CV0-004試験無料問題集「CompTIA Cloud+ (2024) 認定」
A systems administrator needs to configure backups for the company's on-premises VM cluster. The storage used for backups will be constrained on free space until the company can implement cloud backups. Which of the following backup types will save the most space, assuming the frequency of backups is kept the same?
正解:D
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
A company wants to create a few additional VDIs so support vendors and contractors have a secure method to access the company's cloud environment. When a cloud administrator attempts to create the additional instances in the new locations, the operation is successful in some locations but fails in others. Which of the following is the most likely reason for this failure?
正解:A
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
A company hosts various containerized applications for business uses. A client reports that one of its routine business applications fails to load the web-based login prompt hosted in the company cloud.
INSTRUCTIONS
Click on each device and resource. Review the configurations, logs, and characteristics of each node in the architecture to diagnose the issue. Then, make the necessary changes to the WAF configuration to remediate the issue.
Web app 1
Web app 2
Web app 3
Web app 4
Client app
INSTRUCTIONS
Click on each device and resource. Review the configurations, logs, and characteristics of each node in the architecture to diagnose the issue. Then, make the necessary changes to the WAF configuration to remediate the issue.
Web app 1
Web app 2
Web app 3
Web app 4
Client app
正解:
The issue is with Web app 1 (Finance application).
From the WAF logs, we can see that requests to https://webapp1.comptia.org/FIN/login.html are being blocked (Rule ID 1006). The rule is configured to block access to the finance application's login page. This corresponds to the reported issue of the web-based login prompt not loading.
To remediate the issue, the WAF configuration for Rule ID 1006 should be changed from "Block" to "Allow". This will enable the web-based login prompt to load for the client.
Additionally, the client app configuration indicates that the client laptop (IP 192.168.10.142) is trying to access the service, and the WAF logs show that requests from this IP are being blocked due to the current rule set. Changing the action for Rule ID 1006 will also ensure that legitimate attempts to access the login page from this IP are not blocked.
Steps for remediation:
Go to the WAF configuration.
Find Rule ID 1006 for the Finance application 1.
Change the action from "Block" to "Allow".
Save the changes.
Reference:
Web application firewall (WAF) configurations typically include rules that define which traffic should be allowed or blocked. Blocking legitimate traffic to login pages can prevent users from accessing the application, which seems to be the case here.
Client application configurations and WAF logs provide valuable insights into the source of the traffic and the rules that are affecting it. It's important to ensure that the rules align with the intended access policies for the application.
From the WAF logs, we can see that requests to https://webapp1.comptia.org/FIN/login.html are being blocked (Rule ID 1006). The rule is configured to block access to the finance application's login page. This corresponds to the reported issue of the web-based login prompt not loading.
To remediate the issue, the WAF configuration for Rule ID 1006 should be changed from "Block" to "Allow". This will enable the web-based login prompt to load for the client.
Additionally, the client app configuration indicates that the client laptop (IP 192.168.10.142) is trying to access the service, and the WAF logs show that requests from this IP are being blocked due to the current rule set. Changing the action for Rule ID 1006 will also ensure that legitimate attempts to access the login page from this IP are not blocked.
Steps for remediation:
Go to the WAF configuration.
Find Rule ID 1006 for the Finance application 1.
Change the action from "Block" to "Allow".
Save the changes.
Reference:
Web application firewall (WAF) configurations typically include rules that define which traffic should be allowed or blocked. Blocking legitimate traffic to login pages can prevent users from accessing the application, which seems to be the case here.
Client application configurations and WAF logs provide valuable insights into the source of the traffic and the rules that are affecting it. It's important to ensure that the rules align with the intended access policies for the application.
An organization is hosting a seminar with eight individuals who need to connect to their own dedicated VM. The technician used the following VM configurations:
IP address: DHCP
NIC: 1Gbps
Network: 10.1.10.0/29
Several users are unable to access their VMs. Which of the following best describes the reason?
IP address: DHCP
NIC: 1Gbps
Network: 10.1.10.0/29
Several users are unable to access their VMs. Which of the following best describes the reason?
正解:B
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
An on-premises data center is located in an earthquake-prone location. The workload consists of real-time, online transaction processing. Which ot the following data protection strategies should be used to back up on-premises data to the cloud while also being cost effective?
正解:C
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
An administrator received a report that company data has been compromised. The compromise occurred on a holiday, and no one in the organization was working. While reviewing the logs from the holiday, the administrator noted the following details:
The most appropriate action for the cloud security analyst to recommend is using CIS-hardened images. These images are pre-configured by the Center for Internet Security to provide security benchmark standards that help in mitigating vulnerabilities in publicly available container images. Reference: CompTIA Cloud+ Study Guide (Exam CV0-004) - Chapter on Cloud Security Posture Which of the following accounts should the administrator disable to prevent a further breach?
The most appropriate action for the cloud security analyst to recommend is using CIS-hardened images. These images are pre-configured by the Center for Internet Security to provide security benchmark standards that help in mitigating vulnerabilities in publicly available container images. Reference: CompTIA Cloud+ Study Guide (Exam CV0-004) - Chapter on Cloud Security Posture Which of the following accounts should the administrator disable to prevent a further breach?
正解:C
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
A cloud engineer is receiving multiple alerts from the infrastructure monitoring agent. The alerts state that all the VMs in the public subnet are at 100% CPU utilization. However, when the engineer checks the network utilization of the VMs, the network throughput is at normal levels. Which of the following is the most likely cause of this issue?
正解:D
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You are a cloud engineer working for a cloud service provider that is responsible for an IaaS offering.
Your customer, who creates VMs and manages virtual storage, has noticed I/O bandwidth issues and low IOPS (under 9000).
Your manager wants you to verify the proper storage configuration as dictated by your service level agreement (SLA).
The SLA specifies:
. Each SFP on the hypervisor host must be set to the maximum link speed allowed by the SAN array. . All SAN array disk groups must be configured in a RAID 5.
. The SAN array must be fully configured for redundant fabric paths. . IOPS should not fall below 14000 INSTRUCTIONS Click on each service processor to review the displayed information. Then click on the drop-down menus to change the settings of each device as necessary to conform to the SLA requirements.
Your customer, who creates VMs and manages virtual storage, has noticed I/O bandwidth issues and low IOPS (under 9000).
Your manager wants you to verify the proper storage configuration as dictated by your service level agreement (SLA).
The SLA specifies:
. Each SFP on the hypervisor host must be set to the maximum link speed allowed by the SAN array. . All SAN array disk groups must be configured in a RAID 5.
. The SAN array must be fully configured for redundant fabric paths. . IOPS should not fall below 14000 INSTRUCTIONS Click on each service processor to review the displayed information. Then click on the drop-down menus to change the settings of each device as necessary to conform to the SLA requirements.
正解:
Based on the SLA requirements and the information provided in the diagram:
For the Hypervisor:
Slot A fiber channel card:
Port 1 link speed should be set to 16 Gbps since it's connected to Fabric switch A which supports 16 Gbps.
Port 2 link speed should be set to 8 Gbps because it's connected to Fabric switch B which supports up to 8 Gbps.
Slot B fiber channel card:
Port 1 link speed should be set to 16 Gbps since it's connected to Fabric switch A which supports 16 Gbps.
Port 2 link speed should be set to 8 Gbps because it's connected to Fabric switch B which supports up to 8 Gbps.
For the Hypervisor:
Slot A fiber channel card:
Port 1 link speed should be set to 16 Gbps since it's connected to Fabric switch A which supports 16 Gbps.
Port 2 link speed should be set to 8 Gbps because it's connected to Fabric switch B which supports up to 8 Gbps.
Slot B fiber channel card:
Port 1 link speed should be set to 16 Gbps since it's connected to Fabric switch A which supports 16 Gbps.
Port 2 link speed should be set to 8 Gbps because it's connected to Fabric switch B which supports up to 8 Gbps.
A cloud engineer hardened the WAF for a company that operates exclusively in North Americ a. The engineer did not make changes to any ports, and all protected applications have continued to function as expected. Which of the following configuration changes did the engineer most likely apply?
正解:C
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
A cloud developer needs to update a REST API endpoint to resolve a defect. When too many users attempt to call the API simultaneously, the following message is displayed:
Error: Request Timeout - Please Try Again Later
Which of the following concepts should the developer consider to resolve this error?
Error: Request Timeout - Please Try Again Later
Which of the following concepts should the developer consider to resolve this error?
正解:D
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)