- (Topic 1)
A cloud administrator needs to implement a mechanism to monitor the expense of the company’s cloud resources.
Which of the following is the BEST option to execute this task with minimal effort?

1. A. Ask the cloud provider to send a daily expense report
2. B. Set custom notifications for exceeding budget thresholds
3. C. Use the API to collect expense information from cloud resources
4. D. Implement a financial tool to monitor cloud resource expenses

Correct Answer: B
Setting custom notifications for exceeding budget thresholds is the best option to execute the task of monitoring the expense of the company’s cloud resources with minimal effort, as it can automate and simplify the process of tracking and alerting the cloud administrator about any overspending or wastage of cloud resources. Setting custom notifications can also help optimize the cost and performance of cloud resources, as it can enable timely and proactive actions to adjust or optimize the resource allocation or consumption based on the budget limits. References: CompTIA Cloud+ Certification Exam Objectives, page 13, section 2.5

- (Topic 2)
A cloud administrator is building a new VM for machine-learning training. The developer requesting the VM has stated that the machine will need a full GPU dedicated to it.
Which of the following configuration options would BEST meet this requirement?

1. A. Virtual GPU
2. B. External GPU
3. C. Passthrough GPU
4. D. Shared GPU

Correct Answer: C
Reference: https://blogs.vmware.com/apps/2018/09/using-gpus-with-virtual-machines-on- vsphere-part-2-vmdirectpath-i-o.html
Passthrough GPU is a configuration option that allows a VM to access a physical GPU directly without any virtualization layer or sharing mechanism. This provides the VM with full and exclusive access to the GPU resources and performance. Passthrough GPU is suitable for applications that require intensive graphics processing or machine learning training.

- (Topic 3)
An enterprise recently upgraded the memory of its on-premises VMs from 8GB to 16GB. However, users are not experiencing any performance benefit. Which of the following is the MOST likely reason?

1. A. Insufficient memory on the hypervisor
2. B. Operating system memory limit
3. C. Memory mismatch error
4. D. Dynamic memory allocation

Correct Answer: B
The most likely reason why users are not experiencing any performance benefit after upgrading the memory of their on-premises VMs is that the operating system has a memory limit that prevents it from using more than 8GB of RAM. This could be due to the operating system version, edition, or configuration. The systems administrator should check the operating system settings and requirements and adjust them accordingly to allow the VMs to use the full 16GB of RAM. Reference: CompTIA Cloud+ Certification Exam Objectives, Domain 4.0 Troubleshooting, Objective 4.3 Given a scenario, troubleshoot capacity issues within a cloud environment.

- (Topic 4)
An organization is deploying development, quality assurance, and production environments with equal numbers of IP addresses to the cloud. The IP address range provided is 10.168.0.0/24, and it needs to be terminated on a firewall. Which of the following IP subnets and firewall IPS should be used for one of the environments?

1. A. 10.168.0.0/26 and 10.168.0.63
2. B. 10.168.0.64/26 and 10.168.0.64
3. C. 10.168.0.128/26 and 10.168.0.190
4. D. 10.168.0.128/26 and 10.168.0.194
5. E. 10.168.0.192/26 and 10.168.0.191

Correct Answer: A
The IP address range 10.168.0.0/24 can be divided into four equal subnets of 64 addresses each by using a /26 mask. The subnets are 10.168.0.0/26, 10.168.0.64/26, 10.168.0.128/26, and 10.168.0.192/26. The last address in each subnet is the broadcast address, and the second-last address can be used as the gateway address for that subnet. Therefore, one of the possible subnets and firewall IPs for one of the environments is 10.168.0.0/26 and 10.168.0.63.
References: [CompTIA Cloud+ Study Guide], page 178.

- (Topic 3)
A cloud administrator is configuring several security appliances hosted in the private laaS environment to forward the logs to a central log aggregation solution using syslog. Which of the following firewall rules should the administrator add to allow the web servers to connect to the central log collector?

1. A. Allow UDP 161 outbound from the web servers to the log collector .
2. B. Allow TCP 514 outbound from the web servers to the log collector.
3. C. Allow UDP 161 inbound from the log collector to the web servers .
4. D. Allow TCP 514 inbound from the log collector to the web servers .

Correct Answer: B
As mentioned in the question, the security appliances are using syslog to forward the logs to a central log aggregation solution. According to the web search results, syslog is a protocol that runs over UDP port 514 by default, or TCP port 6514 for secure and reliable transport1. However, some implementations of syslog can also use TCP port 514 for non-secure transport2. Therefore, to allow the web servers to connect to the central log collector using syslog over TCP, the firewall rule should allow TCP 514 outbound from the web servers to the log collector.