CV0-003 Exam Practice Questions prepared by CompTIA Professionals
Use Valid New CV0-003 Questions - Top choice Help You Gain Success
To prepare for the CompTIA CV0-003 certification exam, candidates can take advantage of a variety of resources, including study guides, online courses, practice exams, and hands-on experience with cloud computing technologies. CV0-003 exam is designed to be challenging, and candidates must demonstrate a deep understanding of cloud computing concepts in order to pass the exam. Once certified, individuals can demonstrate their expertise in the field of cloud computing, which can lead to increased job opportunities and higher salaries.
NEW QUESTION # 60
Which of the following is relevant to capacity planning in a SaaS environment?
- A. Clustering
- B. A hypervisor
- C. Licensing
- D. Scalability
Answer: D
NEW QUESTION # 61
A systems administrator is securing a new email system for a large corporation. The administrator wants to ensure private corporate information is not emailed to external users. Which of the following would be MOST useful to accomplish this task?
- A. DLP
- B. SPF
- C. EDR
- D. DNSSEC
Answer: A
Explanation:
Explanation
The most useful tool to prevent private corporate information from being emailed to external users is data loss prevention (DLP). DLP is a type of security solution that monitors and controls the flow of data in and out of a system or network. It can detect and prevent unauthorized access, transmission, or leakage of sensitive data, such as personal information, financial records, or intellectual property. DLP can also enforce encryption, masking, or deletion of sensitive data to protect its confidentiality. Reference: CompTIA Cloud+ Certification Exam Objectives, Domain 2.0 Security, Objective 2.5 Given a scenario, apply data security techniques in the cloud.
NEW QUESTION # 62
The administrator wants to have central storage for all of the files to be stored for each VM.
Which of the following is used to connect a host to a SAN utilizing a fiber connection?
- A. NIC
- B. SCSI adapter
- C. VNIC
- D. HBA
Answer: D
NEW QUESTION # 63
A DevOps administrator is designing a new machine-learning platform. The application needs to be portable between public and private clouds and should be kept as small as possible. Which of the following approaches would BEST meet these requirements?
- A. Software as a service
- B. Serverless computing
- C. Containers
- D. Virtual machines
Answer: C
Explanation:
Explanation
Containers are the best approach to design a new machine-learning platform that needs to be portable between public and private clouds and should be kept as small as possible. Containers are isolated environments that can run applications and their dependencies without interfering with other processes or systems. Containers are lightweight, portable, and scalable, which makes them ideal for machine-learning applications. Containers can be moved easily between public and private clouds without requiring any changes or modifications. Containers can also reduce the size and complexity of applications by using only the necessary components and libraries.
NEW QUESTION # 64
A company is seeking a new backup solution for its virtualized file servers that fits the following characteristics:
The files stored on the servers are extremely large. Existing files receive multiple small changes per day.
New files are only created once per month.
All backups are being sent to a cloud repository.
Which of the following would BEST minimize backup size?
- A. Local snapshots
- B. Differential backups
- C. File-based replication
- D. Change block tracking
Answer: B
Explanation:
https://www.acronis.com/en-us/blog/posts/tips-tricks-better-business-backup-and-recovery-world- backup-day
NEW QUESTION # 65
A systems administrator is working within a private cloud environment. Over time. random 4K read/write speeds on all VMS in the environment slow down until the VMS are completely unusable, with disk speeds of less than 1MBps. The administrator has gathered the information below:
* There is no correlation between the slowdown and VM/hypervisor resource utilization.
* The network is rated to 40Gbps and utilization is between 1-5%.
* The hypervisors use hundreds of NFSv3 mounts to the same storage appliance, one per VM.
* The VMS on each hypervisor become unresponsive after two weeks of uptime.
* The unresponsiveness is resolved by moving slow VMS onto a rebooted hypervisor.
Which of the following solutions will MOST likely resolve this issue?
- A. Increase caching on the storage appliance.
- B. Reduce the number of NFSv3 mounts to one.
- C. Increase CPU/RAM resources on affected VMS.
- D. Configure jumbo frames on the hypervisors and storage.
Answer: B
Explanation:
Explanation
The correct answer is D. Reduce the number of NFSv3 mounts to one.
NFSv3 is a network file system protocol that allows clients to access files stored on a remote server. NFSv3 uses TCP or UDP as the transport layer protocol, and typically runs on port 20491.
One of the known issues with NFSv3 mounts is that they can cause performance degradation and unresponsiveness on the client side if there are too many mounts or if there are network connectivity problems.
This is because NFSv3 does not handle connection failures or timeouts gracefully, and may keep retrying to access the server indefinitely, blocking other processes or threads. This can result in slow disk speeds, high CPU usage, and system hangs23.
Therefore, one of the possible solutions to this issue is to reduce the number of NFSv3 mounts to one per hypervisor, instead of one per VM. This way, the hypervisor can manage the access to the shared storage appliance more efficiently, and avoid creating too many TCP connections or UDP packets that may overload the network or the server. Reducing the number of NFSv3 mounts can also simplify the configuration and troubleshooting of the network file system.
Increasing caching on the storage appliance may improve the read performance of the NFSv3 mounts, but it will not solve the underlying issue of connection failures or timeouts. Caching may also introduce data inconsistency or corruption issues if the cache is not synchronized with the server.
Configuring jumbo frames on the hypervisors and storage may improve the network throughput and efficiency of the NFSv3 mounts, but it will not solve the underlying issue of connection failures or timeouts. Jumbo frames are larger than standard Ethernet frames, and require that all devices on the network path support them.
Jumbo frames may also introduce fragmentation or compatibility issues if they are not configured properly.
Increasing CPU/RAM resources on affected VMs may improve their performance in general, but it will not solve the underlying issue of connection failures or timeouts. Increasing CPU/RAM resources may also be costly and wasteful if they are not needed for other purposes.
NEW QUESTION # 66
The QA team is testing a newly implemented clinical trial management (CTM) SaaS application that uses a business intelligence application for reporting. The UAT users were instructed to use HTTP and HTTPS.
Refer to the application dataflow:
1A - The end user accesses the application through a web browser to enter and view clinical data.
2A - The CTM application server reads/writes data to/from the database server.
1B - The end user accesses the application through a web browser to run reports on clinical data.
2B - The CTM application server makes a SOAP call on a non-privileged port to the BI application server.
3B - The BI application server gets the data from the database server and presents it to the CTM application server.
When
UAT users try to access the application using https://ctm.app.com or http://ctm.app.com, they get a message stating: "Browser cannot display the webpage." The QA team has raised a ticket to troubleshoot the issue.
INSTRUCTIONS
You are a cloud engineer who is tasked with reviewing the firewall rules as well as virtual network settings.
You should ensure the firewall rules are allowing only the traffic based on the dataflow.
You have already verified the external DNS resolution and NAT are working.
Verify and appropriately configure the VLAN assignments and ACLs. Drag and drop the appropriate VLANs to each tier from the VLAN Tags table. Click on each Firewall to change ACLs as needed.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Answer:
Explanation:
See explanation below.
Explanation
On firewall 3, change the DENY 0.0.0.0 entry to rule 3 not rule 1.
NEW QUESTION # 67
A cloud security analyst needs to ensure the web servers in the public subnet allow only secure communications and must remediate any possible issue. The stateful configuration for the public web servers is as follows:
Which Of the following actions Should the analyst take to accomplish the Objective?
- A. Remove rules 2.3. and 4.
- B. Remove rules 3.4. and 5.
- C. Remove rules I, 3, and 4.
- D. Remove rules I, 2. and 5.
Answer: C
Explanation:
Explanation
The correct answer is B. Remove rules 1, 3, and 4.
The objective is to ensure the web servers in the public subnet allow only secure communications. This means that only HTTPS traffic should be allowed on port 443, which is the standard port for secure web connections.
HTTPS traffic uses the TCP protocol and encrypts the data between the client and the server.
Rule 1 allows all TCP traffic on any port from any source. This is too permissive and exposes the web servers to potential attacks or unauthorized access. Rule 1 should be removed to restrict the TCP traffic to only port
443.
Rule 3 allows all UDP traffic on any port from any source. UDP is a connectionless protocol that does not guarantee reliable or secure delivery of data. UDP is typically used for streaming media, voice over IP (VoIP), or online gaming, but not for web servers. Rule 3 should be removed to prevent unnecessary or malicious UDP traffic.
Rule 4 allows all ICMP traffic from any source. ICMP is a protocol that is used for diagnostic or control purposes, such as ping or traceroute. ICMP traffic can be used by attackers to scan or probe the network for vulnerabilities or information. Rule 4 should be removed to block ICMP traffic and reduce the attack surface.
Rule 2 allows TCP traffic on port 443 from any source. This is the desired rule that allows secure web communications using HTTPS. Rule 2 should be kept.
Rule 5 denies all other traffic that does not match any of the previous rules. This is the default rule that provides a catch-all protection for the web servers. Rule 5 should be kept.
Therefore, the analyst should remove rules 1, 3, and 4 to accomplish the objective.
NEW QUESTION # 68
Company A has acquired Company B and is in the process of integrating their cloud resources. Company B needs access to Company A's cloud resources while retaining its IAM solution.
Which of the following should be implemented?
- A. Multifactor authentication
- B. Identity federation
- C. Directory service
- D. Single sign-on
Answer: B
Explanation:
Explanation
Identity federation is a type of authentication mechanism that allows users to access multiple systems or applications across different domains or organizations with a single login credential. Identity federation can help integrate the cloud resources of Company A and Company B after Company A has acquired Company B, as it can enable seamless and secure access to both companies' cloud resources using the same IAM solution.
Identity federation can also improve user convenience, productivity, and security, as it can simplify the login process, reduce login errors, and enhance password management. References: CompTIA Cloud+ Certification Exam Objectives, page 14, section 2.7
NEW QUESTION # 69
An IaaS application has a two-hour RTO and a four-hour RPO. The application takes one hour to back up its data or restore from a local backup file. A systems administrator is tasked with configuring the backup policy.
Which of the following should the administrator configure to achieve the application requirements with the LEAST cost?
- A. Back up to object storage every hour
- B. Back up to long-term storage every four hours
- C. Back up to long-term storage every night
- D. Back up to object storage every three hours
Answer: D
Explanation:
Explanation
Object storage is a type of storage service that stores data as objects with unique identifiers and metadata in a flat namespace or structure. Backing up to object storage every three hours can help achieve the application requirements with the least cost for an IaaS application that has a two-hour RTO and a four-hour RPO, as it can provide scalable, durable, and cost-effective storage for backup data while meeting the recovery time and point objectives. Backing up to object storage every three hours can ensure that the backup data is no more than four hours old and can be restored within two hours in case of a disaster or failure. References: CompTIA Cloud+ Certification Exam Objectives, page 9, section 1.4
NEW QUESTION # 70
Audit and system logs are being forwarded to a syslog solution. An administrator observes that two application servers have not generated any logs for a period of three days, while others continue to send logs normally. Which of the following BEST explains what is occurring?
- A. There is a local firewall policy restriction on the syslog server.
- B. There is a configuration failure in the syslog solution.
- C. The application administrators have not performed any activity in those servers.
- D. The application servers were migrated to the cloud as laaS instances.
Answer: D
Explanation:
One possible explanation for why two application servers have not generated any logs for a period of three days, while others continue to send logs normally, is that the application servers were migrated to the cloud as laaS (Infrastructure as a Service) instances. laaS is a cloud service model that provides virtualized computing resources over the internet, such as servers, storage, network, and operating systems. When an application server is migrated to the cloud as an laaS instance, it may require some configuration changes to enable the syslog forwarding to the same destination as before. For example, the laaS instance may have a different IP address, hostname, firewall rules, or network settings than the original server. If these changes are not properly made, the laaS instance may not be able to communicate with the syslog solution and send logs as expected.
NEW QUESTION # 71
A cloud administrator has been using a custom VM deployment script. After three months of use, the script no longer joins the LDAP domain. The cloud administrator verifies the account has the correct permissions. Which of the following is the MOST likely cause of the failure?
- A. Incorrect encryption ciphers
- B. Invalid certificates
- C. Expired password
- D. Broken trust relationship
Answer: C
NEW QUESTION # 72
A branch office has finished work on a new project and needs to send the data back to the main office where the project will be stored and accessible for the rest of the company. The company administrator has determined current bandwidth between the branch and main office is insufficient to handle the data files without interfering with email and web services for the branch office. Which of the following solutions should the administrator implement to pass data between the two offices without interfering with other online traffic?
- A. Multipathing
- B. Load balancing
- C. QoS
- D. Bandwidth compression
Answer: C
NEW QUESTION # 73
A systems administrator needs to convert ten physical servers to virtual.
Which of the following would be the MOST efficient conversion method for the administrator to use?
- A. Clone the hard drive
- B. Rebuild the servers from scratch
- C. Use the vendor's conversion tool
- D. Restore from backup
Answer: A
NEW QUESTION # 74
Company A has just implemented a SaaS-based cloud storage solution. The SaaS solution provides services for both commercial and personal use. The IT department has been tasked to migrate all the on- premises file shares to the SaaS solution with the username being the corporate email address. The IT department is currently using am IAM solution to provision the accounts in the SaaS solution. Upon execution of the account creation process, the IT department is receiving multiple "unable to create account" alerts. Which of the following is the MOST likely cause?
- A. There is a false positive due to lack of testing
- B. There are compatibility issues between SaaS and IAM
- C. The automation task is misconfigured
- D. The user accounts already exist
Answer: C
NEW QUESTION # 75
When a firewall takes an incoming request for a specific IP address and redirects it to an internal host, which of the following is being used?
- A. PAT
- B. NIC
- C. NAT
- D. NIS
Answer: C
NEW QUESTION # 76
A multinational corporation is moving its worldwide cloud presence to a single region, which is called Region A.
An administrator attempts to use a workflow, which was previously used to deploy VMs to Region E in the new Region A environment, and receives the following error:
Invalid character set. Which of the following is the MOST likely cause of the error?
- A. Time-zone misconfiguration
- B. Licensing failure
- C. Authentication issues
- D. Language support
Answer: D
NEW QUESTION # 77
......
The CompTIA CV0-003 exam is designed to assess the individual's knowledge of various cloud technologies and services, including virtualization, cloud infrastructure, storage, networking, and security. It also covers essential concepts such as cloud deployment models, cloud computing business continuity, and disaster recovery. CompTIA Cloud+ Certification Exam certification validates that the individual has a comprehensive understanding of cloud computing and can provide solutions that meet business needs.
CV0-003 Exam Practice Materials Collection: https://www.dumpstests.com/CV0-003-latest-test-dumps.html
Get Latest and 100% Accurate CV0-003 Exam Questions: https://drive.google.com/open?id=18OHLk3fuuetazSAe3GiP8iNMYOyecppA