comptia cloud+ practice exam Practice Exam 2025: Latest Questions

A company wants to improve availability for a web application hosted in a public cloud. The current single VM deployment experiences downtime during maintenance and host failures. Which design change BEST increases availability with minimal application changes?

A cloud administrator needs to ensure that only the application tier can access a managed database service. The database should not be reachable from the internet. Which configuration BEST meets this requirement?

A DevOps team wants repeatable, consistent provisioning of cloud resources across development, test, and production. Which approach BEST supports this goal?

An administrator needs to determine why cloud-hosted instances are experiencing intermittent packet loss. Which tool is MOST appropriate to identify whether the issue is occurring inside the instance or in the network path?

A company is moving from a monolithic application to microservices on a container platform. They want each service to scale independently and support rolling updates with minimal downtime. Which solution BEST meets these requirements?

A security team needs to ensure that cloud API calls are auditable and that suspicious configuration changes can be quickly investigated. Which control BEST supports this objective?

A cloud deployment pipeline frequently fails during the database migration step because different environments have slightly different schema versions. Which action BEST improves reliability and repeatability of the deployment?

A cloud operations team needs to reduce mean time to recovery (MTTR) for a fleet of instances that occasionally become unresponsive. Which practice BEST supports faster recovery?

After enabling a new network security rule set, users report they can access the web front end but receive timeouts when the application tries to reach an internal API service. The API service runs on a private subnet and is healthy. Which is the MOST likely cause?

A company must design a disaster recovery solution for a critical workload. Requirements: (1) RPO of 15 minutes, (2) RTO under 1 hour, and (3) ability to fail over to a secondary region during a regional outage. Which approach BEST meets these requirements while balancing complexity?

A cloud administrator needs to grant a vendor temporary access to a single object storage bucket for troubleshooting. The access must expire automatically after 24 hours and follow the principle of least privilege. Which approach is BEST?

An organization wants to improve availability for a stateless web API deployed on multiple VMs across two availability zones. Which component should be implemented to distribute client requests and detect unhealthy instances?

A cloud operations team wants to ensure that only approved VM images are used for new deployments. Which solution BEST enforces this requirement?

A company is migrating an application to the cloud and wants to decouple components to handle bursty workloads. Messages must not be lost if a consumer is offline temporarily. Which design is MOST appropriate?

A security team requires that all management traffic to cloud resources be isolated from the public internet. Administrators should connect from the corporate network to manage instances in private subnets. Which solution BEST meets this requirement?

After deploying an update, users report intermittent 502 errors. Metrics show the load balancer is healthy, but several backend instances are marked unhealthy due to failed health checks. The application takes longer to start after updates. What is the MOST likely fix?

A team wants repeatable cloud deployments and the ability to roll back changes to network and compute resources. Which approach BEST supports these goals?

A company needs to investigate suspicious administrative activity across multiple cloud services. They want a single source of truth that records management-plane API calls, including who performed actions and from where. What should they enable FIRST?

A financial services company must store encryption keys in a way that prevents cloud administrators from exporting key material, while still enabling applications to encrypt and decrypt data. Which solution BEST meets this requirement?

An application uses an autoscaling group behind a load balancer. During a flash sale, scaling occurs, but new instances are launched in a subnet that cannot reach the internet to download required packages, causing failed provisioning and capacity shortages. Which change MOST directly resolves the issue while keeping instances private?

A cloud administrator needs to ensure that newly deployed workloads can reach internal services without exposing them to the public internet. The organization also wants to prevent overlapping IP ranges between environments to avoid routing issues. Which design choice BEST meets these requirements?

A security engineer wants to reduce the risk of data exposure if a VM snapshot or storage volume is copied outside the cloud account. Which control MOST directly mitigates this risk?

A team uses infrastructure as code (IaC) to deploy a multi-tier application. The deployment frequently fails because engineers manually change cloud resources after deployment, causing configuration drift. What is the BEST approach to prevent this issue?

After a maintenance window, users report intermittent authentication failures for a web application hosted in the cloud. The application servers are healthy, but login attempts sometimes fail with a timestamp-related error. Which is the MOST likely root cause?

An operations team is implementing a cloud monitoring strategy. They want to reduce alert fatigue while ensuring critical incidents are still detected quickly. Which practice is MOST appropriate?