QUESTION 1
A startup recently built and deployed web applications. The startup wants to monitor system performance and application servers’ uptime. Which of the following should a cloud engineer implement first to address this gap?
A. Achange management program
B. A log collection pipeline
C. A data visualization application
D. A patch management system
Correct Answer: B
QUESTION 2
An unauthorized login was registered on an SSO service. Which of the following actions is the best way to stop unauthorized user access?
A. Applying MFA
B. Enforcing encryption
C. Installing an IDS
D. Restricting accounts
Correct Answer: D
QUESTION 3
A cloud engineer is working on a solution with low-risk updates several times a week. New versions need to be pushed through with minimal downtime. Which of the following deployment strategies is the most cost-effective to implement?
A. Canary
B. In-place
C. Blue-green
D. Rolling
Correct Answer: D
QUESTION 4
An organization is working to become compliant with industry regulations. An administrator needs to amend the organization’s existing log policy so that logs are available during the period in which the organization is audited. Which of the following should the administrator implement?
A. Log retention
B. Log aggregation
C. Log collection
D. Log tracing
Correct Answer: A
QUESTION 5
A web application has to be integrated with an in-house HTTP application. Which of the following services is most appropriate to use for data transfer?
A. RPC
B. SOAP
C. WebSockets
D. REST
Correct Answer: D
QUESTION 6
Which of the following is an auditing procedure that ensures service providers securely manage the data to protect the interests of the organization and the privacy of its clients?
A. CIS
B. ITIL
C. SOC2
D. ISO 27001
Correct Answer: C
QUESTION 7
A system surpasses 75% to 80% of resource consumption. Which of the following scaling approaches is the most appropriate?
A. Trending
B. Manual
C. Load
D. Scheduled
Correct Answer: C
QUESTION 8
A process runs that creates several pieces of intermediate data before producing a final output. After the process completes, there is no requirement to keep the intermediate data Which of the following is the best way to treat the intermediate data?
A. As ephemeral data
B. As persistent data
C. As supporting data
D. As caching data
Correct Answer: A
QUESTION 9
A cloud engineer must migrate a backup solution for a government application to a cloud environment. Which of the following factors should the cloud engineer consider first?
A. Storage
B. Compliance
C. Compatibility
D. Performance
Correct Answer: B
QUESTION 10
A developer is sending requests to a Saas application. The developer becomes unable to send anymore requests after sending a number of them, but other developers can still send requests. Which of the following is most likely causing the issue?
A. Partial outage
B. API throttling
C. Rate limiting
D. Service quota
Correct Answer: C
QUESTION 11
Which of the following facilitates the continuous deployment of cloud applications without performing a clean install on each iteration?
A. Debian package
B. Version management
C. Container image
D. Bare-metal server
Correct Answer: C
QUESTION 12
A company’s cybersecurity team receives the following alert that a production VM was deleted from the virtual network:
21 September 09:19:08 (GMT-5)
Resource with ID: PROD-WEB001 was deleted by User: Logging service
The console to manage virtual network resources uses directory authentication. Only users in a particular directory group can interactively access the virtual network management console. The logging service account is not part of this group and requires some local administration privileges to aggregate logs from various resources. The cybersecurity team discovers that the logging service account was previously given full directory administration privileges and they see the following entry:
21 September 09:10:55 (GMT-5)
User with ID: Logging Service was added to the Group: VNet
Console Administrators by actor: Logging service.
The cybersecurity team removes the compromised service account from the directory group. Which of the following should the cybersecurity team do next to prevent repeat instances of this issue?
A. Enable two-factor authentication on the virtual network console.
B. Reset the logging service account to use a long and complex password.
C. Disable RDP on the production virtual machines.
D. Create a scoped administrative role for the logging service account.
Correct Answer: D
QUESTION 13
An IT manager is planning a cloud deployment for a new company. The company does not want on-premises servers or applications. Which of the following is the best approach for the manager to take?
A. Colocation-PaaS
B. Implementation-SaaS
C. Migration-IaaS
D. Hybrid—XaaS
Correct Answer: B
QUESTION 14
A cloud service provider just launched a new serverless service that is compliant with all security regulations. A company deployed its code using the service, and the company’s application was hacked due to leaked credentials. Which of the following is responsible?
A. Customer
B. Cloud service provider
C. Hacker
D. Code repository
Correct Answer: A
QUESTION 15
A cloud developer resigned from an organization and gave a two-week notice. Within the first week since the developer resigned, a security analyst identifies large volumes of file downloads to the developer’s laptop from the source code repository. Which of the following security controls is the best way to mitigate the organization’s risk of data loss?
A. Implementing a policy to stop cloud developers from sharing passwords
B. Preventing cloud developers from accessing the source code repository
C. Updating outbound firewall rules to block the cloud developer’s IP address
D. Blocking internet access for employees who resign from the organization
E. Prohibiting files on the local drive from being transferred to USB drives
Correct Answer: B
QUESTION 16
A company recently experienced a ransomware attack. The recovery process was slow because the on-site backups were compromised and off-site backups were required. Which of the following features would enable a faster recovery if a ransomware attack would happen again?
A. Integrity
B. Encryption
C. Immutability
D. Replication
Correct Answer: D
QUESTION 17
A cloud engineer is developing an operating expense report that will be used to purchase various cloud billing models for virtual machine instances. The cloud billing model must meet the following requirements:
1. The instance cannot be ephemeral.
2. The minimum life cycle of the instance is expected to be five years.
3. The software license is charged per physical CPU count.
Which of the following best meets these requirements?
A. Dedicated host
B. Spot instance
C. Pay-as-you-go
D. Resource metering
Correct Answer: A
QUESTION 18
Which of the following costs would increase significantly for data transfer when comparing a multiregion to a single-region cloud platform design?
A. Storage
B. Power and cooling
C. Network
D. Compliance and regulation
Correct Answer: C
QUESTION 19
Which of the following technologies can read the contents of a printed memo?
A. Document scanning
B. Sentiment analysis
C. Text recognition
D. Natural language processing
Correct Answer: C
QUESTION 20
Which of the following should be used on containers to process data and keep the output in files for later review?
A. Standard output
B. Optical disk mount
C. Ephemeral storage
D. Persistent volumes
Correct Answer: D
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.