182: CompTia Cloud+ Flashcards
Faith has been given the responsibility of moving as many systems as she can to the cloud. Although she has a list of the systems that the IT department is aware of, she has overheard staff members discussing additional systems that are not on her list. Which of the following statements best sums up the systems she still needs to learn more about?
Shadow IT
To oversee the IT infrastructure team, Ward has been engaged by Fictional Corp. How they manage all the data about their servers, operating systems, networking hardware, and apps is one of the first questions he poses. He is told that some individuals have some of the data in spreadsheets, but that there seem to be several copies of that spreadsheet circulating. He could choose to implement which of the following?
CMDB
Fictional Corp. has grown exponentially over the first few years of its existence. Until now it had been using commercial off-the-shelf software. They’ve decided to create a development team and need to decide what the best method of development management is. Which of the following is the best choice considering that their applications will need to updated frequently based on market demands?
Agile
Fictional Corp. has been using its current cloud service provider for the past year. They have been mostly happy with the service provided up until about a month ago when various virtual machines started becoming unavailable for hours at a time. The CSP has a guarantee of a 99.999 percent uptime, which means they should only have about 5.26 minutes of downtime per year. Which of the following defines the guarantee the CSP is not meeting?
Martin has been tasked with identifying any holes in the organization’s cloud infrastructure and producing a report that will be given to top management. He is not to really try to take advantage of any of the vulnerabilities to see how much they could compromise the system. Which of the following is the request made to Martin?
vulnerability testing
A large e-commerce platform sells and ships millions of dollars’ worth of goods every day. Which of the following concepts is most likely the most important thing for them to consider in the design of their IT infrastructure?
Minimizing downtime
Bill is trying to create a new web application to replace an existing system that is becoming outdated. The old application has been modified a number of times and the code has become rather convoluted over time, so he has decided to start over. However, the application that it is replacing needs to be usable 24 hours a day, 7 days a week, 365 days per year with as little downtime as possible. Which of the following would be the type of system Bill is trying to create by adding in redundancy wherever he can?
High availability
Robert has just finished putting into effect a change that the change advisory board has authorized. Which of the following should be done as the next action once the modification has been implemented?
Change review
As the new development manager of Widget Co., Frank was just hired. He was hired because he suggested that he could put innovative techniques into practice, such as one where modifications are introduced in little doses every 24 hours. He advised the team members to conduct some research because some of them don’t entirely comprehend it. What search phrase would they use to get the details they require to learn more about this approach?
Continuous delivery
One of the virtual machines on the CSP they use, which runs a couple of the company’s apps, has had a new update implemented by George. He checked everything again, compared the outcomes to the original, authorized request, and decided the alteration was effective. What action should George take after that?
change documentation
Joy has received several complaints that none of the users can access the company’s resources that are hosted on a cloud service provider. The company has a piece of hardware installed that provides a VPN tunnel to the CSP. Upon entering the data center, she sees that all the lights are off on the device. She unplugs it and plugs it back in and does not see any changes. Which of the following has most likely occurred?
security device failure
Theo wants to transfer some files to one of the Linux servers that he manages. Which of the following would ensure that the transmissions are secure while not relying on SSL/TLS for the encryption?
sftp
Sam wants to create a lightly protected subnet within the VNet that acts as a filter between the Internet and the other internal network resources. Which of the following describes the type of subnet that he is looking to deploy?
dmz
Leona wants to protect the application servers within her cloud deployment by implementing granular control of the traffic and workflows in the deployment. Which of the following would she implement?
Micro-segmentation
Gandy has been learning more about security within the cloud after hearing that it is a hot topic within the IT industry. He starts reading up on SHA-3 being used for hashing. Which of the following best describes SHA-3?
cipher
Darren wants to implement a technology on the company’s servers that will detect any intrusions as well as implement rules or other methods to immediately stop traffic that appears to be an intrusion. Which of the following is he looking to install?
hips
Bryan is examining the log files and notices a constant stream of traffic initializing sessions to an FTP server coming from a single IP address. Which of the following is most likely occurring?
DoS attack
Meera notices someone entering a side door of her company’s facility but did not swipe a badge on the proximity badge reader before being able to open the door, even though there is a badge reader installed. Which of the following may have occurred?
Security device failure
Aron has recently learned about the CIA triad. He knows that encryption is important to a variety of things within his organization’s infrastructure. One of those is the ability to ensure that data being transmitted across the network cannot be modified undetected. Which of the following tenets of the CIA triad supports this idea?
Integrity
Nirav is considering using private key encryption for transmitting messages from his VPC. What is a possible problem this may cause when he attempts to implement it?
private key encryption requires decryptions key to be sent in a secure manner
