CV0-003 Online Practice Questions and Answers

Correct Answer: D

Role-based access control (RBAC) is a type of access control model that assigns permissions and privileges to users based on their roles or functions within an organization or system. RBAC can help simplify and streamline the management and enforcement of access policies, as it can reduce the complexity and redundancy of assigning permissions to individual users or groups. RBAC can also help improve security and compliance, as it can limit or grant access based on the principle of least privilege and the separation of duties. RBAC is the best access control rule to change when the sales group is part of the finance group and the sales team members can access the financial application due to a single sign-on mechanism being implem

Reference: https://www.ekransystem.com/en/blog/rbac-vs-abac

Correct Answer: D

The network is the set of devices, connections, protocols, and configurations that enable communication and data transfer between different systems and applications. The network can affect the rehosting of an ERP system to complete a datacenter migration to the public cloud, as it can influence factors such as bandwidth, latency, availability, security, and compatibility. The network needs to be analyzed before rehosting the ERP system to ensure that the network requirements and specifications are met, the network performance and reliability are maintained or improved, and the network security and integrity are preserved or enhanced. References: CompTIA Cloud+ Certification Exam Objectives, page 18, section 3.5

Correct Answer: CD

Playbook and templates are two things that must be used to deploy a cloud solution to its provider using automation techniques. A playbook is a file or script that defines a set of tasks or actions to be executed on one or more cloud resources or systems. A playbook can automate and standardize the deployment and configuration of cloud solutions using tools such as Ansible, Chef, Puppet, etc. A template is a preconfigured image or blueprint of a cloud resource or system that contains an OS, applications, settings, etc., that can be used to create new resources or systems quickly and consistently. A template can simplify and speed up the deployment of cloud solutions using tools such as AWS CloudFormation, Azure Resource Manager, Google Cloud Deployment Manager, etc.

Correct Answer: A

ROUTE PRINT is a command that displays the routing table of a system, which shows the destination network, the gateway, the interface, and the metric for each route. ROUTE PRINT can help identify the issue of the weekly backup failing for this server, as it can show if there is a valid route to the network backup segment (10.20.0.0/25) from the production traffic segment (10.10.0.0/24). If there is no route or an incorrect route, the backup will fail to reach the destination. The administrator can use ROUTE PRINT to verify and troubleshoot the routing configuration of the server. References: CompTIA Cloud+ Certification Exam Objectives, page 16, section 3.2

Reference: https://www.toolbox.com/tech/operating-systems/blogs/using-the-route-print-command-in-windows-7-022310/

Correct Answer: D

Roles and responsibilities are definitions or descriptions of what each team member or stakeholder is expected to do or perform in a project or process. Roles and responsibilities can help clarify the scope, authority, and accountability of each team member or stakeholder and avoid any confusion or duplication of work. The security team most likely forgot to implement roles and responsibilities when investigating a data breach, as they are all trying to do the same tasks but are interfering with each other's work. Implementing roles and responsibilities can help improve efficiency and effectiveness, as it can ensure that each team member or stakeholder knows what tasks they need to do and how they need to coordinate with others. References: CompTIA Cloud+ Certification Exam Objectives, page 13, section 2.5

Correct Answer: D

The first step to identify the scope of an incident in an IaaS platform is to perform a traffic capture on the affected instances or network interfaces. This will help to determine the source, destination, and nature of the malicious or anomalous traffic, as well as the impact on the network performance and availability. A traffic capture can also provide evidence for further analysis and remediation. Reference: CompTIA Cloud+ Certification Exam Objectives, Domain 4.0 Troubleshooting, Objective 4.2 Given a scenario, troubleshoot security issues related to cloud implementations.

Correct Answer: C

Correct Answer: C

Explanation: The correct answer is C. NTP.

NTP stands for Network Time Protocol, which is a standard protocol for synchronizing the clocks of computers over a network. NTP uses a hierarchical, client-server architecture, where a client requests the current time from a server, and the server responds with a timestamp. The client then adjusts its own clock to match the server's time, taking into account the network delay and clock drift. NTP can achieve sub-millisecond accuracy over local area networks and a few milliseconds over the internet12. NTP can help maintain time synchronization between all the resources in a distributed cloud environment, as it allows each resource to get the accurate time from a reliable source. This can help with correlating logs, auditing, security, and other time-sensitive operations. NTP can also handle different time zones, as it uses Coordinated Universal Time (UTC) as the reference time, and each resource can convert UTC to its local time zone12. DNS stands for Domain Name System, which is a protocol for resolving domain names into IP addresses. DNS does not provide any functionality for time synchronization3. IPAM stands for IP Address Management, which is a method for planning, tracking, and managing the IP address space used in a network. IPAM does not provide any functionality for time synchronization. SNMP stands for Simple Network Management Protocol, which is a protocol for collecting and organizing information about managed devices on a network. SNMP can be used to monitor the performance, availability, configuration, and security of network devices, but it does not provide any functionality for time synchronization.

Correct Answer: AE

Correct Answer: B

Explanation: Enable MFA with a one-time password. MFA stands for multi-factor authentication, which is a method of verifying a user's identity by requiring two or more forms of authentication. A one-time password (OTP) is a code that is generated randomly and valid only for a short period of time. By enabling MFA with OTP, the administrator can make access to the SaaS email more secure without changing the password policy, as users will need to provide both their password and an OTP to sign in.