- (Topic 4)
A cloud engineer recently set up a container image repository. The engineer wants to ensure that downloaded images are not modified in transit. Which of the following is the best method to achieve this goal?
Correct Answer:
A
SHA-256 is the best method to ensure that downloaded images are not modified in transit. SHA-256 is a type of cryptographic hash function that can generate a unique and fixed- length digest for any input data. The digest can be used to verify the integrity and
authenticity of the data, as any modification or tampering of the data would result in a different digest. SHA-256 is more secure and reliable than MD5, which is an older and weaker hash function that has been proven to be vulnerable to collisions and attacks12. AES-256 and serpent-256 are types of encryption algorithms, not hash functions, and they are used to protect the confidentiality of the data, not the integrity. IPSec is a network security protocol that can use encryption and hashing to secure data in transit, but it is not a method by itself
- (Topic 4)
A cloud solutions architect has an environment that must only be accessed during work hours. Which of the following processes should be automated to best reduce cost?
Correct Answer:
C
Shutting down the environment after work hours is the best process to automate to reduce cost, as it will stop incurring charges for the cloud resources that are not needed outside of work hours. Scaling, implementing access control, or blocking external access may still incur some costs for the cloud resources that are running or reserved, even if they are not fully utilized. Shutting down the environment can be automated using scripts, schedules, or triggers that can turn off or deallocate the cloud resources based on time or usage criteria12.
- (Topic 3)
Over the last couple of years, the growth of a company has required a more complex DNS and DHCP environment. Which of the following should a systems administration team implement as an appropriate solution to simplify management?
Correct Answer:
A
The best solution to simplify management of a more complex DNS and DHCP environment for a company that has grown over the last couple of years is IPAM (IP address management). IPAM is a tool or service that allows centralized management and automation of DNS and DHCP functions, such as IP address allocation, reservation, release, or renewal, as well as domain name registration or resolution. IPAM can also provide monitoring, auditing, reporting, and security features for DNS and DHCP resources. Reference: [CompTIA Cloud+ Certification Exam Objectives], Domain 3.0 Maintenance, Objective 3.4 Given a scenario, implement automation and orchestration to optimize cloud operations.
- (Topic 3)
An organization is hosting its dedicated email infrastructure with unlimited mailbox creation capability. The management team would like to migrate to a SaaS-based solution. Which of the following must be considered before the migration?
Correct Answer:
A
The licensing model of the SaaS provider is an important factor to consider before migrating to a SaaS-based solution for email infrastructure. The licensing model determines how much the organization will pay for the service, how many mailboxes they can create, what features they can access, and what SLAs they can expect. The organization should compare different SaaS providers’ licensing models and choose the one that best suits their needs and budget. Reference: CompTIA Cloud+ Certification Exam Objectives, Domain 1.0 Configuration and Deployment, Objective 1.4 Given a scenario, execute a provided deployment plan.
- (Topic 2)
A systems administrator has received an email from the virtualized environment's alarms indicating the memory was reaching full utilization. When logging in, the administrator notices that one out of a five-host cluster has a utilization of 500GB out of 512GB of RAM. The baseline utilization has been 300GB for that host. Which of the following should the administrator check NEXT?
Correct Answer:
D
Allocated guest resources is what the administrator should check next after receiving an email from the virtualized environment’s alarms indicating the memory was reaching full utilization and noticing that one out of a five-host cluster has a utilization of 500GB out of 512GB of RAM. Allocated guest resources are the amount of resources or capacity that are assigned or reserved for each guest system or device within a host system or device. Allocated guest resources can affect performance and utilization of host system or device by determining how much resources or capacity are available or used by each guest system or device. Allocated guest resources should be checked next by comparing them with the actual usage or demand of each guest system or device, as well as identifying any overallocation or underallocation of resources that may cause inefficiency or wastage.
