CompTIA Cloud+ Study Guide. Ben Piper
Читать онлайн.| Название | CompTIA Cloud+ Study Guide |
|---|---|
| Автор произведения | Ben Piper |
| Жанр | Зарубежная компьютерная литература |
| Серия | |
| Издательство | Зарубежная компьютерная литература |
| Год выпуска | 0 |
| isbn | 9781119810957 |
91 Elena manages user accounts for her company's cloud presence. She has a trouble ticket open with Jill to assist her in accessing an SSD storage volume in the San Paulo region of the public cloud. What kind of user issue is she investigating?AuthenticationAuthorizationFederationSSO
92 Emma is unable to reach her Linux-based web server hosted in the Singapore zone of the cloud. She is located in Austin, Texas. What command can she use to verify the connection path?tracerouteipconfigarpnetstatpingtcpdumproute print
93 After deploying a new public website, your validation steps ask you to check the domain name–to–IP address mappings. What utility can you use for validation? (Choose two.)RDPdigSSHnslookupIPsecIPS
94 Nicola is deploying a new fleet of IIS web servers on his IaaS e-commerce site. The company has elected to use a hybrid approach and wants graphical connections to the Windows bastion hosts. What traffic must he permit through the external-facing firewall to the host?SSHRDPDNSIPS
95 Martina is troubleshooting a networking problem and needs to capture network frames being sent and received from the server's network adapter. What command would she use to collect the traces?dignetstattcpdumpnslookup
96 The remote disaster recovery location follows the warm site model. To configure the network switches, routers, and firewalls remotely, Joyce will need serial port access from her company's operations center. She has 14 serial ports currently available but needs to be prepared for any unplanned expansion requirements during a disaster recovery cutover. What device would you recommend that she install at the warm site?RDPTelnetIPsecSSHTerminal server
97 The cloud data center is in a large industrial park with no company signage, extensive video cameras in the parking lot, high-security fences, and biometrics at the guard shack. What type of security is the provider implementing?BuildingDeviceInfrastructureTunneling
98 Mergie is documenting different methods that her remote operations center can use to access a fleet of servers operating in a community cloud. Which of the following are not viable methods? (Choose two.)RDPTelnetIDS/IPSTerminal serverDNSHTTP
99 Vasile is working a support ticket that shows the connection between the Ames field office and the Kansas City cloud edge location has dropped. She confirms it's a secure Internet-based access solution. What type of connection is this?Direct peeringIDSVPNAES-256RDP
100 Company users are complaining that they cannot log into a cloud-based collaboration system. The operations center has been investigating and has, so far, verified that the MFA applications are operational. What user system are they troubleshooting?AuthenticationAuthorizationFederationKerberos
Answers to Assessment Test
1 D. On-demand cloud computing allows the consumer to add and change resources dynamically with the use of an online portal.
2 B. The interconnection of multiple cloud models is referred to as a hybrid cloud.
3 C. Resource pooling is the allocation of compute resources into a group, or pool, and then these pools are made available to a multitenant cloud environment.
4 A. Infrastructure as a service offers computing hardware, storage, and networking but not applications.
5 B. Platform as a service offers computing hardware, storage, networking, and the operating systems but not the applications.
6 A, B, E. Elasticity, on-demand computing, and pay-as-you-grow are all examples of being able to expand cloud compute resources as your needs require.
7 B, D. One of the prime advantages of cloud-based computing and the automation and virtualization it offers in the background is the ability to leverage the rapid provisioning of virtual resources to allow for on-demand computing.
8 C. Software as a service offers cloud-managed applications as well as the underlying platform and infrastructure support.
9 C. The shared responsibility model outlines what services and portions of the cloud operations the cloud consumer and the provider are responsible for.
10 A. Cloud operators segment their operations into regions for customer proximity, regulatory compliance, resiliency, and survivability.
11 D. A storage area network (SAN) is a high-speed network dedicated to storage transfers across a shared network. Block access is not a networking technology. Zoning is for restricting access to LUNs in a SAN, and VMFS is a VMware filesystem.
12 B, D, F. A hypervisor will virtualize RAM, compute, and storage; the VMs operating on the hypervisor will access these pools.
13 C. A private cloud is used exclusively by a single organization.
14 C. Authentication is the term used to describe the process of determining the identity of a user or device.
15 C. Storage area networks support block-based storage.
16 A, C, E. Application programming interfaces, command-line interfaces, and GUI-based interfaces are all commonly used tools to migrate, monitor, manage, and troubleshoot cloud-based resources.
17 D. A community cloud is used by companies with similar needs such as railroad companies.
18 D. RAID 5 uses parity information that is striped across multiple drives, which allows the drive array to be rebuilt if a single drive in the array fails. The other options do not have parity data.
19 B. When migrating a server that is running on bare metal to a hypervisor-based system, you would be performing a physical-to-virtual migration.
20 D. Multifactor authentication systems use a token generator as something you have and a PIN/password as something you know.
21 B. Two-factor authentication includes something you have and something you know.
22 A. The mandatory access control approach is implemented in high-security environments where access to sensitive data needs to be highly controlled. Using the mandatory access control approach, a user will authenticate, or log into, a system. Based on the user's identity and security levels of the individual, access rights will be determined by comparing that data against the security properties of the system being accessed.
23 C. The question outlines the function of a role-based access control approach.
24 B. The Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) is the process for computer systems' IT security. DIACAP compliance is required to be certified to meet the U.S. Department of Defense security requirements for contractors.
25 B. The platform-as-a-service model offers operating system maintenance to be provided by the service provider.
26 B. Single sign-on allows a user to log in one time and be granted access to multiple systems without having to authenticate to each one individually.
27 B. The security policy outlines all aspects of your cloud security posture.
28 C. IPsec implementations are found in routers and firewalls with VPN services to provide a secure connection over an insecure network such as the Internet.
29 B. The Health Insurance Portability and Accountability Act defines the standards for protecting medical data.
30 C. Advanced Encryption Standard is a symmetrical block cipher that has options to use three lengths, including 128, 192, and 256 bits. AES 256 is a very secure standard, and it would take an extremely long time and a lot of processing power to come even close to breaking the code.
31 C, D. Temporary storage volumes that are destroyed when the VM is stopped are referred to as ephemeral or nondurable storage.
32 C. Applying security applications on a virtual server will cause an increase in CPU usage.
33 C. A dashboard is a graphical portal that provides updates and an overview of operations.
34 C.