CompTIA Updated CV0-003 Exam Questions and Answers by olivia-rose

The chain of custody is a process that documents and preserves the integrity and authenticity of evidence from the time it is collected until it is presented in court. The chain of custody includes information such as who collected, handled, stored, or transferred the evidence, when and where it was done, and how it was done. By accidentally deleting the perpetrator’s user data, the security administrator has violated the chain of custody, as the evidence has been altered or destroyed and can no longer be used in court. Reference: [CompTIA Cloud+ Certification Exam Objectives], Domain 2.0 Security, Objective 2.4 Given a scenario, implement security automation and orchestration in a cloud environment.

DDoS protection is what the administrator should configure to mitigate a network-based flooding attack that caused an outage in a cloud environment. A network-based flooding attack is a type of attack that sends a large amount of network traffic or requests to a target system or service, such as a server, website, application, etc., with the intention of overwhelming or exhausting its resources or capacity. A network-based flooding attack can cause an outage in a cloud environment by disrupting or degrading the availability or performance of the target system or service, as well as affecting other systems or services that share the same network or infrastructure. DDoS protection is a tool or service that detects and prevents network-based flooding attacks, also known as Distributed Denial of Service (DDoS) attacks. DDoS protection can mitigate a network-based flooding attack by providing features such as:

Filtering: DDoS protection can filter network traffic or requests based on various criteria, such as source, destination, protocol, content, etc., and block or allow them accordingly.

Diverting: DDoS protection can divert network traffic or requests away from the target system or service to another location or device, such as a scrubbing center, proxy, firewall, etc., where they can be analyzed and processed.

Scaling: DDoS protection can scale network resources or capacity dynamically and automatically to handle the increased demand or load caused by the network-based flooding attack.

The best way to gracefully stop any new transactions from processing before applying updates to an application is to enable maintenance mode from the application dashboard. Maintenance mode is a feature that allows temporarily disabling the access or functionality of an application or service while performing maintenance tasks, such as updates, patches, or backups. It also displays a message or notification to the users or clients informing them about the maintenance and the expected downtime. This method will prevent any new transactions from being initiated or interrupted while the updates are being applied. Reference: [CompTIA Cloud+ Certification Exam Objectives], Domain 3.0 Maintenance, Objective 3.1 Given a scenario, apply appropriate changes to meet performance, security and user requirements.

The best way to connect all the VPCs for the company that is planning its cloud architecture and wants to use a VPC for each of its three products per environment in two regions, totaling 18 VPCs, is to use a hub and spoke model. A hub and spoke model is a networking model that uses a central hub VPC that connects to multiple spoke VPCs that host the products or workloads. The hub VPC can provide common services and security policies for the spoke VPCs, such as network virtual appliances, DNS servers, firewalls, or VPN gateways. The spoke VPCs can communicate with each other through the hub VPC, using private IP addresses or peering connections. A hub and spoke model can simplify the management and scalability of the network, as well as reduce the costs and complexity of peering multiple VPCs directly. Reference: Hub-and-spoke network topology - Cloud Adoption Framework