An administrator needs to provide a backup solution for a cloud infrastructure that enables the resources to run from another data center in case of a outage. Connectivity to the backup data center is via a third-party, untrusted network. Which of the following is the most important feature required for this solution?
Correct Answer:
D
When backing up data that will traverse a third-party, untrusted network, encryption is the most important feature to ensure the confidentiality and integrity of the data. Encryption will protect the data from potential interception or tampering during transit to the backup data center. References: CompTIA Cloud+ Guide to Cloud Computing (ISBN: 978-1-64274-282-2)
Which of the following provides secure, private communication between cloud environments without provisioning additional hardware or appliances?
Correct Answer:
B
VPC peering provides secure, private communication between cloud environments without the need for provisioning additional hardware or appliances. It allows direct network connectivity between two Virtual Private Clouds (VPCs), enabling resources in either VPC to communicate with each other using private IP addresses.References: Cloud networking options such as VPC peering and its benefits are included in the networking concepts of cloud environments in the CompTIA Cloud+ certification.
Which of the following can reduce the risk of CI/CD pipelines leaking secrets?
Correct Answer:
A
Protected Git branches help reduce the risk of CI/CD pipelines leaking secrets by imposing restrictions on who can commit to the branches, enforce status checks before merging, and prevent unauthorized access or changes to sensitive information, such as API keys, passwords, and secret tokens. This ensures that only approved changes can be made to the codebase, and sensitive information is safeguarded.
A cloud engineer is developing an operating expense report that will be used to purchase various cloud billing models for virtual machine instances. The cloud billing model must meet the following requirements:
• The instance cannot be ephemeral.
• The minimum life cycle of the instance is expected to be five years.
• The software license is charged per physical CPU count.
Which of the following models would best meet these requirements?
Correct Answer:
D
Reserved resources, or Reserved Instances, are ideal for workloads with predictable usage and a long-term commitment, such as a minimum lifecycle of five years. This model allows for significant cost savings compared to on-demand pricing, and the instance is not ephemeral, meaning it persists and is dedicated to the user for the duration of the reservation. The licensing charged per physical CPU count aligns with dedicated host or reserved instance models, but the long-term commitment points more towards reserved resources.
A video surveillance system records road incidents and stores the videos locally before uploading them to the cloud and deleting them from local storage. Which of the following best describes the nature of the local storage?
Correct Answer:
B
The nature of the local storage in a video surveillance system that records road incidents and stores the videos locally before uploading them to the cloud and deleting them from local storage is ephemeral. Ephemeral storage is temporary and is designed to provide short-term storage for information that changes frequently or is not meant to be persistent. References: CompTIA Cloud+ Study Guide (Exam CV0-004) - Chapter on Cloud Storage Options