- (Topic 1)
A systems administrator wants to have near-real-time information on the volume of data being exchanged between an application server and its clients on the Internet.
Which of the following should the systems administrator implement to achieve this objective?

1. A. A stateful firewall
2. B. DLP
3. C. DNSSEC
4. D. Network flows

Correct Answer: D
Network flows are records of network traffic that capture information such as source and destination IP addresses, ports, protocols, timestamps, and byte and packet counts. Network flows can provide near-real-time information on the volume of data being exchanged between a system and its clients on the Internet, as they can measure and monitor the amount and rate of network traffic for each connection or session. Network flows can also help analyze network performance, troubleshoot network issues, and detect network anomalies or security incidents. A systems administrator should implement network flows to achieve the objective of having near-real-time information on the volume
of data being exchanged between an application server and its clients on the Internet. References: CompTIA Cloud+ Certification Exam Objectives, page 16, section 3.2

- (Topic 4)
Which of the following provides groups of compute units that can horizontally scale according to a workload?

1. A. Orchestrated container environment
2. B. Cloud-reserved instances
3. C. Autoscaling
4. D. Cloud bursting

Correct Answer: C
Autoscaling is a feature that allows groups of compute units to horizontally scale according to a workload or predefined rules. Autoscaling can increase or decrease the number of compute units dynamically based on metrics such as CPU utilization, memory usage, network traffic, or user demand. Autoscaling can improve performance, availability, and cost-efficiency of cloud applications.
References: [CompTIA Cloud+ Study Guide], page 75.

- (Topic 3)
A company is using an laaS environment. Which of the following licensing models would BEST suit the organization from a financial perspective to implement scaling?

1. A. Subscription
2. B. Volume-based
3. C. per user
4. D. Socket-based

Correct Answer: B
A volume-based licensing model is a licensing model that charges the customer based on the amount of data or resources that they consume or use. A volume- based licensing model is suitable for an laaS (Infrastructure as a Service) environment, as it allows the customer to pay only for what they need and scale up or down as their demand changes. A volume-based licensing model can provide financial benefits for the customer, such as lower upfront costs, greater flexibility, and more predictable billing.

- (Topic 3)
A cloud administrator has deployed several VM instances that are running the same applications on VDI nodes. Users are reporting that a role instance is looping between STARTED, INITIALIZING, BUSY, and stop. Upon investigation, the cloud administrator can see the status changing every few minutes. Which of the following should be done to resolve the issue?

1. A. Reboot the hypervisor.
2. B. Review the package and configuration file.
3. C. Configure service healing.
4. D. Disable memory swap.

Correct Answer: B
The best way to resolve the issue where a role instance is looping between STARTED, INITIALIZING, BUSY, and STOP after deploying several VM instances that are running the same applications on VDI nodes is to review the package and configuration file. The package and configuration file are the components that define the application and its settings for the VM instances. The package contains the application code, binaries, and dependencies, while the configuration file contains the parameters, values, and settings for the application. Reviewing these components can help identify and fix any errors or inconsistencies that may cause the role instance to loop or fail. Reference: CompTIA Cloud+ Certification Exam Objectives, Domain 4.0 Troubleshooting, Objective 4.4 Given a scenario, troubleshoot deployment issues.

- (Topic 3)
A cloud administrator has deployed a website and needs to improve the site security to meet requirements. The website architecture is designed to have a DBaaS in the back end and autoscaling instances in the front end using a load balancer to distribute the request. Which of the following will the cloud administrator MOST likely use?

1. A. An API gateway
2. B. An IPS/IDS
3. C. A reverse proxy
4. D. A WAF

Correct Answer: D
A WAF (web application firewall) is a type of firewall that protects web applications from common web-based attacks, such as SQL injection, cross-site scripting, and denial-of- service. A WAF can be deployed on the load balancer or on the web servers to filter and block malicious requests before they reach the application or the database. A WAF is the most likely option to improve the site security in this scenario, as it can prevent attacks that target the web application layer.
References:
✑ Web Application Firewall (WAF) - AWS WAF, AWS Firewall Manager, and AWS Shield Advanced
✑ What is a Web Application Firewall (WAF)?
✑ Web Application Firewall (WAF) - Oracle Cloud Infrastructure