COMPTIA-CLOUD

A network administrator is building a site-to-site VPN tunnel from the company’s headquarters office to the company’s public cloud development network. The network administrator confirms the following:The VPN tunnel is established on the headquarters office firewall.While inside the office, developers report that they cannot connect to the development network resources.While outside the office on a client VPN, developers report that they can connect to the development network resources.The office and the client VPN have different IP subnet ranges.The firewall flow logs show that traffic is reaching the development network from the office.Which of the following is the next step the network administrator should take to troubleshoot the VPN tunnel?

A cross-site request forgery vulnerability exploited a web application that was hosted in a public IaaS network. A security engineer determined that deploying a WAF in blocking mode at a CDN would prevent the application from being exploited again. However, a week after implementing the WAF, the application was exploited again. Which of the following should the security engineer do to make the WAF control effective?

An organization’s critical data was exfiltrated from a computer system in a cyberattack. A cloud analyst wants to identify the root cause and is reviewing the following security logs of a software web application:Which of the following types of attacks occurred?

A DevOps engineer is performing maintenance on the mail servers for a company’s web application. Part of this maintenance includes checking core operating system updates. The servers are currently running version 3.2 of the operating system. The engineer has two update options—one to version 4.1 and the other to version 3.7. Both versions are fully supported by the operating system manufacturer. Which of the following best describes the action the engineer should take?

Which of the following is the most cost-effective and efficient strategy when migrating containers to the cloud?

An administrator needs to adhere to the following requirements when moving a customer’s data to the cloud:The new service must be geographically dispersed.The customer should have local access to data.Legacy applications should be accessible.Which of the following cloud deployment models is most suitable?

A company uses containers stored in Docker Hub to deploy workloads for its IaaS infrastructure. The development team releases changes to the containers several times per hour.Which of the following should a cloud engineer do to prevent the proprietary code from being exposed to third parties?

A social networking company operates globally. Some users from Brazil and Argentina are reporting the following error: website address was not found. Which of the following is the most likely cause of this issue?

A junior cloud administrator was recently promoted to cloud administrator and has been added to the cloud administrator group. The cloud administrator group is the only one that can access the engineering VM. The new administrator unsuccessfully attempts to access the engineering VM. However, the other administrators can access it without issue. Which of the following is the best way to identify the root cause?

Which of the following describes the main difference between public and private container repositories?

A DevOps engineer is receiving reports that users can no longer access the company’s web application after hardening of a web server. The users are receiving the following error:ERR SSL VERSION OR CIPHER MISMATCH.Which of the following actions should the engineer take to resolve the issue?

A company’s engineering department is conducting a month-long test on the scalability of an in-house-developed software that requires a cluster of 100 or more servers. Which of the following models is the best to use?

A cloud administrator shortens the amount of time a backup runs. An executive in the company requires a guarantee that the backups can be restored with no data loss. Which of the following backup features should the administrator test for?

A cloud administrator is building a company-standard VM image, which will be based on a public image. Which of the following should the administrator implement to secure the image?

A cloud deployment uses three different VPCs. The subnets on each VPC need to communicate with the others over private channels. Which of the following will achieve this objective?

A cloud resource increases its capacity based on seasonal activity. Which of the following best describes this type of cloud instance and the scaling approach?

Which of the following can eliminate the risk of CI/CD pipelines leaking secrets on containers?

A company uses containers to implement a web application. The development team completed internal testing of a new feature and is ready to move the feature to the production environment. Which of the following deployment models would best meet the company’s needs while minimizing cost and targeting a specific subset of its users?

Once a change has been made to templates, which of the following commands should a cloud architect use next to deploy an IaaS platform?

A company is developing a new web application that requires a relational database management system with minimal operational overhead. Which of the following should the company choose?

Which of the following provides secure, private communication between cloud environments without provisioning additional hardware or appliances?

A cloud engineer is running a latency-sensitive workload that must be resilient and highly available across multiple regions. Which of the following concepts best addresses these requirements?

A cloud engineer is in charge of deploying a platform in an IaaS public cloud. The application tracks the state using session cookies and there are no affinity restrictions. Which of the following will help the engineer reduce monthly expenses and allow the application to provide the service?

A cloud administrator recently created three servers in the cloud. The goal was to create ACLs so the servers could not communicate with each other. The servers were configured with the following IP addresses:After implementing the ACLs, the administrator confirmed that some servers are still able to reach the other servers. Which of the following should the administrator change to prevent the servers from being on the same network?

A company implements a web farm with 100 servers behind an application load balancer. During scaling events, new web servers that are placed in service have not loaded all their modules, which causes some requests to the web farm to fail. Which of the following should the cloud engineer implement to address the scaling issue?

A CI/CD pipeline is used to deploy VMs to an IaaS environment. Which of the following can be used to harden the operating system once the VM is running?

For compliance purposes, a cloud developer at an insurance company needs to save all customer policies for more than ten years. Which of the following options is the most cost-efficient tier to save the data in the cloud?

Which of the following do developers use to keep track of changes made during software development projects?

Which of the following strategies requires the development of new code before an application can be successfully migrated to a cloud provider?

Which of the following reduces the chance of introducing a misconfiguration into cloud deployment templates?