CompTIA Updated CV0-004 Exam Questions and Answers by aahil

AES (Advanced Encryption Standard) is the best algorithm to replace Base64 for secure data exchange. Base64 is an encoding method that is not secure by itself, as it's easily reversible. AES, on the other hand, is a widely used encryption standard that ensures data is protected and is not readable without the correct encryption key.References: Encryption standards and practices, including the use of AES for securing data, are essential knowledge in cloud security covered in CompTIA Cloud+.

A bastion host is the best option described for accessing cloud resources without direct internet access. It acts as a secure gateway to access internal networks from external sources and is often used in conjunction with other security measures such as SSH for secure connections.References: The use of bastion hosts as a secure access point to cloud resources is a security best practice covered in the CompTIA Cloud+ certification's domain on cloud security.

Rehosting, often referred to as "lift-and-shift," is the process of migrating an application or workload to the cloud without modifying it. This approach is suitable when there are timing constraints that prevent making changes to the application prior to migration. Rehosting can be the quickest migration strategy since it involves moving the existing applications to the cloud with minimal changes.

References: CompTIA Cloud+ resources and cloud migration strategies

For compliance purposes, saving customer policies for more than ten years most cost-efficiently can be achieved by using the Archive storage tier. Archive or archival storage is designed for data that needs to be retained over the long term but accessed infrequently. It is generally the most cost-effective storage tier for this type of data. References: CompTIA Cloud+ Study Guide (Exam CV0-004) by Todd Montgomery and Stephen Olson