Free CompTIA Cloud+ (CV0-004) Practice Questions

Sample CV0-004 Practice Questions

Browse all 33 free CompTIA Cloud+ practice questions below.

1. A company is migrating its on-premises infrastructure to a multi-cloud environment spanning AWS and Azure. The architecture must support automatic failover between clouds, maintain consistent network performance, and provide centralized management. The solution should minimize vendor lock-in while ensuring high availability. Which architectural approach BEST meets these requirements?

   • Deploy identical workloads in both clouds using Kubernetes with a multi-cluster service mesh, implementing DNS-based global load balancing for automatic failover
   • Use AWS Direct Connect and Azure ExpressRoute to create a hybrid network, deploying primary workloads in AWS and standby replicas in Azure with manual failover procedures
   • Implement cloud-native services from each provider (AWS Lambda, Azure Functions) with proprietary orchestration tools and cross-cloud replication
   • Deploy a single cloud management platform that abstracts both AWS and Azure, using VPN tunnels for connectivity and periodic data synchronization

2. A cloud architect is designing a highly available web application that must handle traffic spikes during peak business hours while minimizing costs during off-peak periods. The application requires load balancing across multiple availability zones and automatic scaling based on CPU utilization. Which combination of cloud services BEST meets these requirements?

   • Deploy instances across multiple regions with DNS-based failover and fixed capacity reservation
   • Implement a Content Delivery Network (CDN) with origin servers running at maximum capacity in a single region
   • Deploy an Application Load Balancer (ALB) across multiple availability zones with an auto-scaling group configured for target tracking scaling policy based on average CPU utilization
   • Use a single Network Load Balancer (NLB) in one availability zone with manually configured instance scaling based on scheduled actions

3. A cloud architect is designing a multi-tier web application that requires high availability across multiple availability zones. The application includes a web tier, application tier, and database tier. The company requires automatic failover and the ability to survive the loss of an entire availability zone. Which architectural approach BEST meets these requirements?

   • Deploy all tiers in a single availability zone with automated backups to another zone
   • Deploy the web and application tiers in one zone and the database tier in another zone
   • Deploy each tier across multiple availability zones with load balancers distributing traffic and database replication
   • Use auto-scaling groups in a single zone with cross-region replication

4. A cloud operations team needs to implement a monitoring solution that provides real-time visibility into application performance, infrastructure metrics, and distributed tracing across microservices. The solution must support automated alerting based on custom thresholds and anomaly detection. Which observability components should be implemented? (Choose THREE.)

   • Time-series metrics database with dashboard visualization
   • Static code analysis tools integrated into the CI/CD pipeline
   • Centralized logging aggregation with structured log parsing
   • Network packet capture tools for deep protocol analysis
   • Distributed tracing system to track requests across microservices

5. An organization's cloud infrastructure is experiencing intermittent performance degradation during business hours. The operations team has collected metrics showing CPU utilization at 45%, memory at 60%, and network bandwidth at 30% during the slowdowns. Application logs show increased database query times. What is the MOST likely root cause?

   • Network bandwidth saturation preventing data transfer
   • Insufficient compute resources causing CPU bottlenecks
   • Memory leaks causing application instability
   • Database performance issues such as missing indexes or inefficient queries

6. A cloud administrator needs to implement auto-scaling for a web application that experiences predictable traffic patterns with sharp spikes during business hours (9 AM - 5 PM) and promotional events. The application requires 2 minutes to initialize new instances. Which auto-scaling strategy provides the BEST balance of cost-efficiency and performance?

   • Reactive scaling based on CPU utilization threshold of 70%
   • Predictive scaling based on machine learning models analyzing historical traffic patterns
   • Scheduled scaling to pre-provision capacity before business hours combined with reactive scaling for promotional events
   • Maintain maximum capacity at all times to ensure instant availability

7. A company's cloud application is deployed across three availability zones using a load balancer. Users in one geographic region report slow response times while others report normal performance. Network monitoring shows equal traffic distribution across all zones and normal latency between zones. What troubleshooting step should be performed FIRST?

   • Restart all instances in the affected availability zones to clear potential issues
   • Check DNS resolution and CDN edge location coverage for the affected geographic region
   • Modify the load balancer algorithm to use least-connection routing
   • Increase the instance size across all availability zones to improve processing capacity

8. A DevOps team is implementing Infrastructure as Code (IaC) for cloud resource provisioning. They need to ensure that infrastructure changes are tested, reviewed, and auditable before deployment. Which operational practices should be implemented? (Choose TWO.)

   • Grant all developers direct access to production infrastructure for rapid deployment
   • Store IaC templates in version control with branch protection and pull request workflows
   • Implement automated testing of IaC templates in staging environments before production deployment
   • Store sensitive credentials and API keys directly in IaC template files for convenience

9. A cloud operations team receives alerts that a containerized application's memory usage is steadily increasing over time, eventually causing pod evictions and restarts. The application functions correctly immediately after restart but the pattern repeats. What is the MOST likely cause and appropriate remediation?

   • Application memory leak; perform application profiling to identify and fix the leak in code
   • Insufficient memory allocation; increase the pod memory limits
   • Network congestion causing memory buffer overflow; increase network bandwidth
   • Kubernetes scheduler misconfiguration; adjust scheduling policies for better resource distribution

10. An organization needs to implement a disaster recovery strategy for their critical cloud workloads. The business requires RPO (Recovery Point Objective) of 1 hour and RTO (Recovery Time Objective) of 4 hours. Which backup and recovery approach BEST meets these requirements?

    • Hourly incremental backups with 4-hour restoration testing and documented recovery procedures
    • Daily full backups with weekly off-site replication
    • Continuous data replication to a secondary region with automated failover capabilities
    • Weekly full backups with transaction log backups every 6 hours

11. A cloud application using a message queue service is experiencing message processing delays during peak traffic. The queue depth metrics show messages accumulating faster than they are being processed, but consumer instances report only 40% CPU utilization. What is the MOST likely bottleneck?

    • Insufficient consumer instances to handle the message volume
    • Consumer instances experiencing CPU resource exhaustion
    • Message queue service throttling due to exceeded throughput limits
    • Network bandwidth saturation preventing message retrieval

12. A company is implementing cloud resource tagging for cost allocation, compliance tracking, and automation purposes. Which tagging strategies represent best practices? (Choose THREE.)

    • Enforce mandatory tags through policy automation that prevents resource creation without required tags
    • Use consistent naming conventions with standardized tag keys across all resources and teams
    • Include tags for cost center, environment, owner, and application to enable multi-dimensional analysis
    • Allow each team to create custom tag keys as needed without central governance
    • Store sensitive information like passwords and API keys in resource tags for easy reference

13. An operations team is troubleshooting intermittent connection timeouts between a cloud application and its database. The timeouts occur randomly throughout the day with no correlation to load. Network path testing shows normal latency and no packet loss. Database performance metrics are normal. What should be investigated NEXT?

    • Database connection pool exhaustion or misconfiguration
    • Firewall rules blocking specific database ports intermittently
    • Application server memory exhaustion causing process crashes
    • Insufficient database storage capacity causing intermittent failures

14. A cloud architect is designing a monitoring and alerting strategy for a multi-tier application. The strategy must minimize alert fatigue while ensuring critical issues are escalated immediately. Which alerting approaches should be implemented? (Choose TWO.)

    • Use tiered alerting with severity levels and escalation paths based on business impact
    • Implement alert suppression and dependencies to prevent cascading alerts from related infrastructure failures
    • Configure alerts for every metric threshold to ensure complete visibility
    • Send all alerts to the entire engineering team to maximize awareness

15. A containerized application is experiencing sporadic failures with pods reporting 'CrashLoopBackOff' status. Container logs show the application starts successfully but crashes after 30-60 seconds with out-of-memory errors, despite memory limits being set appropriately for the application's normal operation. What is the MOST likely cause?

    • Memory leak in application code or unexpected memory consumption from dependencies during startup
    • Kubernetes scheduler overcommitting node memory resources
    • Liveness probe configured with insufficient startup time, terminating the pod during initialization
    • Memory limits set too low for application requirements

16. An organization needs to implement patch management for their cloud infrastructure that balances security requirements with application availability. The infrastructure includes production, staging, and development environments. Which patching strategy provides the BEST approach?

    • Enable automatic patching with immediate deployment to minimize security exposure time
    • Deploy patches to development first, then staging for validation, then production using rolling updates
    • Apply all patches simultaneously to all environments during a monthly maintenance window
    • Disable automatic patching and apply patches manually only when security vulnerabilities are discovered

17. A cloud application is experiencing degraded performance during database maintenance windows. Investigation shows that read replicas are being used, but queries are still being routed to the primary database during maintenance. Application logs show no database connection errors. What configuration issue is MOST likely causing this problem?

    • Database replication lag is preventing read replicas from serving queries
    • Application connection string or ORM configuration is not configured to use read replica endpoints
    • Network firewall rules are blocking access to read replica ports
    • Read replicas are not configured with sufficient capacity to handle the read load

18. An operations team is implementing a runbook automation system to handle common operational tasks and incident response. Which elements are essential for effective runbook automation? (Choose THREE.)

    • Idempotent operations that can be safely executed multiple times without unintended side effects
    • Comprehensive logging and audit trails of all automated actions taken
    • Error handling and rollback capabilities when automated operations fail
    • Hard-coded credentials and API keys in runbook scripts for convenience
    • Manual approval gates for all automated operations to prevent unauthorized changes

19. A DevOps team is implementing a CI/CD pipeline for cloud application deployment. The pipeline must include automated testing, security scanning, and deployment across multiple environments. Which pipeline stages should be included in the correct order?

    • Source → Security Scan → Build → Deploy to Production → Deploy to Staging → Test
    • Source → Build → Test → Security Scan → Deploy to Staging → Deploy to Production
    • Source → Deploy to Production → Test → Security Scan → Build
    • Build → Source → Security Scan → Deploy to Production → Test

20. A cloud architect is designing a hybrid cloud architecture that requires seamless connectivity between on-premises data centers and cloud resources. The solution must provide private, high-bandwidth connectivity with predictable latency. Which connectivity option BEST meets these requirements?

    • Public internet connectivity with SSL/TLS encryption
    • Site-to-site VPN over the public internet
    • Dedicated private connection through a cloud provider's direct connect service
    • Multiple VPN connections with load balancing for redundancy

21. An organization is adopting Infrastructure as Code (IaC) and needs to choose between declarative and imperative approaches. Which characteristics describe declarative IaC? (Choose TWO.)

    • Describes the desired end state of infrastructure without specifying step-by-step procedures
    • Automatically handles dependencies and determines the order of resource creation
    • Requires explicit scripts defining each step to create and configure resources
    • Executes commands sequentially in the exact order written in the script

22. A company needs to design a cloud architecture that supports applications with different compliance requirements. Financial data must remain in specific geographic regions, while general application data can be stored globally. Which architectural approach BEST addresses these requirements?

    • Use client-side encryption for all data to eliminate geographic storage restrictions
    • Implement data classification and use region-specific storage for regulated data with geo-replication for general data
    • Deploy all applications and data in a single region with the strictest compliance requirements
    • Store all data in a globally distributed database with automatic replication to all regions

23. A DevOps team needs to implement secrets management for their cloud applications. Multiple applications require access to different sets of credentials, API keys, and certificates. Which secrets management practices should be implemented? (Choose THREE.)

    • Enable automatic secret rotation with applications configured to retrieve current secrets dynamically
    • Store secrets in a centralized secrets management service with encryption at rest and in transit
    • Share a single master secret across all applications to simplify management
    • Store secrets in environment variables defined in container images for convenience
    • Implement least privilege access with IAM policies controlling which applications can access specific secrets

24. A cloud architect is designing a serverless application architecture that processes uploaded files, performs data transformation, and stores results in a database. The solution must be event-driven and cost-effective. Which architectural components should be used?

    • Virtual machines polling object storage → Application server → Database
    • Object storage with event notification → Serverless function → Database
    • Message queue with dedicated consumer instances → Processing service → Database
    • Kubernetes cluster with continuous polling service → Container processing → Database

25. An organization is implementing continuous integration and needs to optimize build pipeline performance. Builds are taking 20 minutes, with 15 minutes spent on dependency downloads. Which CI/CD optimization techniques should be applied? (Choose TWO.)

    • Disable all automated tests to reduce pipeline execution time
    • Implement dependency caching to reuse previously downloaded packages across builds
    • Use a private package repository mirror to reduce download latency and bandwidth usage
    • Run all builds sequentially on a single build agent to maintain consistency

26. A company is designing a multi-region cloud architecture for disaster recovery. The business requires the ability to failover to a secondary region within 2 hours with minimal data loss. Which disaster recovery pattern BEST meets these requirements?

    • Warm Standby: Scaled-down infrastructure running in secondary region with continuous data replication
    • Backup and Restore: Regular backups stored in secondary region
    • Multi-Site Active-Active: Full production infrastructure running in both regions simultaneously
    • Pilot Light: Minimal infrastructure running in secondary region with data replication

27. A DevOps team is implementing GitOps principles for Kubernetes deployments. Which practices are essential to GitOps implementation? (Choose THREE.)

    • Centralized CI/CD server with push access to all production clusters
    • Direct kubectl commands to production clusters for rapid deployment
    • Declarative infrastructure and application definitions stored in Git repositories
    • Automated synchronization agents that reconcile cluster state with Git repository state
    • Pull-based deployment model where clusters pull configurations from Git rather than external push

28. A cloud architect is designing a network architecture for a multi-tier application with strict security requirements. Web tier must be publicly accessible, application tier should only accept traffic from web tier, and database tier should only accept traffic from application tier. Which network design achieves this?

    • All tiers in public subnets with host-based firewalls controlling access
    • Private subnets for all tiers with VPN access required for all connections
    • Public subnet for web tier, private subnets for application and database tiers with security groups enforcing tier-to-tier rules
    • Single subnet with security groups controlling traffic between tier instances

29. An organization needs to implement blue-green deployment for their cloud application to enable zero-downtime updates with quick rollback capability. Which components are required for effective blue-green deployment? (Choose TWO.)

    • Automated smoke tests and health checks to validate green environment before traffic switch
    • Gradual traffic shifting with canary analysis over several hours
    • In-place updates applied simultaneously to all running instances
    • Two identical production environments (blue and green) with load balancer for traffic switching

30. A company is migrating applications to the cloud and needs to decide between a microservices architecture and a monolithic architecture. Which factors favor adopting microservices? (Choose THREE.)

    • Need for independent scaling of different application components based on varying load patterns
    • Requirement for technology diversity with different services using optimal languages and frameworks
    • Small startup team with limited DevOps experience and resources
    • Simple application with low complexity and infrequent changes
    • Large development teams that would benefit from working on independent services simultaneously

31. A DevOps team needs to implement configuration management for their cloud infrastructure. The solution must ensure consistency across environments, enable auditing, and support compliance requirements. Which approach provides the BEST solution?

    • Infrastructure as Code with version control, automated testing, and compliance policy enforcement
    • Manual configuration with documentation wiki for tracking changes
    • Configuration management database (CMDB) with manual approval for all changes
    • Automated scripts stored on local development machines

32. A cloud architect is designing an API gateway architecture to manage microservices. The solution must provide authentication, rate limiting, request routing, and API versioning. Which API gateway capabilities are essential? (Choose THREE.)

    • Centralized authentication and authorization with token validation
    • Rate limiting and throttling to protect backend services from overload
    • Request transformation and protocol translation between clients and backend services
    • Direct database access for improved query performance
    • Business logic implementation for complex data processing

33. An organization is implementing continuous deployment and needs to ensure code quality before production release. Which quality gates should be integrated into the CD pipeline? (Choose THREE.)

    • Automated unit and integration tests with minimum code coverage thresholds
    • Manual code review by senior architect for every commit
    • Production deployment on Fridays to maximize weekend debugging time
    • Static code analysis and security scanning to detect vulnerabilities and code quality issues
    • Smoke tests in staging environment to validate basic functionality before production