After announcing a big sales promotion, an e-commerce company starts to experience a slow response on its platform that is hosted in a public cloud. When checking the resources involved, the systems administrator sees the following consumption: Considering all VMs were built from the same templates, which of the following actions should the administrator perform FIRST to speed up the response of the e-commerce platform?
Correct Answer: D
Spinning up a new web server is what the administrator should perform first to speed up the response of the e-commerce platform that is hosted in a public cloud and starts to experience a slow response after announcing a big sales promotion. A web server is a system or service that hosts and delivers web content, such as web pages, images, videos, etc., to clients over a network or internet connection. A web server can affect the response of an e-commerce platform by determining how fast it can process and serve web requests or responses from clients. Spinning up a new web server can speed up the response of an e-commerce platform by providing benefits such as: Scalability: Spinning up a new web server can increase the scalability of the e-commerce platform by adding more capacity or resources to handle the increased demand or load caused by the sales promotion, without affecting the existing web servers. Performance: Spinning up a new web server can improve the performance of the e-commerce platform by reducing the latency or overhead of processing and serving web requests or responses from clients, which may cause delays or errors.
CV0-003 Exam Question 92
A system administrator has provisioned a new web server. Which of the following, in combination, form the best practice to secure the server's OS? (Choose three.)
Correct Answer: A,D,E
These are the best practices to secure the OS of a new web server that has been provisioned in a cloud environment: Install TLS certificates on the server: TLS (Transport Layer Security) certificates are digital documents that contain information such as identity, public key, expiration date, etc., that can be used to prove one's identity and establish secure communication over a network. Installing TLS certificates on the web server can encrypt and secure web traffic between the server and the clients, as well as prevent spoofing or impersonation attacks. Disable password authentication: Password authentication is a method of verifying and authenticating users or devices based on passwords or other credentials. Password authentication can be insecure or vulnerable to attacks such as brute force, dictionary, phishing, etc., especially if passwords are weak, reused, or compromised. Disabling password authentication can enhance security by preventing unauthorized or malicious access to the web server using passwords. Enable SSH key access only: SSH key access is a method of verifying and authenticating users or devices based on digital keys issued by a trusted authority. SSH key access can provide more security and convenience than password authentication, as it does not require users or devices to remember or enter passwords every time they access the web server. Enabling SSH key access only can ensure that only authorized or trusted users or devices can access the web server using keys.
CV0-003 Exam Question 93
Which of the following would be the BEST option for discussion of what individuals should do in an incident response or disaster recovery scenario?
Correct Answer: C
A tabletop exercise is the best option for discussion of what individuals should do in an incident response or disaster recovery scenario. A tabletop exercise is a simulated scenario that involves key stakeholders and decision-makers who review and discuss their roles and responsibilities in response to an emergency situation or event. A tabletop exercise can help to test and evaluate plans, procedures, policies, training, and communication.
CV0-003 Exam Question 94
Which of the following actions should a systems administrator perform during the containment phase of a security incident in the cloud?
Correct Answer: B
Configuring a firewall rule to block the traffic on the affected instance is what the administrator should perform during the containment phase of a security incident in the cloud. A security incident is an event or situation that affects or may affect the confidentiality, integrity, or availability of cloud resources or data. A security incident response is a process of managing and resolving a security incident using various phases, such as identification, containment, eradication, recovery, etc. The containment phase is where the administrator tries to isolate and prevent the spread or escalation of the security incident. Configuring a firewall rule to block the traffic on the affected instance can help to contain a security incident by cutting off any communication or interaction between the instance and other systems or networks, which may stop any malicious or unauthorized activity or access.
CV0-003 Exam Question 95
A company is concerned about the security of its data repository that contains customer PII. A systems administrator is asked to deploy a security control that will prevent the exfiltration of such dat a. Which of the following should the systems administrator implement?
Correct Answer: A
Reference: Implementing DLP (Data Loss Prevention) is the best solution to prevent the exfiltration of customer PII (Personally Identifiable Information) from a data repository. DLP is a security control that monitors, detects, and blocks sensitive data from leaving or being accessed by unauthorized parties. DLP can be applied at different levels, such as network, endpoint, storage, or cloud. DLP can help to protect customer PII from being leaked, stolen, or compromised.
