QUESTION 61
A cloud engineer is creating a configuration standard to be used on all new cloud deployments. The document should include best practices designed by industry experts. Which of the following is the optimal way to complete this task?
A. Download the ISO 27001 certification document and certify the company’s deployment process.
B. Verify the availability of a CIS benchmark for each in-scope technology.
C. Request from the management team a budget to initiate a SOC 2 attestation.
D. Invite professionals from the local IT community to contribute to the document.
Correct Answer: B
QUESTION 62
A customer relationship management application, which is hosted in a public cloud laaS network, is vulnerable to a remote command execution vulnerability. Which of the following is the best solution for the security engineer to implement to prevent the application from being exploited by basic attacks?
A. IPS
B. ACL
C. DLP
D. WAF
Correct Answer: D
QUESTION 63
A cloud engineer discovers that two nodes experience resource exhaustion during the holidays. This creates a denial of service on the web application. Adding a third node is not an option because of budgetary constraints. Which of the following scaling approaches helps minimize resource exhaustion?
A. Event trigger
B. Load trigger
C. Vertical scaling
D. Horizontal scaling
Correct Answer: C
QUESTION 64
Which of the following is a customer responsible for in a provider-managed database service? (Select two).
A. Operating system patches
B. Table-level permissions
C. Minor database engine updates
D. Cluster configuration
E. Row-level encryption
F. Availability of hardware for scaling
Correct Answer: BE
QUESTION 65
A company has been using a CRM application that was developed in-house and is hosted on local servers. Due to internal changes, the company wants to migrate the application to the cloud without having to manage the infrastructure. Which of the following services should the company consider?
A. SaaS
B. PaaS
C. XaaS
D. IaaS
Correct Answer: A
QUESTION 66
A bank was recently hacked. The bank reviews the logs to a see how the attack occurred. The security administrator suspects the logs were manipulated because no traces of the attack can be found in them. Which of the following should have been enabled before the attack occurred?
A. Metric and alerts
B. Tracing and aggregation
C. Dashboard and reporting
D. Versioning and immutability
Correct Answer: D
QUESTION 67
A cloud engineer is in charge of deploying a platform in an IaaS public cloud. The application tracks the state using session cookies, and there are no affinity restrictions. Which of the following will help the engineer reduce monthly expenses and allow the application to provide the service?
A. Resource metering
B. Reserved resources
C. Dedicated host
D. Pay-as-you-go model
Correct Answer: B
QUESTION 68
A developer is building a tool on the cloud that needs to allow other developers to programmatically read and write to the web application resources. Which of the following should the developer do to meet these requirements with the least complexity?
A. Build a REST API endpoint.
B. Allow access via the cloud portal.
C. Provision cloud-based SQL access.
D. Implement RPC on the web application.
Correct Answer: A
QUESTION 69
Which of the following protocols is often used in IoT to reduce the amount of data exchanged?
A. MQTT
B. SMB
C. NFS
D. HTTPS
Correct Answer: A
QUESTION 70
An administrator migrates a legacy banking application from a private cloud to a public cloud. Then, the administrator discovers the application’s hardware on the private cloud is no longer compatible for reuse. Which of the following should the administrator do next?
A. Perform a full system backup.
B. Apply the latest patches.
C. Extend support.
D. Decommission the infrastructure.
Correct Answer: D
QUESTION 71
Which of the following types of releases best describes the update made to a code repository production release when it changes from version 1.0 to version 1.1?
A. Alpha
B. Beta
C. Minor
D. Major
Correct Answer: C
QUESTION 72
A managed service provider’s recent business growth includes customers on different continents. Which of the following should be considered to prevent issues with regulations?
A. Data sovereignty
B. Data ownership
C. Classification of data
D. Data locality‘
Correct Answer: A
QUESTION 73
A vulnerability exists on a critical cloud server. The cloud administrator needs to resolve the issue with minimal interruptions. Which of the following should the administrator do next?
A. Perform a patch installation during lunchtime.
B. Run a vulnerability scan.
C. Install major updates after business hours.
D. Apply fixes in the testing environment.
Correct Answer: D
QUESTION 74
Which of the following commands allows a developer to save changes in the remote repository?
A. git push
B. git fetch
C. git pull
D. git commit
Correct Answer: A
QUESTION 75
A cloud engineer is migrating a company-hosted application to a cloud provider. The data needs to be secure while stored on the third-party system. Which of the following best ensures that the data is secure? (Select two).
A. Hashing
B. Encoding
C. SAML
D. AES
E. TLS
F. SSL
Correct Answer: DE
QUESTION 76
A cloud engineer enables API access on a user account for automation on a SaaS-based tool. Which of the following is needed to authenticate with the REST API? (Select two).
A. Client ID
B. Password
C. Workstation name
D. Secret key
E. Username
F. Cookie
Correct Answer: AD
QUESTION 77
A large corporation, which operates exclusively on private cloud environments, is considering a merger and acquisition of two smaller companies, which operate on premises and in public cloud environments. Which of the following considerations is the most important for the parent corporation?
A. Data centers, storage, and cost implications
B. Networking, hardware, and computing
C. Platform compatibility and migration strategies
D. Management overhead and vendor lock-in
Correct Answer: C
QUESTION 78
Which of the following container commands implements network port mapping?
A. $docker run -it myimage -e /bin/port 8080
B. $docker run myimage : port
C. $docker run -it -p 1-65535 myimage -e netstat 8080
D. $docker run -it -p 80:8080 myimage
Correct Answer: D
QUESTION 79
A development team is ready to release the latest version of an application. Which of the following strategies best ensures successful deployment without impacting the bandwidth of company resources?
A. Blue-green
B. A/B testing
C. Rolling
D. Shadow
Correct Answer: D
QUESTION 80
A company wants to build a database that will receive requests from its application, but it also has a lot of customer data that must be archived. Which of the following solutions takes into consideration performance and cost implications?
A. SSD for the customer data, SSD for the database
B. SSD for the database, HDD for the customer data
C. Object storage for the database, SSD for the customer data
D. Object storage for the customer data, HDD for the database
Correct Answer: B
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.