CompTIA Cloud+ Certification CV0-003 Exam Practice Test

Answer : A

To conclude the performance test of a public application, the organization needs to verify the application works well under an unexpected volume of requests.This is also known as a stress test, which is a type of performance test that evaluates the behavior and stability of the application under extreme conditions1.A stress test can help identify potential bottlenecks, errors, or failures that may occur when the application is subjected to a sudden surge or spike in demand2.A stress test can also help determine the maximum capacity and scalability of the application3.

Answer : B

Checking in and committing are actions that save and update the changes made to a file or code in a version control system or repository. Checking in and committing can help track and synchronize the changes made by different users or developers working on the same file or code. The deployment script changes made by the first administrator were not checked in and committed is the most likely reason for the issue of the application load balancer being missing from the new deployment after a second administrator made some changes and ran the script. If the first administrator did not check in and commit the changes made to add an application load balancer to the script, then those changes would not be reflected or available in the latest version of the script used by the second administrator. Reference:CompTIA Cloud+ Certification Exam Objectives, page 13, section 2.5

Answer : B

A web-server farm is a group of web servers that work together to provide high availability and scalability for web applications1. A web-server farm can handle a large number of requests from clients by distributing the workload among the servers.

A load-balancing appliance is a device that sits between the clients and the web servers and distributes the incoming requests to the servers based on a predefined algorithm2.A load-balancing appliance can improve the performance, reliability, and security of a web-server farm by providing the following benefits2:

Load balancing: It ensures that no single server is overloaded and that all servers are utilized efficiently.

Failover: It detects and redirects requests from failed or unavailable servers to healthy ones.

Health monitoring: It periodically checks the status and performance of the servers and reports any issues or anomalies.

SSL offloading: It terminates the SSL connections from the clients and forwards the requests to the servers in plain text, reducing the encryption overhead on the servers.

Caching: It stores frequently requested content in its memory and serves it to the clients, reducing the network traffic and load on the servers.

A clustered web server infrastructure is a configuration where multiple web servers are connected to a shared storage device and appear as a single logical server to the clients3. A clustered web server infrastructure can provide high availability and fault tolerance for web applications, but it does not provide load balancing or scalability. Therefore, option A is incorrect.

A containerized application is an application that is packaged with its dependencies and runtime environment in a lightweight and portable unit called a container. A containerized application can run on any platform that supports container technology, such as Docker or Kubernetes. A containerized application can provide portability, consistency, and isolation for web applications, but it does not provide load balancing or scalability by itself. Therefore, option C is incorrect.

Distribution of web servers across different regions and zones is a strategy that involves deploying web servers in multiple geographic locations to serve clients from different areas. Distribution of web servers across different regions and zones can provide low latency, high availability, and disaster recovery for web applications, but it does not provide load balancing or scalability within each region or zone. Therefore, option D is incorrect.

Answer : D

A deployment template is a file that defines the resources and configurations that are required to deploy a cloud solution1.A deployment template can be used to automate the deployment of cloud infrastructure for clients, ensuring consistency and efficiency2. However, if the deployment template was modified, either intentionally or accidentally, it could cause discrepancies from the baseline in the configuration of infrastructure that was deployed to a new client.For example, the template could have different parameters, values, or dependencies that affect the outcome of the deployment3. Therefore, the most likely cause of the issue is that the deployment template was modified.

1: What is a template?- Azure Resource Manager | Microsoft Docs3

2: Automate cloud deployments with Azure Resource Manager templates - Learn | Microsoft Docs3

3: CompTIA Cloud+ CV0-003 Exam Objectives, Objective 2.2: Given a scenario, deploy and test a cloud solution

Answer : C

DNS (Domain Name System) is a service that translates human-friendly domain names into IP addresses that can be used to communicate over the Internet1. However, DNS queries and responses are usually sent in plain text, which means that anyone who can intercept the network traffic can see the domain names that the users are requesting.This poses a threat to the confidentiality and privacy of the users and their online activities2.

To ensure confidentiality between the DNS server and an upstream DNS provider, a technician should configure DOH (DNS over HTTPS).DOH is a protocol that encrypts DNS queries and responses using HTTPS (Hypertext Transfer Protocol Secure), which is a secure version of HTTP that uses SSL/TLS (Secure Sockets Layer/Transport Layer Security) to protect the data in transit3.By using DOH, the technician can prevent eavesdropping, tampering, or spoofing of DNS traffic by malicious actors3.

The other options are not the best steps to ensure confidentiality between the DNS server and an upstream DNS provider:

Option A: Enable DNSSEC (DNS Security Extensions). DNSSEC is a set of extensions that add digital signatures to DNS records, which can be used to verify the authenticity and integrity of the DNS data. DNSSEC can prevent DNS cache poisoning attacks, where an attacker inserts false DNS records into a DNS server's cache, redirecting users to malicious websites.However, DNSSEC does not encrypt or hide the DNS queries and responses, so it does not provide confidentiality for DNS traffic2.

Option B: Implement single sign-on (SSO). SSO is a mechanism that allows users to access multiple services or applications with one set of credentials, such as a username and password. SSO can simplify the authentication process and reduce the risk of password compromise or phishing attacks. However, SSO does not affect the communication between the DNS server and an upstream DNS provider, so it does not provide confidentiality for DNS traffic.

Option D: Set up DNS over SSL (DNS over Secure Sockets Layer). This option is not a valid protocol for securing DNS traffic. SSL is a deprecated protocol that has been replaced by TLS (Transport Layer Security), which is more secure and robust. The correct protocol for encrypting DNS traffic using SSL/TLS is DOH (DNS over HTTPS), as explained above.

Answer : C

Object storage is a storage option that stores data as discrete units called objects, which are identified by a unique identifier and can have metadata attached to them. Object storage can help the cloud engineer migrate the content to improve availability by decoupling the data from the underlying infrastructure and components. Object storage can also provide high scalability, durability, and redundancy for the data, as well as support for multiple protocols and access methods. Object storage can be accessed through APIs, web interfaces, or gateways that can emulate file or block storage. Object storage is suitable for storing unstructured or static data, such as web content, images, videos, or documents. Reference:CompTIA Cloud+ CV0-003 Certification Study Guide, Chapter 4, Objective 4.1: Given a scenario, implement cloud storage solutions.

Answer : B

A /23 subnet mask has 9 bits for the host portion, which allows up to 512 IP addresses for the desktops. A /22 subnet mask has 10 bits for the host portion, which allows up to 1024 IP addresses, but this is more than the minimum required. A /24 subnet mask has 8 bits for the host portion, which allows up to 256 IP addresses, but this is not enough for the desktops. A /25 subnet mask has 7 bits for the host portion, which allows up to 128 IP addresses, but this is also not enough for the desktops.Reference:CompTIA Cloud+ Certification Exam Objectives, Domain 1.0: Cloud Concepts, Objective 1.2: Given a scenario, analyze and compare the characteristics of various cloud service models (SaaS, IaaS, PaaS).Subnet Mask Cheat Sheet - aelius.com