QUESTION 161
A company runs a discussion forum that caters to global users. The company’s monitoring system reports that the home page suddenly is seeing elevated response times, even though internal monitoring has reported no issues or changes. Which of the following is the most likely cause of this issue?
A. Cryptojacking
B. Human error
C. DDoS
D. Phishing
Correct Answer: C
QUESTION 162
A company uses containers stored in Docker Hub to deploy workloads for its IaaS infrastructure. The development team releases changes to the containers several times per hour. Which of the following should a cloud engineer do to prevent the proprietary code from being exposed to third parties?
A. Use IaC to deploy the IaaS infrastructure.
B. Convert the containers to VMs.
C. Deploy the containers over SSH.
D. Use private repositories for the containers.
Correct Answer: D
QUESTION 163
Which of the following is a difference between a SAN and a NAS?
A. A SAN works only with fiber-based networks.
B. A SAN works with any Ethernet-based network.
C. A NAS uses a faster protocol than a SAN.
D. A NAS uses a slower protocol than a SAN.
Correct Answer: D
QUESTION 164
A cross-site request forgery vulnerability exploited a web application that was hosted in a public IaaS network. A security engineer determined that deploying a WAF in blocking mode at a CDN would prevent the application from being exploited again. However, a week after implementing the WAF, the application was exploited again. Which of the following should the security engineer do to make the WAF control effective?
A. Configure the DDoS protection on the CDN.
B. Install endpoint protection software on the VMs.
C. Add an ACL to the VM subnet.
D. Deploy an IDS on the IaaS network.
Correct Answer: C
QUESTION 165
A cloud architect attempts to modify a protected branch but is unable to do so. The architect receives an error indicating the action cannot be completed. Which of the following should the architect try instead?
A. Adding a new remote
B. Creating a pull request
C. Merging the branch
D. Rebasing the branch
Correct Answer: B
QUESTION 166
An organization’s web application experiences periodic bursts of traffic when a new video is launched. Users are reporting poor performance in the middle of the month. Which of the following scaling approaches should the organization use to scale based on forecasted traffic?
A. Scheduled
B. Manual
C. Event
D. Load
Correct Answer: A
QUESTION 167
A cloud developer is creating a static website that customers will be accessing globally. Which of the following services will help reduce latency?
A. VPC
B. Application load balancer
C. CDN
D. API gateway
Correct Answer: C
QUESTION 168
A company’s engineering department is conducting a month-long test on the scalability of an in-house-developed software that requires a cluster of 100 or more servers. Which of the following models is the best to use?
A. PaaS
B. SaaS
C. DBaaS
D. IaaS
Correct Answer: D
QUESTION 169
A cloud engineer is reviewing a disaster recovery plan that includes the following requirements:
1. System state, files, and configurations must be backed up on a weekly basis.
2. The system state, file, and configuration backups must be tested annually.
Which of the following backup methods should the engineer implement for the first week the plan is executed?
A. Differential
B. Incremental
C. Snapshot
D. Full
Correct Answer: D
QUESTION 170
An administrator needs to adhere to the following requirements when moving a customer’s data to the cloud:
1. The new service must be geographically dispersed.
2. The customer should have local access to data.
3. Legacy applications should be accessible.
Which of the following cloud deployment models is most suitable?
A. On-premises
B. Private
C. Hybrid
D. Public
Correct Answer: C
QUESTION 171
A company needs to deploy its own code directly in the cloud without provisioning additional infrastructure. Which of the following is the best cloud service model for the company to use?
A. PaaS
B. SaaS
C. IaaS
D. XaaS
Correct Answer: A
QUESTION 172
Following a ransomware attack, the legal department at a company instructs the IT administrator to store the data from the affected virtual machines for a minimum of one year. Which of the following is this an example of?
A. Recoverability
B. Retention
C. Encryption
D. Integrity
Correct Answer: B
QUESTION 173
An e-commerce store is preparing for an annual holiday sale. Previously, this sale has increased the number of transactions between two and ten times the normal level of transactions. A cloud administrator wants to implement a process to scale the web server seamlessly. The goal is to automate changes only when necessary and with minimal cost. Which of the following scaling approaches should the administrator use?
A. Scale horizontally with additional web servers to provide redundancy.
B. Allow the load to trigger adjustments to the resources.
C. When traffic increases, adjust the resources using the cloud portal.
D. Schedule the environment to scale resources before the sale begins.
Correct Answer: B
QUESTION 174
A cloud administrator needs to collect process-level, memory-usage tracking for the virtual machines that are part of an autoscaling group. Which of the following is the best way to accomplish the goal by using cloud-native monitoring services?
A. Configuring page file/swap metrics
B. Deploying the cloud-monitoring agent software
C. Scheduling a script to collect the data
D. Enabling memory monitoring in the VM configuration
Correct Answer: B
QUESTION 175
An organization needs to retain its data for compliance reasons but only when required. Which of the following would be the most cost-effective type of tiered storage?
A. Warm
B. Hot
C. Archive
D. Cold
Correct Answer: C
QUESTION 176
A cloud engineer is receiving multiple alerts from the infrastructure monitoring agent. The alerts state that all the VMs in the public subnet are at 100% CPU utilization. However, when the engineer checks the network utilization of the VMs, the network throughput is at normal levels. Which of the following is the most likely cause of this issue?
A. Ransomware
B. Cryptojacking
C. DDoS
D. Zombie instances
Correct Answer: B
QUESTION 177
A government agency in the public sector is considering a migration from on premises to the cloud. Which of the following are the most important considerations for this cloud migration? (Select two).
A. Compliance
B. IaaS vs. SaaS
C. Firewall capabilities
D. Regulatory
E. Implementation timeline
F. Service availability
Correct Answer: AD
QUESTION 178
A network administrator is building a site-to-site VPN tunnel from the company’s headquarters office to the company’s public cloud development network. The network administrator confirms the following:
1. The VPN tunnel is established on the headquarters office firewall.
2. While inside the office, developers report that they cannot connect to the development network resources.
3. While outside the office on a client VPN, developers report that they can connect to the development network resources.
4. The office and the client VPN have different IP subnet ranges.
5. The firewall flow logs show that traffic is reaching the development network from the office.
Which of the following is the next step the network administrator should take to troubleshoot the VPN tunnel?
A. Review the development network routing table.
B. Change the ciphers on the site-to-site VPN.
C. Restart the site-to-site VPN tunnel.
D. Check the ACLs on the development workloads.
Correct Answer: A
QUESTION 179
A cloud administrator is building a company-standard VM image, which will be based on a public image. Which of the following should the administrator implement to secure the image?
A. ACLs
B. Least privilege
C. Hardening
D. Vulnerability scanning
Correct Answer: C
QUESTION 180
Which of the following types of storage provides the greatest performance advantage for a traditional relational database?
A. File
B. Object
C. Block
D. Ephemeral
Correct Answer: C
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.