CV0-003 Free Practice Test

- (Topic 4)
A systems administrator is configuring a cloud solution for a vulnerability assessment to test the company's resources that are hosted in a public cloud. The solution must test the company's resources from an external user's perspective. Which of the following should the systems administrator configure?

1. A. An agent-based scan
2. B. A network-based scan
3. C. A port scan
4. D. A credentialed scan

Correct Answer: B
A network-based scan is a type of vulnerability assessment that tests the security of a system or a network from an external user’s perspective, without requiring any software or credentials on the target. A network-based scan can identify vulnerabilities such as open ports, misconfigured firewalls, outdated software, or exposed services .

- (Topic 1)
The human resources department was charged for a cloud service that belongs to another department. All other cloud costs seem to be correct.
Which of the following is the MOST likely cause for this error?

1. A. Misconfigured templates
2. B. Misconfigured chargeback
3. C. Incorrect security groups
4. D. Misconfigured tags

Correct Answer: D
Tags are metadata or labels that can be assigned to cloud resources or services to identify and organize them based on various criteria, such as name, purpose, owner, or cost center. Tags can help track the costs for each business unit or department that uses cloud services, as they can enable granular and accurate billing and reporting based on the tags. Misconfigured tags can cause the issue of inaccurate cost tracking for different businesses, as they can result in incorrect or missing billing information or reports. The issue can be resolved by configuring the tags properly to reflect the correct business unit or department for each cloud resource or service. References: CompTIA Cloud+ Certification Exam Objectives, page 13, section 2.5

- (Topic 1)
Which of the following will mitigate the risk of users who have access to an instance modifying the system configurations?

1. A. Implement whole-disk encryption
2. B. Deploy the latest OS patches
3. C. Deploy an anti-malware solution
4. D. Implement mandatory access control

Correct Answer: D
Mandatory access control (MAC) is a type of access control model that enforces strict security policies based on predefined rules and labels. MAC assigns security labels to subjects (users or processes) and objects (files or resources) and allows access only if the subject has the appropriate clearance and need-to-know for the object. MAC can mitigate the risk of users who have access to an instance modifying the system configurations, as it can prevent unauthorized or accidental changes to critical files or settings by restricting access based on predefined rules and labels. References: CompTIA Cloud+ Certification Exam Objectives, page 14, section 2.7

- (Topic 4)
A systems administrator deployed a new web application in a public cloud and would like to test it, but the company's network firewall is only allowing outside connections to the cloud provider network using TCP port 22. While waiting for the network administrator to open the required ports, which of the following actions should the systems administrator take to test the new application? (Select two).

1. A. Create an IPSec tunnel.
2. B. Create a VPN tunnel.
3. C. Open a browser using the default gateway IP address.
4. D. Open a browser using the localhost IP address.
5. E. Create a GRE tunnel.
6. F. Create a SSH tunnel.

Correct Answer: BF
To test the new web application in the public cloud, the systems administrator should create a replica database, synchronize the data, and switch to the new instance, and create a SSH tunnel. Creating a replica database can help minimize the downtime and ensure data consistency during the migration. Synchronizing the data can help keep the replica database up to date with the original database. Switching to the new instance can help activate the new web application in the public cloud. Creating a SSH tunnel can help bypass the network firewall and access the web application using TCP port 22. SSH is a secure protocol that can create encrypted tunnels between the local and remote hosts. By creating a SSH tunnel, the systems administrator can forward the web application traffic through the tunnel and test it using a web browser. References: [CompTIA Cloud+ CV0-003 Certification Study Guide], Chapter 7, Objective 7.1: Given a scenario, migrate applications and data to the cloud.

- (Topic 1)
A VDI administrator has received reports of poor application performance. Which of the following should the administrator troubleshoot FIRST?

1. A. The network environment
2. B. Container resources
3. C. Client devices
4. D. Server resources

Correct Answer: A
The network environment is the set of network devices, connections, protocols, and configurations that enable communication and data transfer between different systems and applications. The network environment can affect the performance of a virtual desktop infrastructure (VDI) by influencing factors such as bandwidth, latency, jitter, packet loss, and congestion. Poor network performance can result in slow or unreliable application delivery, degraded user experience, and reduced productivity.
Therefore, troubleshooting the network environment should be the first step for a VDI administrator who receives reports of poor application performance. References: CompTIA Cloud+ Certification Exam Objectives, page 17, section 3.4