50 IBM Assessment: Cloud Computing Architecture Practice Questions: Question Bank 2025

A team is migrating an internal web application to the cloud. They want to minimize operational overhead for OS patching and capacity planning while still deploying custom application code. Which cloud service model best fits this requirement?

A retailer experiences unpredictable traffic spikes during promotions. They need the application to automatically add and remove compute capacity based on demand. Which cloud characteristic is being primarily leveraged?

A solution architect is selecting storage for application logs that must be retained for one year and queried occasionally, but not frequently updated. Which storage type is the most appropriate for this use case?

A security policy requires that no virtual machine be directly reachable from the public internet, but administrators must still manage them. Which approach best satisfies this requirement?

A company is deploying a three-tier application. The database tier requires consistent low-latency reads/writes and durable storage. Which option best fits the database storage requirement?

A microservices application must tolerate the failure of an individual instance without impacting availability. The architect wants to ensure traffic is only sent to healthy instances. Which design element addresses this requirement?

An organization must demonstrate that all administrative actions in the cloud environment are traceable to an individual user for audit purposes. Which control best supports this requirement?

A team reports that their web application becomes slow during traffic surges. Monitoring shows the database CPU is near 100% while the web tier is underutilized. What is the most appropriate next step to improve performance?

A financial services company is designing a hybrid cloud connectivity solution. Requirements include private connectivity (not over the public internet), consistent latency, and support for extending on-premises IP addressing to cloud workloads. Which approach is most appropriate?

A company must enforce strict separation between development and production environments to meet compliance requirements. They also want to prevent accidental access to production data by developers while still allowing a CI/CD pipeline to deploy to production. Which design best meets these requirements?

An organization is starting a cloud migration and wants to reduce the risk of vendor lock-in while keeping the architecture maintainable. Which approach best supports this goal?

A team is designing an API for a mobile application. The API experiences unpredictable spikes and must remain responsive without pre-provisioning extra servers. Which cloud capability best addresses this requirement?

A regulated organization needs to ensure that all stored customer data is unreadable if physical storage media is lost. Which control best meets this requirement?

A SaaS provider wants each tenant’s data to be isolated while minimizing operational overhead. Which design is generally the best starting point for associate-level multi-tenant architecture?

After deploying a three-tier application in the cloud, users report intermittent timeouts. Metrics show database CPU is low, but application instances have high connection counts and slow response times. Which change is most likely to resolve the issue?

A company must prove to auditors that only approved administrators can access production resources and that all administrative actions are traceable. Which combination best meets this requirement?

A team is implementing a disaster recovery strategy for a business-critical service. The business requires minimal data loss but can tolerate a short service interruption during failover. Which DR approach best matches these requirements?

A microservices-based application shows occasional message duplication during peak load. The services consume messages from a queue and write to a database. Which design pattern most directly addresses the risk of duplicates without relying on exactly-once delivery?

A financial services firm must enforce that sensitive data never leaves a specific geographic boundary while still allowing global users to access a read-only subset of non-sensitive data. Which architecture best satisfies this requirement?

A platform team wants to enable multiple application teams to provision cloud resources safely and consistently. They need guardrails so teams can self-service without creating noncompliant networks or overly permissive IAM policies. Which approach is most appropriate?

A team is explaining cloud concepts to a business stakeholder. Which statement best describes the difference between horizontal scaling and vertical scaling?

A company wants developers to deploy a web application without managing servers, while the platform automatically scales based on HTTP request volume. Which cloud service model best fits this requirement?

An organization must ensure that storage media containing sensitive data is unrecoverable when decommissioned. Which control best addresses this requirement in a cloud environment?

A microservices application experiences intermittent latency spikes. Metrics show the database is healthy, but service-to-service calls occasionally exceed timeouts during brief traffic bursts. Which architectural change most directly improves resilience to these bursts?

A team deployed a web application across two availability zones behind a load balancer. During a planned failover test, users report lost shopping cart contents. Which change best addresses this issue while preserving high availability?

A security review finds that developers sometimes assign broad permissions to service accounts to resolve deployment issues quickly. What is the best practice to reduce this risk while maintaining developer productivity?

A company needs to select a data storage approach for a globally distributed application that requires low-latency reads in multiple regions and can tolerate eventual consistency for some fields (e.g., user profile display name). Which design is most appropriate?

A regulated workload requires that encryption keys are not accessible to the cloud provider and that key usage is centrally audited. Which approach best meets this requirement?

After migrating an application to cloud, the operations team notices frequent "works in staging but fails in production" issues caused by manual configuration drift. Which practice most directly addresses this problem?

A company hosts APIs in the cloud and must prove to auditors that only approved administrators can access production logs containing sensitive information. What is the most effective combination of controls?

A team is moving from on-premises to cloud and wants to avoid creating tight coupling between application components. Which architectural approach best supports loose coupling and independent scaling?

A retailer experiences unpredictable traffic spikes during promotions. They want an approach that automatically increases and decreases compute capacity based on demand. Which cloud capability best addresses this requirement?

A company must ensure that only authorized users can access a cloud-hosted application and wants to centrally manage user identities. Which control best supports this goal?

A development team wants to reduce risk when releasing a new version of their API by gradually shifting traffic to the new version and rolling back quickly if errors increase. Which deployment strategy best fits?

An architect needs to choose a storage option for large amounts of unstructured data (images and videos) that must be highly durable and accessible via HTTP APIs. Which cloud storage type is most appropriate?

A financial services application handles sensitive customer data. The organization requires that data be encrypted at rest and that encryption keys be centrally managed with strict access controls and auditing. Which solution best meets these requirements?

A company wants repeatable, consistent provisioning of cloud environments (network, compute, and security policies) across dev, test, and production. They also want changes to be reviewable and traceable. What is the best approach?

A microservices-based application experiences intermittent timeouts. Investigation shows a downstream service occasionally responds slowly, causing threads to pile up in the upstream service. Which resiliency pattern most directly helps prevent cascading failures in this scenario?

A regulated enterprise needs to prove that changes to firewall rules and IAM policies are reviewed, approved, and auditable. They also want automated detection of unauthorized changes. Which approach best satisfies these requirements?

A global application requires low-latency access for users in multiple regions and must remain available even if an entire region becomes unreachable. Which architecture best meets these requirements?

An architect is explaining cloud computing to a new team. Which statement best describes the benefit of resource pooling in a cloud model?

A team wants to reduce the blast radius of a compromised set of credentials for a VM-based workload. Which practice most directly supports this goal?

A company is selecting a cloud storage approach for static website assets (images, CSS, JavaScript). The assets are read frequently and updated occasionally. Which option is most appropriate?

A payment processing application must meet strict audit requirements. The auditor asks for proof that production data cannot be accessed without a documented business need. Which control best addresses this requirement?

A web API experiences occasional traffic spikes and must remain responsive. The application is stateless and can scale horizontally. Which design is most appropriate?

A team is migrating an on-premises application to the cloud. They need private connectivity to the cloud to reduce exposure to the public internet and improve predictability for data transfer. Which approach best meets this requirement?

A security team requires that all sensitive customer data stored in cloud object storage is protected even if storage media is compromised. They also want the ability to control and rotate encryption keys. What is the best solution?

A microservices-based application uses an asynchronous message queue between services. Users report that some requests are processed twice. The queue provides at-least-once delivery. Which change best addresses the issue without sacrificing resilience?

A regulated enterprise must ensure that administrative actions in the cloud (creating IAM policies, modifying network ACLs, deleting storage buckets) are traceable to an individual and cannot be altered after the fact. Which architecture best meets this requirement?

A global application is deployed in two regions for high availability. The database uses asynchronous replication across regions. The business requires that users never see stale data after a successful write, even during a regional failure. Which trade-off and design decision is most aligned with this requirement?