• Home
  • Articles
  • 2021 ActualTestsIT CompTIA CV0-003 Dumps and Exam Test Engine [Q14-Q39]

2021 ActualTestsIT CompTIA CV0-003 Dumps and Exam Test Engine [Q14-Q39]

Share

2021 ActualTestsIT CompTIA CV0-003 Dumps and Exam Test Engine

CompTIA CV0-003 DUMPS WITH REAL EXAM QUESTIONS


CompTIA CV0-003 Exam Syllabus Topics:

TopicDetails

Cloud Architecture and Design - 13%

Compare and contrast the different types of cloud models.- Deployment models
  • Public
  • Private
  • Hybrid
  • Community
  • Cloud within a cloud
  • Multicloud
  • Multitenancy

- Service models

  • Infrastructure as a Service (IaaS)
  • Platform as a Service (PaaS)
  • Software as a Service (SaaS)

- Advanced cloud services

  • Internet of Things (IoT)
  • Serverless
  • Machine learning/Artificial intelligence (AI)

- Shared responsibility model

Explain the factors that contribute to capacity planning.- Requirements
  • Hardware
  • Software
  • Budgetary
  • Business need analysis

- Standard templates

  • Per-user
  • Socket-based
  • Volume-based
  • Core-based
  • Subscription

- Licensing
- User density
- System load
- Trend analysis

  • Baselines
  • Patterns
  • Anomalies

- Performance capacity planning

Explain the importance of high availability and scaling in cloud environments.- Hypervisors
  • Affinity
  • Anti-affinity

- Oversubscription

  • Compute
  • Network
  • Storage

- Regions and zones
- Applications
- Containers
- Clusters
- High availability of network functions

  • Switches
  • Routers
  • Load balancers
  • Firewalls

- Avoid single points of failure
- Scalability

  • Auto-scaling
  • Horizontal scaling
  • Vertical scaling
  • Cloud bursting
Given a scenario, analyze the solution design in support of the business requirements.- Requirement analysis
  • Software
  • Hardware
  • Integration
  • Budgetary
  • Compliance
  • Service-level agreement (SLA)
  • User and business needs
  • Security
  • Network requirements
    1. Sizing
    2. Subnetting
    3. Routing

- Environments

  • Development
  • Quality assurance (QA)
  • Staging
  • Blue-green
  • Production
  • Disaster recovery (DR)

- Testing techniques

  • Vulnerability testing
  • Penetration testing
  • Performance testing
  • Regression testing
  • Functional testing
  • Usability testing

Security - 20%

Given a scenario, configure identity and access management.- Identification and authorization
  • Privileged access management
  • Logical access management
  • Account life-cycle management
    1. Provision and deprovision accounts
  • Access controls
    1. Role-based
    2. Discretionary
    3. Non-discretionary
    4. Mandatory

- Directory services

  • Lightweight directory access protocol (LDAP)

- Federation
- Certificate management
- Multifactor authentication (MFA)
- Single sign-on (SSO)

  • Security assertion markup language (SAML)

- Public key infrastructure (PKI)
- Secret management
- Key management

Given a scenario, secure a network in a cloud environment.- Network segmentation
  • Virtual LAN (VLAN)/Virtual extensible LAN (VXLAN)/Generic network virtualization encapsulation (GENEVE)
  • Micro-segmentation
  • Tiering

- Protocols

  • Domain name service (DNS)
    1. DNS over HTTPS (DoH)/DNS over TLS (DoT)
    2. DNS security (DNSSEC)
  • Network time protocol (NTP)
    1. Network time security (NTS)
  • Encryption
    1. IPSec
    2. Transport layer security (TLS)
    3. Hypertext transfer protocol secure (HTTPS)
  • Tunneling
    1. Secure Shell (SSH)
    2. Layer 2 tunneling protocol (L2TP)/Point-to-point tunneling protocol (PPTP)
    3. Generic routing encapsulation (GRE)

- Network services

  • Firewalls
    1. Stateful
    2. Stateless
  • Web application firewall (WAF)
  • Application delivery controller (ADC)
  • Intrusion protection system (IPS)/Intrusion detection system (IDS)
  • Data loss prevention (DLP)
  • Network access control (NAC)
  • Packet brokers

- Log and event monitoring
- Network flows
- Hardening and configuration changes

  • Disabling unnecessary ports and services
  • Disabling weak protocols and ciphers
  • Firmware upgrades
  • Control ingress and egress traffic
    1. Allow list (previously known as whitelisting) or blocklist (previously known as blacklisting)
    2. Proxy servers
  • Distributed denial of service (DDoS) protection
Given a scenario, apply the appropriate OS and application security controls.- Policies
  • Password complexity
  • Account lockout
  • Application approved list (previously known as whitelisting)
  • Software feature
  • User/group

- User permissions
- Antivirus/anti-malware/endpoint detection and response (EDR)
- Host-based IDS (HIDS)/Host-based IPS (HIPS)
- Hardened baselines

  • Single function

- File integrity
- Log and event monitoring
- Configuration management
- Builds

  • Stable
  • Long-term support (LTS)
  • Beta
  • Canary

- Operating system (OS) upgrades
- Encryption

  • Application programming interface (API) endpoint
  • Application
  • OS
  • Storage
  • Filesystem

- Mandatory access control
- Software firewall

Given a scenario, apply data security and compliance controls in cloud environments.- Encryption
- Integrity
  • Hashing algorithms
  • Digital signatures
  • File integrity monitoring (FIM)

- Classification
- Segmentation
- Access control
- Impact of laws and regulations

  • Legal hold

- Records management

  • Versioning
  • Retention
  • Destruction
  • Write once read many

- Data loss prevention (DLP)
- Cloud access security broker (CASB)

Given a scenario, implement measures to meet security requirements.- Tools
  • Vulnerability scanners
  • Port scanners

- Vulnerability assessment

  • Default and common credential scans
  • Credentialed scans
  • Network-based scans
  • Agent-based scans
  • Service availabilities

- Security patches

  • Hot fixes
  • Scheduled updates
  • Virtual patches
  • Signature updates
  • Rollups

- Risk register
- Prioritization of patch application
- Deactivate default accounts
- Impacts of security tools on systems and services
- Effects of cloud service models on security implementation

Explain the importance of incident response procedures.- Preparation
  • Documentation
  • Call trees
  • Training
  • Tabletops
  • Documented incident types/categories
  • Roles and responsibilities

- Incident response procedures

  • Identification
    1. Scope
  • Investigation
  • Containment, eradication, and recovery
    1. Isolation
    2. Evidence acquisition
    3. Chain of custody
    4. Root cause analysis
  • Post-incident and lessons learned

Deployment - 23%

Given a scenario, integrate components into a cloud solution.- Subscription services
  • File subscriptions
  • Communications
    1. Email
    2. Voice over IP (VoIP)
    3. Messaging
  • Collaboration
  • Virtual desktop infrastructure (VDI)
  • Directory and identity services
  • Cloud resources
    1. IaaS
    2. PaaS
    3. SaaS

- Provisioning resources

  • Compute
  • Storage
  • Network

- Application

  • Serverless

- Deploying virtual machines (VMs) and custom images
- Templates

  • OS templates
  • Solution templates

- Identity management
- Containers

  • Configure variables
  • Configure secrets
  • Persistent storage

- Auto-scaling
- Post-deployment validation

Given a scenario, provision storage in cloud environments.- Types
  • Block
    1. Storage area network (SAN)
    - Zoning
  • File
    1. Network attached storage (NAS)
  • Object
    1. Tenants
    2. Buckets

- Tiers

  • Flash
  • Hybrid
  • Spinning disks
  • Long-term

- Input/output operations per second (IOPS) and read/write
- Protocols

  • Network file system (NFS)
  • Common Internet file system (CIFS)
  • Internet small computer system interface (iSCSI)
  • Fibre Channel (FC)
  • Non-volatile memory express over fabrics (NVMe-oF)

- Redundant array of inexpensive disks (RAID)

  • 0
  • 1
  • 5
  • 6
  • 10

- Storage system features

  • Compression
  • Deduplication
  • Thin provisioning
  • Thick provisioning
  • Replication

- User quotas
- Hyperconverged
- Software-defined storage (SDS)

Given a scenario, deploy cloud networking solutions.- Services
  • Dynamic host configuration protocol (DHCP)
  • NTP
  • DNS
  • Content delivery network (CDN)
  • IP address management (IPAM)

- Virtual private networks (VPNs)

  • Site-to-site
  • Point-to-point
  • Point-to-site
  • IPSec
  • Multiprotocol label switching (MPLS)

- Virtual routing

  • Dynamic and static routing
  • Virtual network interface controller (vNIC)
  • Subnetting

- Network appliances

  • Load balancers
  • Firewalls

- Virtual private cloud (VPC)

  • Hub and spoke
  • Peering

- VLAN/VXLAN/GENEVE
- Single root input/output virtualization (SR-IOV)
- Software-defined network (SDN)

Given a scenario, configure the appropriate compute sizing for a deployment.- Virtualization
  • Hypervisors
    1. Type 1
    2. Type 2
  • Simultaneous multi-threading (SMT)
  • Dynamic allocations
  • Oversubscription

- Central processing unit (CPU)/virtual CPU (vCPU)
- Graphics processing unit (GPU)

  • Virtual
    1. Shared
  • Pass-through

- Clock speed/Instructions per cycle (IPC)
- Hyperconverged
- Memory

  • Dynamic allocation
  • Ballooning

 

NEW QUESTION 14
A database analyst reports it takes two hours to perform a scheduled job after onboarding 10,000 new users to the system. The analyst made no changes to the scheduled job before or after onboarding the users. The database is hosted in an IaaS instance on a cloud provider. Which of the following should the cloud administrator evaluate to troubleshoot the performance of the job?

  • A. Migrating from laaS to on premises, the network traffic between on-premises users and the laaS instance, and the CPU utilization of the hypervisor host
  • B. The hypervisor logs, the memory utilization of the hypervisor host, and the network throughput of the hypervisor
  • C. The scheduled job logs for successes and failures, the time taken to execute the job, and the job schedule
  • D. The laaS compute configurations, the capacity trend analysis reports, and the storage IOPS

Answer: C

 

NEW QUESTION 15
A cloud administrator is planning to migrate a globally accessed application to the cloud.
Which of the following should the cloud administrator implement to BEST reduce latency for all users?

  • A. Cloud bursting
  • B. Clustering
  • C. Auto-scaling
  • D. Regions

Answer: D

 

NEW QUESTION 16
A cloud administrator is reviewing a new application implementation document. The administrator needs to make sure all the known bugs and fixes are applied, and unwanted ports and services are disabled.
Which of the following techniques would BEST help the administrator assess these business requirements?

  • A. Usability testing
  • B. Performance testing
  • C. Vulnerability testing
  • D. Regression testing

Answer: C

 

NEW QUESTION 17
A systems administrator has finished installing monthly updates to servers in a cloud environment. The administrator notices certain portions of the playbooks are no longer functioning. Executing the playbook commands manually on a server does not work as well. There are no other reports of issues.
Which of the following is the MOST likely cause of this issue?

  • A. Service overload
  • B. Job validation issues
  • C. Patching failure
  • D. Change management failure
  • E. Deprecated features

Answer: B

 

NEW QUESTION 18
A systems administrator is troubleshooting performance issues with a Windows VDI environment. Users have reported that VDI performance has been slow since the images were upgraded from Windows 7 to Windows 10.
This VDI environment is used to run simple tasks, such as Microsoft Office. The administrator investigates the virtual machines and finds the following settings:
4 vCPU
16GB RAM
10Gb networking
256MB frame buffer
Which of the following MOST likely needs to be upgraded?

  • A. vCPU
  • B. vNIC
  • C. vRAM
  • D. vGPU

Answer: D

 

NEW QUESTION 19
An IaaS provider has numerous devices and services that are commissioned and decommissioned automatically on an ongoing basis. The cloud administrator needs to implement a solution that will help reduce administrative overhead.
Which of the following will accomplish this task?

  • A. NAC
  • B. NTP
  • C. DNS
  • D. IPAM

Answer: D

 

NEW QUESTION 20
A systems administrator is reviewing two CPU models for a cloud deployment. Both CPUs have the same number of cores/threads and run at the same clock speed.
Which of the following will BEST identify the CPU with more computational power?

  • A. Bus speed
  • B. Simultaneous multithreading
  • C. Instructions per cycle
  • D. L3 cache

Answer: C

Explanation:
Reference:
https://en.wikipedia.org/wiki/Central_processing_unit

 

NEW QUESTION 21
An organization has multiple VLANs configured to segregate the network traffic. Following is the breakdown of the network segmentation:
Production traffic (10.10.0.0/24)
Network backup (10.20.0.0/25)
Virtual IP network (10.20.0.128/25)
The following configuration exists on the server:

The backup administrator observes that the weekly backup is failing for this server. Which of the following commands should the administrator run to identify the issue?

  • A. NET SM
  • B. NETSTAT -A
  • C. IPCONFIG /ALL
  • D. ROUTE PRINT

Answer: D

 

NEW QUESTION 22
A developer is no longer able to access a public cloud API deployment, which was working ten minutes prior.
Which of the following is MOST likely the cause?

  • A. Depleted network bandwidth
  • B. Invalid API token
  • C. Invalid API request
  • D. API provider rate limiting

Answer: B

 

NEW QUESTION 23
A cloud administrator recently deployed an update to the network drivers of several servers. Following the update, one of the servers no longer responds to remote login requests. The cloud administrator investigates the issue and gathers the following information:
The cloud management console shows the VM is running and the CPU and memory utilization is at or near 0%.
The cloud management console does not show an IP address for that server.
A DNS lookup shows the hostname resolves to an IP address.
The server is a member of the same security group as the others.
The cloud administrator is able to log in remotely to the other servers without issue.
Which of the following is the MOST likely cause of the server being unavailable?

  • A. The server was assigned a new IP address, and DNS entry for the server name was not updated.
  • B. The update caused an increase in the output to the logs, and the server is too busy to respond.
  • C. The network driver updates did not apply successfully, and the interface is in a down state.
  • D. The ACL policy for the server was updated as part of the server reboot, preventing login access.

Answer: C

 

NEW QUESTION 24
A systems administrator needs to configure an email client to ensure data integrity of the email messages.
Which of the following provides the BEST mechanism to achieve this goal?

  • A. Cyclic redundancy check
  • B. SHA-256 hashes
  • C. SHA-1 hashes
  • D. Digital signature

Answer: A

Explanation:
Reference:
https://www.fsl.cs.sunysb.edu/docs/integrity-storagess05/integrity.html

 

NEW QUESTION 25
Which of the following strategies will mitigate the risk of a zero-day vulnerability MOST efficiently?

  • A. Using only open-source technologies
  • B. Having a detailed incident response plan
  • C. Creating a standby environment with a different cloud provider
  • D. Keeping all resources up to date

Answer: B

 

NEW QUESTION 26
After a hardware upgrade on a private cloud system, the systems administrator notices a considerable drop in network performance. Which of the following is MOST likely the cause?

  • A. The CPU
  • B. The driver
  • C. The memory
  • D. The cluster placement

Answer: D

 

NEW QUESTION 27
A cloud administrator is reviewing the authentication and authorization mechanism implemented within the cloud environment. Upon review, the administrator discovers the sales group is part of the finance group, and the sales team members can access the financial application. Single sign-on is also implemented, which makes access much easier.
Which of the following access control rules should be changed?

  • A. Discretionary-based
  • B. Attribute-based
  • C. Mandatory-based
  • D. Role-based

Answer: D

Explanation:
Reference:
https://www.ekransystem.com/en/blog/rbac-vs-abac

 

NEW QUESTION 28
A systems administrator is using VMs to deploy a new solution that contains a number of application VMs.
Which of the following would provide high availability to the application environment in case of hypervisor failure?

  • A. Anti-affinity rules
  • B. Cold migration
  • C. Live migration
  • D. Affinity rules

Answer: A

Explanation:
Reference:
https://www.vmware.com/products/vsphere/high-availability.html

 

NEW QUESTION 29
A systems administrator is using VMs to deploy a new solution that contains a number of application VMs.
Which of the following would provide high availability to the application environment in case of hypervisor failure?

  • A. Anti-affinity rules
  • B. Cold migration
  • C. Live migration
  • D. Affinity rules

Answer: A

 

NEW QUESTION 30
A cloud administrator is designing a multiregion network within an IaaS provider. The business requirements for configuring the network are as follows:
Use private networking in and between the multisites for data replication.
Use low latency to avoid performance issues.
Which of the following solutions should the network administrator use within the IaaS provider to connect multiregions?

  • A. Hub and spoke
  • B. VPN
  • C. Peering
  • D. Gateways

Answer: B

 

NEW QUESTION 31
A systems administrator disabled TLS 1.0 and 1.1, as well as RC4, 3DES, and AES-128 ciphers for TLS 1.2, on a web server. A client now reports being unable to access the web server, but the administrator verifies that the server is online, the web service is running, and other users can reach the server as well.
Which of the following should the administrator recommend the user do FIRST?

  • A. Disable antivirus/anti-malware software
  • B. Update the web browser to the latest version
  • C. Establish a VPN tunnel between the computer and the web server
  • D. Turn off the software firewall

Answer: D

 

NEW QUESTION 32
Which of the following cloud deployment models allows a company to have full control over its IT infrastructure?

  • A. Cloud within a cloud
  • B. Private
  • C. Public
  • D. Hybrid

Answer: B

Explanation:
Reference:
https://www.sciencedirect.com/topics/computer-science/private-cloud

 

NEW QUESTION 33
Users of an enterprise application, which is configured to use SSO, are experiencing slow connection times. Which of the following should be done to troubleshoot the issue?

  • A. * Analyze the storage system IOPS.
    * Increase the storage system capacity.
    * Replace the storage system disks to SSD.
  • B. * Perform a packet capture during authentication.
    * Validate the load-balancing configuration.
    * Analyze the network throughput of the load balancer.
  • C. * Evaluate the OS ACLs.
    * Upgrade the router firmware.
    * Increase the memory of the router.
  • D. * Perform a memory dump of the OS.
    * Analyze the memory dump.
    * Upgrade the host CPU to a higher clock speed CPU.

Answer: A

 

NEW QUESTION 34
A cloud administrator is building a new VM for machine-learning training. The developer requesting the VM has stated that the machine will need a full GPU dedicated to it.
Which of the following configuration options would BEST meet this requirement?

  • A. Shared GPU
  • B. Virtual GPU
  • C. Passthrough GPU
  • D. External GPU

Answer: C

 

NEW QUESTION 35
A support engineer wants to prevent users from running malware on several IaaS compute instances. Which of the following will BEST achieve this objective?

  • A. Implement an application whitelisting policy.
  • B. Disable file sharing on the instance.
  • C. Encrypt all applications that users should not access.
  • D. Set the execute filesystem permissions on the desired applications only.

Answer: A

 

NEW QUESTION 36
A company recently subscribed to a SaaS collaboration service for its business users. The company also has an on-premises collaboration solution and would like users to have a seamless experience regardless of the collaboration solution being used.
Which of the following should the administrator implement?

  • A. VDI
  • B. LDAP
  • C. SSO
  • D. WAF

Answer: B

 

NEW QUESTION 37
A systems administrator has migrated an internal application to a public cloud. The new web server is running under a TLS connection and has the same TLS certificate as the internal application that is deployed. However, the IT department reports that only internal users who are using new versions of the OSs are able to load the application home page.
Which of the following is the MOST likely cause of the issue?

  • A. The local firewall from older OSs is not allowing inbound connections
  • B. The local firewall from older OSs is not allowing outbound connections
  • C. The cloud web server is using strong ciphers that are not supported by older browsers
  • D. The cloud web server is using a self-signed certificate that is not supported by older browsers

Answer: A

 

NEW QUESTION 38
Users are experiencing slow response times from an intranet website that is hosted on a cloud platform. There is a site-to-site VPN connection to the cloud provider over a link of 100Mbps.
Which of the following solutions will resolve the issue the FASTEST?

  • A. Enable quality of service
  • B. Upgrade the link to 200Mbps
  • C. Change the connection to point-to-site VPN
  • D. Order a direct link to the provider

Answer: A

 

NEW QUESTION 39
......


CompTIA Cloud+ Exam Certification Details:

Passing Score750 / 900
Number of Questions90
Exam CodeCV0-003
Schedule ExamCompTIA Marketplace
Pearson VUE
Exam NameCompTIA Cloud+
Exam Price$338 (USD)
Duration90 mins

 

2021 New ActualTestsIT CV0-003 PDF Recently Updated Questions: https://www.actualtestsit.com/CompTIA/CV0-003-exam-prep-dumps.html

CV0-003 Exam with Guarantee Updated 145 Questions: https://drive.google.com/open?id=1aR_2CZii9qgdteEPgvj6lfnNj_XFytE5 

Related Articles

more
CompTIA CV0-003 Certification Practice Exam