Question 1

Which of the following should be considered to ensure the availability of data that is accessed across multiple sites? (Choose two.)

Accepted Answer

The answer of Which of the following should be considered...

Question 2

Which of the following is a benefit of microservice applications in a cloud environment?

Accepted Answer

The answer of Which of the following is a benefit...

Question 3

Which of the following results from implementing a proprietary SaaS solution when an organization does not ensure the solution adopts open standards? (Choose two.)

Accepted Answer

Vendor lock-in occurs when an organization becomes dependent on a single vendor for a proprietary solution, making it difficult to switch to another vendor. Integration issues can arise when a proprietary SaaS solution does not adopt open standards, making it difficult to integrate with other systems and applications.

Question 4

Which of the following security concerns is BEST addressed by moving systems to the cloud?

Accepted Answer

Cloud providers typically offer high availability solutions with redundant systems and data centers, which can enhance the availability of systems compared to on-premises solutions.

Question 5

When designing a new cloud-enabled application, an organization that is considering RTO and RPO is MOST likely concerned about:

Accepted Answer

RTO (Recovery Time Objective) and RPO (Recovery Point Objective) are metrics used in disaster recovery planning to determine acceptable downtime and data loss in the event of a disaster.

Question 6

Which of the following is an example of multifactor authentication?

Accepted Answer

Multifactor authentication requires two or more different types of factors for authentication, such as something you know (PIN) and something you have (SMS message to a phone).

Question 7

Before conducting a cloud migration, a compliance team requires confirmation that sensitive data will remain close to their users. Which of the following will meet this requirement during the cloud design phase?

Accepted Answer

The answer of Before conducting a cloud migration, a compliance...

Question 8

Which of the following can be used to achieve automation, environment consistency, and standardization of computer resources in a cloud environment?

Accepted Answer

Infrastructure as code (IaC) allows for the automation, consistency, and standardization of computer resources by managing and provisioning infrastructure through code, making it ideal for cloud environments.

Question 9

Which of the following BEST explains the concept of RTOs for restoring servers to operational use?

Accepted Answer

RTO (Recovery Time Objective) refers to the target time set for the recovery of IT and business activities after a disaster has struck, ensuring that the server is operational within a specific timeframe.

Question 10

An incident response team requires documentation for an email phishing campaign against a company's email server. Which of the following is the BEST resource to use to start the investigation?

Accepted Answer

Audit and system logs provide detailed records of email server activities, which are crucial for investigating a phishing campaign.

Question 11

Which of the following storage types will BEST allow data to be backed up and retained for long periods of time?

Accepted Answer

Object storage is designed for scalability and durability, making it ideal for long-term data retention and backup.

Question 12

Which of the following metrics defines how much data loss a company can tolerate?

Accepted Answer

RPO (Recovery Point Objective) defines the maximum acceptable amount of data loss measured in time, indicating how far back in time the company can go to recover data after a disruption.

Question 13

For security reasons, a cloud service that can be accessed from anywhere would make BEST use of:

Accepted Answer

Multifactor authentication enhances security by requiring multiple forms of verification, making it harder for unauthorized users to access the cloud service from anywhere.

Question 14

Which of the following would be expected from a security consultant who has been hired to investigate a data breach of a private cloud instance?

Accepted Answer

An incident report is a detailed account of the data breach investigation, including findings, actions taken, and recommendations, which is typically expected from a security consultant.

Question 15

Which of the following are aspects of cloud data availability? (Choose two.)

Accepted Answer

Zones and geo-redundancy are aspects of cloud data availability, as they ensure data is accessible even in case of failures or regional outages.

Question 16

Which of the following would help a company avoid failure of a cloud project due to a lack of adherence of the company's operations and business processes to a cloud solution?

Accepted Answer

Cloud managed services can help a company avoid failure of a cloud project due to a lack of adherence of the company's operations and business processes to a cloud solution by providing expertise and support in managing and operating cloud infrastructure and applications.

Question 17

Which of the following is the BEST approach to optimize data security in an IaaS migration of data to the cloud?

Accepted Answer

The answer of Which of the following is the BEST...

Question 18

A startup company wants to use a CRM application to manage its sales and support organizations. The company does not have any IT staff. Which of the following cloud computing models is MOST appropriate for this company to use?

Accepted Answer

SaaS (Software as a Service) is the most appropriate model for a company without IT staff, as it provides ready-to-use applications over the internet without the need for managing infrastructure or platforms.

Question 19

Which of the following stores transactions in a distributed ledger of which all users have a copy?

Accepted Answer

Blockchain is a technology that stores transactions in a distributed ledger, where all users have access to a copy of the ledger.

Question 20

A company wants to deploy an application in a public cloud. Which of the following service models gives the MOST responsibility to the provider?

Accepted Answer

SaaS (Software as a Service) gives the most responsibility to the provider, as the provider manages the entire application stack, including the infrastructure, platform, and software.

Exam 4: CompTIA Advanced Security Practitioner (CASP+) CAS-004