution to the company cloud that includes the following:
secure connectivity that minimizes user login
tracks user activity and monitors for anomalous activity
requires secondary authentication
INSTRUCTIONS
Select controls and servers for the proper control points.

Question34: An e-commerce company is migrating from an on-premises private cloud environment to a public cloud IaaS environment. You are tasked with right-sizing the environment to save costs after the migration. The company's requirements are to provide a 20% overhead above the average resource consumption, rounded up.
INSTRUCTIONS
Review the specifications and graphs showing resource usage for the web and database servers. Determine the average resource usage and select the correct specifications from the available drop-down options.

Question35: A healthcare organization must follow strict compliance requirements to ensure that Pll is not leaked. The cloud administrator needs to ensure the cloud email system can support this requirement Which of the following should the organization enable?

Question36: A cloud engineer needs to migrate an application from on premises to a public cloud. Due to timing constraints, the application cannot be changed prior to migration. Which of the following migration strategies is best approach for this use case?

Question37: Which of the following is a difference between a SAN and a NAS?

Question38: A developer is building an application that has multiple microservices that need to communicate with each other. The developer currently manually updates the IP address of each service. Which of the following best resolves the communication issue and automates the process?

Question39: Which of the following is used to detect signals and measure physical properties, such as the temperature of the human body?

Question40: A company's engineering department is conducting a month-long test on the scalability of an in-house-developed software that requires a cluster of 100 or more servers. Which of the following models is the best to use?

Question41: A software engineer is integrating an application lo The cloud that is web socket based. Which of the following applications is the engineer most likely deploying?

Question42: A cloud administrator wants to provision a host with two VMs. The VMs require the following:

After configuring the servers, the administrator notices that during certain hours of the day, the performance heavily degrades. Which of the following is the best explanation?

Question43: A company has decided to scale its e-commerce application from its corporate datacenter to a commercial cloud provider to meet an anticipated increase in demand during an upcoming holiday.
The majority of the application load takes place on the application server under normal conditions. For this reason, the company decides to deploy additional application servers into a commercial cloud provider using the on-premises orchestration engine that installs and configures common software and network configurations.
The remote computing environment is connected to the on-premises datacenter via a site-to-site IPSec tunnel. The external DNS provider has been configured to use weighted round-robin routing to load balance connections from the Internet.
During testing, the company discovers that only 20% of connections completed successfully.
INSTRUCTIONS
Review the network architecture and supporting documents and fulfill these requirements:
Part 1:
Part 2:
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Part 1:
Cloud Hybrid Network Diagram








Part 2:
Only select a maximum of TWO options from the multiple choice question

B) Update the PSK (Pre-shared key in Router2)
E) Change the Address Space on Router2

Question44: Following a ransomware attack, the legal department at a company instructs the IT administrator to store the data from the affected virtual machines for a minimum of one year.
Which of the following is this an example of?

Question45: An organization has been using an old version of an Apache Log4j software component in its critical software application. Which of the following should the organization use to calculate the severity of the risk from using this component?

Question46: Which of the following compute resources is the most optimal for running a single scripted task on a schedule?

Question47: A cloud engineer wants to implement a monitoring solution to detect cryptojacking and other cryptomining malware on cloud instances. Which of the following metrics would most likely be used to identify the activity?

Question48: A company's content management system (CMS) service runs on an laaS cluster on a public cloud. The CMS service is frequently targeted by a malicious threat actor using DDoS.
Which of the following should a cloud engineer monitor to identify attacks?

Question49: Users have been reporting that a remotely hosted application is not accessible following a recent migration. However, the cloud administrator is able to access the application from the same site as the users. Which of the following should the administrator update?

Question50: A security engineer recently discovered a vulnerability in the operating system of the company VMs. The operations team reviews the issue and decides all VMs need to be updated from version 3.4.0 to 3.4.1. Which of the following best describes the type of update that will be applied?

Question51: A system surpasses 75% to 80% of resource consumption. Which of the following scaling approaches is the most appropriate?

Question52: Which of the following is a direct effect of cloud migration on an enterprise?

Question53: Which of the following service options would provide the best availability for critical applications in the event of a disaster?

Question54: A junior cloud administrator was recently promoted to cloud administrator and has been added to the cloud administrator group. The cloud administrator group is the only one that can access the engineering VM. The new administrator unsuccessfully attempts to access the engineering VM. However, the other administrators can access it without issue. Which of the following is the best way to identify the root cause?

Question55: A company wants to optimize cloud resources and lower the overhead caused by managing multiple operating systems. Which of the following compute resources would be best to help to achieve this goal?

Question56: A cloud engineer is exploring options to reduce the management overhead of the servers and network. Which of the following cloud service models should the engineer implement?

Question57: A cloud engineer is reviewing the following Dockerfile to deploy a Python web application:

Which of the following changes should the engineer make lo the file to improve container security?

Question58: A network administrator is budding a site-to-site VPN tunnel from the company's headquarters office 10 the company's public cloud development network. The network administrator confirms the following:
The VPN tunnel is established on the headquarter office firewall.
While inside the office, developers report that they cannot connect to the development network resources.
While outside the office on a client VPN, developers report that they can connect to the development network resources.
The office and the client VPN have different IP subnet ranges.
The firewall flow logs show VPN traffic is reaching the development network from the office.
Which of the following is the next step the next network administrator should take to troubleshoot the VPN tunnel?

Question59: The company's IDS has reported an anomaly. The cloud engineer remotely accesses the cloud instance, runs a command, and receives the following information:

Which of the following is the most likely root cause of this anomaly?

Question60: A video surveillance system records road incidents and stores the videos locally before uploading them to the cloud and deleting them from local storage. Which of the following best describes the nature of the local storage?

Question61: A critical security patch is required on a network load balancer in a public cloud. The organization has a major sales conference next week, and the Chief Executive Officer does not want any interruptions during the demonstration of an application behind the load balancer. Which of the following approaches should the cloud security engineer take?

Question62: A log-parsing application requires significant processing power to ingest the logs streaming from web servers. The engineering team presents the cloud architect with four proposals using the same underlying hardware. Which of the following should the cloud architect select in order to minimize the impact of an instance failure while keeping the cost as low as possible?

Question63: A company wants to create a few additional VDIs so support vendors and contractors have a secure method to access the company's cloud environment. When a cloud administrator attempts to create the additional instances in the new locations, the operation is successful in some locations but fails in others. Which of the following is the most likely reason for this failure?

Question64: A cloud security analyst is concerned about security vulnerabilities in publicly available container images. Which of the following is the most appropriate action for the analyst to recommend?

Question65: A cloud engineer is troubleshooting an application that consumes multiple third-party REST APIs. The application is randomly expenenang high latency. Which of the following would best help determine the source of the latency?

Question66: An e-commerce store is preparing for an annual holiday sale. Previously, this sale has increased the number of transactions between two and ten times the normal level of transactions. A cloud administrator wants to implement a process to scale the web server seamlessly. The goal is to automate changes only when necessary and with minimal cost.
Which of the following scaling approaches should the administrator use?

Question67: Which of the following cloud-native architecture designs is the most easily maintained, decentralized, and decoupled?

Question68: A cloud security analyst is investigating the impact of a recent cyberattack. The analyst is reviewing the following information:
Web server access log:
104.210.233.225 - - [21/10/2022:11:17: 40] "POST /uploadfile.html?f=myfile.php" 200 1638674
45.32.10.66 - - [21/10/2022:11:19:12] "GET /welcome.html" 200 5812
104.210.233.225 - - [21/10/2022:11:21:19] "GET / .. / .. / .. / .. /conf/server.xml HTTP/1.1" 200 74458
45.32.10.66 - - [21/10/22:11:22:32] "GET /admin.html HTTP/1.1" 200 9518 Web application firewall log:
"2022/10/21 11:17:33" "10.25.2.35" "104. 210.233.225" "userl" "File transfer completed successfully."
"2022/10/21 11:21:05" "10. 25.2. 35" "104. 210.233.225" "userl" "Accessed application page."
"2022/10/21 11:22:13" "10.25.2.35" "45. 32. 10. 66" "user2" "Accessing admin page. " Which of the following has occurred?

Question69: A cloud engineer is provisioning a new application that requires access to the organization's public cloud resources. Which of the following is the best way for the cloud engineer to authenticate the application?

Question70: Which of the following do developers use to keep track of changes made during software development projects?

Question71: A cloud engineer needs to determine a scaling approach for a payroll-processing solution that runs on a biweekly basis. Given the complexity of the process, the deployment to each new VM takes about 25 minutes to get ready. Which of the following would be the best strategy?

Question72: An IT security team wants to ensure that the correct parties are informed when a specific user account is signed in. Which of the following would most likely allow an administrator to address this concern?

Question73: A CI/CD pipeline is used to deploy VMs to an laaS environment. Which of the following can be used to harden the operating system once the VM is running?

Question74: Which of the following is the most cost-effective and efficient strategy when migrating to the cloud?

Question75: A SaaS provider introduced new software functionality for customers as part of quarterly production enhancements. After an update is implemented, users cannot locate certain transactions from an inbound integration. During the investigation, the application owner finds the following error in the logs:
Error: REST API - Deprecated call is no longer supported in this release.
Which of the following is the best action for the application owner to take to resolve the issue?

Question76: A banking firm's cloud server will be decommissioned after a successful proof of concept using mirrored dat a. Which of the following is the best action to take regarding the storage used on the decommissioned server?

Question77: An administrator received a report that company data has been compromised. The compromise occurred on a holiday, and no one in the organization was working. While reviewing the logs from the holiday, the administrator noted the following details:

The most appropriate action for the cloud security analyst to recommend is using CIS-hardened images. These images are pre-configured by the Center for Internet Security to provide security benchmark standards that help in mitigating vulnerabilities in publicly available container images. Reference: CompTIA Cloud+ Study Guide (Exam CV0-004) - Chapter on Cloud Security Posture Which of the following accounts should the administrator disable to prevent a further breach?

Question78: A company receives files daily from a bank. The company requires that the files must be copied from the cloud storage resource to another cloud storage resource for further processing. Which of the following methods requires the least amount of effort to achieve the task?

Question79: A developer at a small startup company deployed some code for a new feature to its public repository. A few days later, a data breach occurred. A security team investigated the incident and found that the database was hacked. Which of the following is the most likely cause of this breach?

Question80: A company has developed an online trading platform. The engineering team selected event-based scaling for the platform's underlying resources. The platform resources scale up with every 2,000 subscribed users. The engineering team finds out that although compute utilization is low, scaling is still occurring. Which of the following statements best explains why this is the case?

Question81: A company's website suddenly crashed. A cloud engineer investigates the following logs:

Which of the following is the most likely cause of the issue?

Question82: Which of the following application migration strategies will best suit a customer who wants to move a simple web application from an on-premises server to the cloud?

Question83: An organization's web application experiences penodic bursts of traffic when a new video is launched. Users are reporting poor performance in the middle of the month. Which of the following scaling approaches should the organization use to scale based on forecasted traffic?

Question84: A customer's facility is located in an area where natural disasters happen frequently. The customer requires the following:
* Data resiliency due to exposure to frequent natural disasters
* Data localization because of privacy regulations in the country
* High availability
Which of the following cloud resources should be provisioned to meet these requirements?

Question85: A developer is deploying a new version of a containerized application. The DevOps team wants:
* No disruption
* No performance degradation
* Cost-effective deployment
* Minimal deployment time
Which of the following is the best deployment strategy given the requirements?

Question86: Which of the following technologies should be used by a person who is visually impaired to access data from the cloud?

Question87: A company has decided to adopt a microservices architecture for its applications that are deployed to the cloud. Which of the following is a major advantage of this type of architecture?

Question88: A company's man web application is no longer accessible via the internet. The cloud administrator investigates and discovers the application is accessible locally and only via an IP access. Which of the following was misconfigured?

Question89: A cloud engineer is designing a cloud-native, three-tier application. The engineer must adhere to the following security best practices:
* Minimal services should run on all layers of the stack.
* The solution should be vendor agnostic.
* Virealization could be used over physical hardware.
Which of the following concepts should the engineer use to design the system to best meet these requirements?

Question90: Which of the following describes the main difference between public and private container repositories?

Question91: An engineer wants lo scale several cloud workloads on demand. Which of the following approaches is the most suitable?

Question92: A company just learned that the data in its object storage was accessed by an unauthorized party. Which of the following should the company have done to make the data unusable?

Question93: For compliance purposes, a cloud developer at an insurance company needs to save all customer policies for more than ten years. Which of the following options is the most cost- efficient tier to save the data in the cloud?

Question94: Which of the following cloud deployment models is the best way to replicate a workload non-disruptively between on-premises servers and a public cloud?

Question95: A cloud solutions architect needs to design a solution that will collect a report and upload it to an object storage service every time a virtual machine is gracefully or non-gracefully stopped. Which of the following will best satisfy this requirement?

Question96: Which of the following industry standards mentions that credit card data must not be exchanged or stored in cleartext?

Question97: An IT manager is migrating the production environment to the cloud but needs to keep control of the operating systems, patches, and settings of all resources. Which of the following deployment models will best meet the requirements?

Question98: A cloud administrator needs to collect process-level, memory-usage tracking for the virtual machines that are part of an autoscaling group. Which of the following is the best way to accomplish the goal by using cloud-native monitoring services?

Question99: Which of the following container storage types loses data after a restart?