Use VCE Exam Simulator to open VCE files
CV0-003 CompTIA Practice Test Questions and Exam Dumps
Question No 1:
An organization experienced a critical outage in its primary datacenter, prompting a failover to its disaster recovery (DR) site to maintain business continuity. The DR site successfully supported all business operations for one week while the primary site was undergoing repairs and recovery efforts. Now that the primary datacenter is fully restored and operational, the organization plans to switch operations back from the DR site to the primary site.
Before this failback can occur, the block-level storage at the primary site must be updated to reflect all the changes and data generated during the one-week period at the DR site. The organization wants to accomplish this with minimal downtime and as efficiently as possible.
Which of the following methods would be the MOST efficient approach to synchronize the block storage at the primary site with the current state of the DR site?
A. Set up replication.
B. Copy the data across both sites.
C. Restore incremental backups.
D. Restore full backups.
Correct Answer: A. Set up replication.
Explanation:
When resuming operations at the primary datacenter after running on a disaster recovery (DR) site, data synchronization is critical. The most efficient method to ensure the primary site is up to date with the latest data is setting up replication from the DR site back to the primary datacenter.
Replication allows for continuous or near-real-time data transfer at the block level. By enabling reverse replication from the DR site, changes that occurred during the DR operational period are propagated back to the primary datacenter without requiring a complete manual transfer or restoration. This method ensures minimal downtime and greatly reduces the risk of data inconsistency.
Other options, such as copying data across both sites (Option B), could be error-prone, manual, and time-consuming, especially when dealing with large volumes of block-level data. It also lacks automation and consistency checks, which increases operational risk.
Restoring incremental backups (Option C) might sound efficient, but it assumes that all relevant backups have been taken during the DR period and are intact. However, backup restoration typically involves more overhead, including validation, dependency checks, and possible service interruptions.
Restoring full backups (Option D) is the least efficient method in this context. It would require restoring an entire dataset and potentially overwriting newer data unless sophisticated filtering and restoration procedures are in place. This process is resource-intensive, slow, and not suitable for a scenario that demands a fast and reliable failback.
Therefore, Option A: Set up replication is the best choice, as it leverages technology designed specifically for efficient synchronization between active and standby sites. Once replication is complete and both sites are in sync, the organization can safely failback operations to the primary datacenter with minimal risk or delay.
Question No 2:
A cloud administrator has been tasked with provisioning a new virtual machine (VM) to support machine learning training workloads. The developer requesting the VM has specifically stated that high computational performance is essential, and the machine will require exclusive access to an entire GPU for optimal training efficiency. The environment supports different GPU virtualization and passthrough options.
Given this requirement, the cloud administrator must select the most suitable GPU configuration that ensures the VM has dedicated access to a full physical GPU, without sharing resources with other virtual machines or applications.
Which of the following configuration options would BEST fulfill this requirement?
A. Virtual GPU
B. External GPU
C. Passthrough GPU
D. Shared GPU
Correct Answer: C. Passthrough GPU
Explanation:
For workloads such as machine learning model training, performance and GPU resource availability are critical. These tasks are computationally intensive and often require full access to a high-performance GPU. In virtualized environments, different methods are used to provide GPU access to virtual machines.
The most appropriate solution in this scenario is a Passthrough GPU (also known as GPU passthrough). This technique uses direct device assignment (PCI passthrough) to allocate an entire physical GPU exclusively to a single VM. The VM has direct control over the GPU, allowing it to perform at near-native speeds, making this option ideal for heavy computational tasks like deep learning, AI model training, and complex simulations.
Here’s why the other options are not ideal:
A. Virtual GPU (vGPU): A virtual GPU allows multiple VMs to share a single physical GPU. While this is efficient for graphical applications or moderate workloads, it doesn’t provide the full, uninterrupted performance needed for training machine learning models.
B. External GPU (eGPU): eGPUs are typically used to attach a GPU to a device externally, often via Thunderbolt connections. While useful in some desktop scenarios, they are not commonly implemented in enterprise cloud infrastructure or VM provisioning.
D. Shared GPU: Like vGPU, a shared GPU means multiple VMs are using the same physical GPU, which can lead to performance degradation due to contention for GPU resources.
Therefore, the Passthrough GPU (Option C) offers the best solution. It dedicates the entire GPU to one virtual machine, ensuring the performance needed for machine learning tasks is fully met. This setup provides maximum efficiency, low latency, and the best performance among all listed options.
Question No 3:
An organization is planning to migrate its on-premises database to the cloud to improve scalability, reduce maintenance overhead, and benefit from automated backups and performance tuning. The IT team is evaluating various cloud service models to determine which one is best suited for hosting and managing a cloud-based database.
They want a solution that allows them to focus primarily on data modeling, querying, and application development, without needing to manage the underlying infrastructure, including the operating system, storage, or database engine maintenance.
Which of the following cloud service models is MOST appropriate for hosting a database in the cloud under these requirements?
A. Platform as a Service (PaaS)
B. Infrastructure as a Service (IaaS)
C. Container as a Service (CaaS)
D. Software as a Service (SaaS)
Correct Answer: A. Platform as a Service (PaaS)
Explanation:
In cloud computing, databases can be deployed under different service models depending on how much control and responsibility the user wants over the infrastructure and software stack.
The most appropriate cloud service model for hosting a database—where the focus is on managing data and using the database, not maintaining the infrastructure—is Platform as a Service (PaaS).
With PaaS, the cloud provider manages the hardware, operating system, storage, and the database management system (DBMS). The customer only interacts with the database itself, meaning tasks like provisioning, scaling, patching, and backups are automated. This allows developers and IT teams to concentrate on writing queries, developing applications, and managing data instead of dealing with infrastructure management. Common examples of PaaS database services include Amazon RDS, Azure SQL Database, and Google Cloud SQL.
Here’s why the other options are less suitable:
B. Infrastructure as a Service (IaaS): In IaaS, the provider offers virtual machines and storage, but the user is responsible for installing and maintaining the database software, operating system, and backups. While flexible, it requires more administrative effort and is not ideal if you want to avoid infrastructure management.
C. Container as a Service (CaaS): CaaS is more about running containers (e.g., Docker) and managing container orchestration platforms like Kubernetes. Running a database this way is possible but more complex and requires deep technical expertise.
D. Software as a Service (SaaS): SaaS offers fully developed applications to end users (like Salesforce or Google Workspace). While some SaaS applications use databases internally, you don’t get direct access to or control over the database engine.
Therefore, Option A: PaaS is the best fit when deploying a cloud-based database that balances ease of use, scalability, and reduced management overhead.
Question No 4:
A Virtual Desktop Infrastructure (VDI) administrator has started receiving performance complaints from users in the drafting department. These users rely heavily on computer-aided design (CAD) and 3D modeling software, which involves intensive graphical rendering tasks. They have reported that rendering performance has noticeably slowed down compared to normal operations.
Given that these rendering tasks are graphics-intensive, the administrator must investigate the VDI environment to identify the cause of the slowdown and improve performance.
Which of the following system resources should the administrator check FIRST to identify and resolve the performance degradation in the drafting department’s virtual desktops?
A. GPU (Graphics Processing Unit)
B. CPU (Central Processing Unit)
C. Storage
D. Memory (RAM)
Correct Answer: A. GPU
Explanation:
In a Virtual Desktop Infrastructure (VDI) environment, especially when supporting users who perform high-end graphics work like 3D rendering, CAD design, or video editing, GPU (Graphics Processing Unit) performance plays a critical role.
The drafting department relies on applications that use real-time rendering and complex visual computations. These operations are GPU-accelerated, meaning they perform significantly better when a dedicated or virtualized GPU is assigned to the virtual desktops. If rendering is slower than usual, the first area to inspect is the GPU resources allocated to those VDIs.
Possible GPU-related issues may include:
Insufficient GPU capacity or over-utilization by other users.
Lack of GPU passthrough or vGPU (virtual GPU) configuration.
Driver issues or misconfiguration in the hypervisor or guest OS.
Checking the GPU first is logical because it is the most likely bottleneck for graphics-heavy workloads. Modern VDI platforms often allow real-time monitoring of GPU usage and performance per VM.
Let’s briefly look at why the other options are less relevant as a first step:
B. CPU: While important, the CPU is not the primary component for graphics rendering. High CPU usage might affect general performance but won’t directly cause rendering-specific slowdowns.
C. Storage: Storage performance issues usually manifest as slow loading times or application launch delays, not reduced rendering speeds.
D. Memory: Insufficient RAM can cause performance issues, but similar to CPU, it’s not the first suspect when the complaint is specific to rendering speed.
Therefore, to effectively troubleshoot and optimize rendering performance in a graphics-intensive VDI environment, the administrator should first examine GPU usage and configuration.
Question No 5:
The Chief Information Security Officer (CISO) of an organization is conducting a comprehensive review of the company's security management program. As part of the evaluation, the CISO needs to identify and assess all assets within the organization that have known security vulnerabilities, deviations from compliance standards, or unmitigated risks. Additionally, the CISO is seeking documentation that outlines existing mitigation strategies, their status, and any residual risks associated with those assets.
To effectively analyze this information and make risk-informed decisions, the CISO requires a centralized resource that provides detailed insight into asset-level risk exposures, threat likelihood, potential impacts, and corresponding controls or mitigation measures already in place.
Which of the following documents would BEST meet the CISO’s needs in this scenario?
A. Service Level Agreement (SLA) document
B. Disaster Recovery (DR) plan
C. Security Operations Center (SOC) procedures
D. Risk Register
Correct Answer: D. Risk Register
Explanation:
A risk register is a fundamental document used in risk management to record and track all identified risks related to an organization's assets, operations, and projects. It serves as a centralized repository that contains critical information such as:
The description of each risk or deviation.
The assets affected by the risk.
The likelihood and potential impact of the risk.
The risk owner (who is responsible).
Existing mitigation or control measures.
Residual risk after mitigation.
Status of the mitigation efforts.
For a CISO aiming to locate all assets with identified deviations and associated mitigation strategies, the risk register is the most effective and relevant resource. It provides a detailed overview of both current and potential threats, their impact on business operations, and the effectiveness of the controls that have been applied.
Here’s why the other options are not appropriate:
A. SLA (Service Level Agreement): This defines service expectations between a provider and customer but does not track asset-level risks or mitigation measures.
B. DR (Disaster Recovery) plan: This outlines steps for recovering IT services after a disruption but focuses on recovery processes, not ongoing security risks or mitigation tracking.
C. SOC procedures: These are operational guidelines for the security operations center. While useful for incident response, they don’t provide a comprehensive view of organizational risk across assets.
Therefore, the risk register (Option D) is the most suitable document for the CISO's needs in managing and evaluating security risks.
Question No 6:
A cloud engineer is tasked with managing the infrastructure of a rapidly expanding public cloud environment. Currently, all cloud servers reside within a single virtual network (VNet or VPC, depending on the cloud provider). As the environment scales, the engineer is attempting to deploy additional servers but encounters a problem: the virtual network has run out of available IP addresses, preventing the creation of new instances.
The engineer must implement a scalable and efficient solution that accommodates the growing number of cloud resources without disrupting existing services. The solution should also integrate seamlessly with the existing virtual network and support ongoing expansion.
Which of the following actions should the engineer take to resolve the IP exhaustion issue and support continued growth in the cloud environment?
A. Create a new Virtual Private Cloud (VPC) or Virtual Network and establish network peering between the two.
B. Implement dynamic routing within the current virtual network.
C. Enable DHCP on the existing networks to allocate IP addresses automatically.
D. Subscribe to a new IP Address Management (IPAM) service to obtain more public IP addresses.
Correct Answer: A. Create a new Virtual Private Cloud (VPC) or Virtual Network and establish network peering between the two.
Explanation:
In cloud environments, each virtual network (VPC in AWS, VNet in Azure, etc.) has a defined IP address range, typically allocated using CIDR notation. When the range is exhausted, no new IP addresses can be assigned to additional servers, causing deployment failures.
The most efficient and scalable solution in this scenario is to create a new virtual network or VPC and then peer it with the existing network. Network peering enables communication between resources in different virtual networks without routing traffic over the public internet. This approach increases the total number of available IP addresses and allows seamless communication between existing and newly deployed servers.
Here’s why the other options are less effective:
B. Implement dynamic routing: Dynamic routing manages route updates between networks but does not solve the IP exhaustion problem.
C. Enable DHCP: DHCP automates IP assignment within a network, but it cannot create new IP addresses if the network has already run out of IPs.
D. Obtain a new IPAM subscription: While IPAM helps manage large pools of IP addresses across environments, it doesn’t expand the address space of an existing virtual network or solve immediate address exhaustion.
By creating a new VPC and peering it with the existing one, the cloud engineer ensures that the environment remains scalable, well-connected, and functional as it grows.
Question No 7:
A system administrator has been assigned the task of migrating a legacy application that currently runs on a bare-metal physical server in an on-premises data center to a cloud-based virtualized environment. The goal is to move the existing server, including its operating system, applications, and configurations, to a virtual machine hosted in the cloud without rebuilding the server from scratch.
To successfully carry out this task, the administrator needs to choose the most appropriate type of migration that supports transferring an operating system image and its associated data from physical hardware to a virtual machine format compatible with the cloud provider's infrastructure.
Which of the following types of migration should the system administrator perform in this scenario?
A. V2V (Virtual to Virtual)
B. V2P (Virtual to Physical)
C. P2P (Physical to Physical)
D. P2V (Physical to Virtual)
Correct Answer: D. P2V (Physical to Virtual)
Explanation:
The correct type of migration for moving a bare-metal server (physical machine) to a cloud-based virtual machine is called P2V (Physical to Virtual) migration.
A P2V migration involves converting a running or offline physical machine (including its disk images, OS, drivers, and configuration settings) into a virtual machine image that can then be deployed in a virtualized environment, such as a public or private cloud. This process typically uses specialized migration tools or hypervisor utilities (e.g., VMware vCenter Converter, Microsoft Virtual Machine Converter, or cloud-native import tools like AWS Server Migration Service or Azure Migrate).
This approach allows organizations to preserve the existing system state, avoid reinstalling and reconfiguring applications, and reduce downtime during the migration process. It's especially useful for legacy systems or workloads that are difficult to re-platform or rebuild.
Now let’s review why the other options are incorrect:
A. V2V (Virtual to Virtual): This is used to migrate from one virtual environment to another, such as moving a VM from VMware to Hyper-V. It’s not applicable to physical servers.
B. V2P (Virtual to Physical): This is the reverse of what’s needed. V2P converts a virtual machine into a physical system, which is not the goal here.
C. P2P (Physical to Physical): This involves migrating from one physical machine to another. It doesn't help when moving into a virtual/cloud environment.
Therefore, the most suitable option is D. P2V, as it aligns with the migration from physical infrastructure to cloud-based virtualization.
Question No 8:
A cloud administrator is conducting a routine audit of authentication and authorization configurations within the organization’s cloud infrastructure. During the review, the administrator identifies a potential security concern: members of the Sales team have access to a financial application that should be restricted to the Finance department only. Further investigation reveals that this access is due to the Sales group being nested within the Finance group, which inadvertently grants Sales team members access to sensitive financial data.
Additionally, the organization has implemented Single Sign-On (SSO), which streamlines login processes across cloud applications, further simplifying access once a user is authenticated. While SSO enhances usability, it also increases the importance of correctly defined access control mechanisms to prevent privilege creep or inappropriate access.
Given this situation, which of the following access control models should be revised to correct this misconfiguration and enforce proper separation of duties?
A. Discretionary Access Control (DAC)
B. Attribute-Based Access Control (ABAC)
C. Mandatory Access Control (MAC)
D. Role-Based Access Control (RBAC)
Correct Answer: D. Role-Based Access Control (RBAC)
Explanation:
The scenario describes an access control issue where users are granted permissions based on group membership, and those group roles determine what applications and resources they can access. This is a classic case of Role-Based Access Control (RBAC).
RBAC assigns access permissions to users based on their assigned roles, such as "Sales" or "Finance." If the Sales group is nested within the Finance group, all users in Sales inherit the permissions of Finance—this includes access to the financial application, which constitutes a misconfiguration or poor role structuring. In RBAC, roles must be carefully defined and isolated to ensure users receive only the permissions necessary for their job responsibilities, following the principle of least privilege.
Here’s why the other options are incorrect:
A. Discretionary Access Control (DAC): Access is determined by the resource owner, and it's not typically group- or role-based. This model wouldn’t result in nested group issues like the one described.
B. Attribute-Based Access Control (ABAC): Uses attributes (e.g., department, location, clearance level) to make access decisions. It’s more dynamic and context-aware but not relevant to the group-role structure in this case.
C. Mandatory Access Control (MAC): Involves strict policy enforcement often used in government or military environments. Access decisions are based on labels and classifications, not roles or group nesting.
In conclusion, Role-Based Access Control (RBAC) is the model in use and the one that should be revised to correct the unintentional access granted to the Sales team. Properly restructuring the roles and eliminating inappropriate group nesting will resolve the issue.
Top Training Courses
SY0-701
CompTIA Security+
$14.99
AZ-104
Microsoft Azure Administrator
$14.99
200-301
Cisco Certified Network Associate (CCNA)
$14.99
AWS Certified Solutions Architect - Associate SAA-C03
AWS Certified Solutions Architect - Associate SAA-C03
$14.99
AZ-305
Designing Microsoft Azure Infrastructure Solutions
$14.99
PL-300
Microsoft Power BI Data Analyst
$14.99
350-401
Implementing Cisco Enterprise Network Core Technologies (ENCOR)
$14.99
AZ-900
Microsoft Azure Fundamentals
$14.99
CS0-003
CompTIA CySA+ (CS0-003)
$14.99
CISSP
Certified Information Systems Security Professional
$14.99
