CV0-003 Free Practice Test

- (Topic 1)
A company recently subscribed to a SaaS collaboration service for its business users. The company also has an on-premises collaboration solution and would like users to have a seamless experience regardless of the collaboration solution being used.
Which of the following should the administrator implement?

1. A. LDAP
2. B. WAF
3. C. VDI
4. D. SSO

Correct Answer: D
Single sign-on (SSO) is a type of authentication mechanism that allows users to access multiple systems or applications with a single login credential. SSO can help users have a seamless experience regardless of the collaboration solution being used, as it can eliminate the need for multiple logins and passwords for different systems or applications. SSO can also improve user convenience, productivity, and security, as it can simplify the login process, reduce login errors, and enhance password management. References: CompTIA Cloud+ Certification Exam Objectives, page 14, section 2.7

- (Topic 3)
A cloud administrator is configuring several security appliances hosted in the private laaS environment to forward the logs to a central log aggregation solution using syslog. Which of the following firewall rules should the administrator add to allow the web servers to connect to the central log collector?

1. A. Allow UDP 161 outbound from the web servers to the log collector .
2. B. Allow TCP 514 outbound from the web servers to the log collector.
3. C. Allow UDP 161 inbound from the log collector to the web servers .
4. D. Allow TCP 514 inbound from the log collector to the web servers .

Correct Answer: B
As mentioned in the question, the security appliances are using syslog to forward the logs to a central log aggregation solution. According to the web search results, syslog is a protocol that runs over UDP port 514 by default, or TCP port 6514 for secure and reliable transport1. However, some implementations of syslog can also use TCP port 514 for non-secure transport2. Therefore, to allow the web servers to connect to the central log collector using syslog over TCP, the firewall rule should allow TCP 514 outbound from the web servers to the log collector.

- (Topic 3)
A cloud administrator has created a new asynchronous workflow lo deploy VMs to the cloud in bulk. When the workflow is tested for a single VM, it completes successfully. However, if the workflow is used to create 50 VMs at once, the job fails. Which of the following is the MOST likely cause of the issue? (Choose two.)

1. A. Incorrect permissions
2. B. Insufficient storage
3. C. Billing issues with the cloud provider
4. D. No connectivity to the public cloud
5. E. Expired API token
6. F. Disabled autoscaling

Correct Answer: BE
The most likely causes of the issue where the new asynchronous workflow fails to create 50 VMs at once in the public cloud are insufficient storage and expired API token. Insufficient storage means that there is not enough disk space available in the public cloud to accommodate all the VMs that are being created simultaneously. This could result in errors or failures during the provisioning process. Expired API token means that the authentication credential that is used by the workflow to communicate with the public cloud service has expired or become invalid. This could result in errors or failures during the API calls or requests. Reference: CompTIA Cloud+ Certification Exam Objectives, Domain 4.0 Troubleshooting, Objective 4.5 Given a scenario, troubleshoot automation/orchestration issues.

- (Topic 2)
A company had a system compromise, and the engineering team resolved the issue after 12 hours. Which of the following information will MOST likely be requested by the Chief Information Officer (CIO) to understand the issue and its resolution?

1. A. A root cause analysis
2. B. Application documentation
3. C. Acquired evidence
4. D. Application logs

Correct Answer: A
A root cause analysis is what will most likely be requested by the Chief Information Officer (CIO) to understand the issue and its resolution after a system compromise that was resolved by the engineering team after 12 hours. A root cause analysis is a technique of investigating and identifying the underlying or fundamental cause or reason for an incident or issue that affects or may affect the normal operation or performance of a system or service. A root cause analysis can help to understand the issue and its resolution by providing information such as:
✑ What happened: This describes what occurred during the incident or issue, such as symptoms, effects, impacts, etc.
✑ Why it happened: This explains why the incident or issue occurred, such as triggers, factors, conditions, etc.
✑ How it was resolved: This details how the incident or issue was fixed or mitigated, such as actions, steps, methods, etc.
✑ How it can be prevented: This suggests how the incident or issue can be avoided or reduced in the future, such as recommendations, improvements, changes, etc.

- (Topic 4)
A cloud administrator needs to deploy a security virtual appliance in a private cloud environment, but this appliance will not be part of the standard catalog of items for other users to request. Which of the following is the BEST way to accomplish this task?

1. A. Create an empty V
2. B. import the hard disk of the virtual applianc
3. C. and configure the CPU and memory.
4. D. Acquire the build scripts from the vendor and recreate the appliance using the baseline templates
5. E. Import the virtual appliance into the environment and deploy it as a VM
6. F. Convert the virtual appliance to a template and deploy a new VM using the template.

Correct Answer: C
The correct answer is C. Import the virtual appliance into the environment and deploy it as a VM.
A virtual appliance is a pre-packaged and pre-configured software solution that runs on a virtual machine (VM). A virtual appliance typically consists of an operating system, an application, and any required dependencies, and is designed to provide a specific function or service. A virtual appliance can be distributed as a single file or a set of files that can be imported into a virtualization platform, such as VMware, Hyper-V, or KVM .
A cloud administrator can deploy a security virtual appliance in a private cloud environment by importing the virtual appliance into the environment and deploying it as a VM. This is the best way to accomplish this task because it preserves the original configuration and functionality of the virtual appliance, and does not require any additional installation or customization. The cloud administrator can also control the access and visibility of the virtual appliance, and prevent other users from requesting it from the standard catalog of items .
Creating an empty VM, importing the hard disk of the virtual appliance, and configuring the CPU and memory is not the best way to accomplish this task because it involves more steps and complexity than importing the virtual appliance as a whole. It also introduces the risk of losing or corrupting some data or settings during the import process, or misconfiguring the CPU and memory for the virtual appliance.
Acquiring the build scripts from the vendor and recreating the appliance using the baseline templates is not the best way to accomplish this task because it involves more time and effort than importing the virtual appliance directly. It also depends on whether the vendor provides the build scripts or not, and whether they are compatible with the baseline templates or not.
Converting the virtual appliance to a template and deploying a new VM using the template is not the best way to accomplish this task because it adds an unnecessary step of creating a template from the virtual appliance. It also does not prevent other users from accessing or requesting the template from the catalog of items.