SkillTestPro | CompTIA Cloud+ Practice Test 7

CompTIA Cloud+ Practice Test 7

CompTIA Cloud+ Exam Practice Test

1 / 20

A cloud provider reports unexpectedly high serverless compute costs. What is the most likely cause?

Misconfigured horizontal scaling

Excessive API gateway calls

High outbound egress traffic

Unoptimized function execution time

Overutilized object storage

2 / 20

A company using cloud-based SD-WAN notices inconsistent performance across global offices. What is the best optimization strategy?

Increase VPN connection limits

Implement reverse proxy caching

Enable dynamic path selection

Reduce number of VLANs

Deploy IPv6 dual-stack networking

3 / 20

A multinational company unknowingly stores customer data in a region that violates local data sovereignty laws. What is the best immediate action?

Implement data tokenization

Enable cloud encryption at rest

Restrict access using IAM policies

Deploy additional firewall rules

Migrate the data to a compliant region

4 / 20

A company deploying IoT sensors experiences high latency when processing data in the cloud. What is the best solution?

Increase network bandwidth

Reduce IoT data transmission intervals

Enable hybrid cloud bursting

Move workloads to edge computing nodes

Deploy a cloud-based CDN

5 / 20

A cloud-based BGP (Border Gateway Protocol) hijacking attack is causing traffic redirection. What is the most effective countermeasure?

Increase VPN encryption strength

Deploy additional DNSSEC controls

Reduce TTL on DNS records

Route Origin Validation (ROV)

Enable cloud-based MFA

6 / 20

Users logging in via federated identity to a multi-cloud environment report authentication failures. What is the most likely issue?

Cloud storage latency

Expired SAML assertion

Incorrect subnet mask

Firewall blocking LDAP traffic

API rate limit exceeded

7 / 20

A ransomware attack has encrypted critical cloud-hosted VM snapshots. What is the best recovery strategy?

Restore from immutable backups

Deploy additional security patches

Run a full antivirus scan

Increase cloud storage redundancy

Move infected VMs to a sandbox

8 / 20

A containerized microservices architecture is experiencing inter-service authentication failures after an update. What is the most likely issue?

TLS certificate mismatch

Inconsistent IAM roles

API token expiration

Service discovery misconfiguration

Overloaded message queue

9 / 20

An organization experiences frequent service outages despite the cloud provider's SLA guarantees. What should be done first?

Migrate workloads to another region

Deploy additional monitoring tools

Review the provider's status dashboard

Implement backup and disaster recovery

File an SLA claim

10 / 20

A serverless function is compromised and used to launch cryptomining attacks. What is the best mitigation?

Enable function-level logging

Increase CPU quotas

Deploy additional authentication layers

Implement execution time limits

Use hardware-based encryption

11 / 20

Why is immutable infrastructure considered a best practice for cloud security?

Prevents unauthorized system modifications

Increases API request throughput

Reduces cloud egress costs

Enhances multi-region failover

Improves database performance

12 / 20

Which is the biggest challenge in multi-cloud SIEM event correlation?

Excessive event retention

Limited API access

Log format inconsistency

High cloud egress costs

Role-based access conflicts

13 / 20

A cloud provider’s live migration of a virtual machine fails repeatedly. What is the most likely cause?

Incorrect DNS resolution

Unsupported guest OS

Insufficient IOPS allocation

Application compatibility issues

Overloaded hypervisor

14 / 20

An organization using a hybrid cloud notices data inconsistencies between on-prem and cloud storage. What is the most likely issue?

Inconsistent encryption algorithms

Network firewall misconfiguration

Insufficient cloud storage quota

Data synchronization lag

API version mismatch

15 / 20

Which cloud security control is most effective against zero-day exploits?

AI-driven anomaly detection

Signature-based intrusion detection

File integrity monitoring

Static malware analysis

Web content filtering

16 / 20

A DevSecOps team wants to embed security in their CI/CD pipeline. What is the best approach?

Implement Infrastructure as Code (IaC)

Use automated security testing tools

Restrict developer access to production

Enforce multi-factor authentication (MFA)

Implement cloud access logging

17 / 20

A security team is conducting incident response on a compromised cloud instance but cannot retrieve the deleted log files. What is the most likely issue?

Cloud provider does not support log recovery

Storage encryption prevents access

SIEM system failed to capture events

Logs were overwritten due to retention limits

IAM policies restricted access

18 / 20

A cloud SIEM is experiencing slow query performance due to excessive event ingestion. What should be optimized?

Reduce log verbosity

Enable data compression

Implement log sampling

Archive older logs

Increase cloud compute resources

19 / 20

A Cloud Access Security Broker (CASB) detects unauthorized data transfers to a third-party service. What is the most appropriate action?

Encrypt all outgoing traffic

Implement stricter IAM policies

Enable TLS 1.3 for all connections

Increase firewall rules

Block API access for non-compliant apps

20 / 20

A cloud-based SOC team is unable to retain security logs for more than 30 days. What is the most likely issue?

Misconfigured IAM policies

Insufficient storage tiering

Regulatory data retention violations

Log aggregation failure

Event deduplication over-processing

Your score is

The average score is 0%