Selected CV0-004 CompTIA Cloud+ Questions Answers

When an organization can predict demand spikes (such as seasonal sales), the most cost-effective approach is to use scheduled scaling—a scaling configuration tied to a known timeline. In the CompTIA Cloud+ (CV0-004) objectives covering elasticity, scaling strategies, and cost optimization, scheduled scaling allows the business to increase capacity shortly before the surge begins and reduce it immediately after the event ends. This minimizes cost by ensuring resources run only for the required window, while still maintaining performance and availability during peak traffic.

Option A (least-connections) improves how traffic is distributed but does not add capacity; it cannot prevent resource exhaustion if the backend pool is undersized. Option C (reconfiguring to have more resources—vertical scaling) can help performance but often increases cost continuously and may introduce downtime or scaling limits. Option D (deploying additional compute in advance) can meet the requirement, but it may waste money if instances remain overprovisioned longer than necessary. Therefore, enabling a scheduled scaling configuration for the identified timeline best meets the need at minimal cost.

Based on the logs provided, the port that has been compromised is Port 8048. The state "TIME_WAIT" indicates that this port was recently used to establish a connection that has now ended. This could be indicative of the recent activity where large amounts of data were downloaded to an external source, suggesting a potential security breach. References: CompTIA Cloud+ Study Guide (Exam CV0-004) by Todd Montgomery and Stephen Olson

For volumetric DDoS, the primary goal is to absorb and disperse massive traffic floods before they overwhelm bandwidth, edge links, or the application entry point. Placing a CDN in front of the web server is highly effective because CDN edge nodes distribute traffic globally, cache static content, and reduce direct requests reaching the origin. This improves resilience and keeps origin capacity available for legitimate users. A WAF complements this by filtering malicious HTTP/S traffic patterns and enforcing rules (rate limiting, bot filtering, request validation) at the edge or in front of the service. Together, CDN + WAF align with Cloud+ CV0-004 objectives around designing secure, highly available architectures, implementing layered defenses, and using cloud-native services to mitigate attacks.

DLP focuses on preventing data exfiltration, not DDoS. Hardening reduces compromise risk but does not stop traffic floods. ACLs can restrict known bad sources but are limited against distributed botnets and may not scale fast enough for large attacks. Inline IDS is typically detection-focused and can become a bottleneck during volumetric events.

Since the cloud administrator can access the application from the same site but users cannot, it suggests a possible issue with the network routing. The routing table may need to be updated to ensure that traffic from the users' location is correctly directed to the new location of the remotely hosted application after the migration. References: CompTIA Network+ Certification Study Guide by Glen E. Clarke.