Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CV0-004

CompTIA CV0-004 Exam
CompTIA Cloud+ (Page 10 )

Updated On: 1-Feb-2026
Page 8 of 44
PDF with 247 Questions

Which of the following can reduce the risk of CI/CD pipelines leaking secrets?

  1. Protected Git branches
  2. Use of a VM instead of containers
  3. Private image repositories
  4. Canary tests

Answer(s): A

Explanation:

Protected Git branches help reduce the risk of CI/CD pipelines leaking secrets by imposing restrictions on who can commit to the branches, enforce status checks before merging, and prevent unauthorized access or changes to sensitive information, such as API keys, passwords, and secret tokens. This ensures that only approved changes can be made to the codebase, and sensitive information is safeguarded.



Which of the following communication methods between on-premises and cloud environments would ensure minimal-to-low latency and overhead?

  1. Site-to-site VPN
  2. Peer-to-peer VPN
  3. Direct connection
  4. peering

Answer(s): C

Explanation:

A direct connection between on-premises and cloud environments involves a dedicated, private connection that does not traverse the public internet. This setup ensures minimal-to-low latency and overhead, providing more consistent network performance and reliability compared to other methods like VPNs or public internet connections, making it suitable for high-volume or latency- sensitive applications.



Which of the following vulnerability management concepts is best defined as the process of discovering vulnerabilities?

  1. Scanning
  2. Assessment
  3. Remediation
  4. Identification

Answer(s): D

Explanation:

In vulnerability management, 'Identification' is the concept best defined as the process of discovering vulnerabilities. This step is crucial as it involves detecting vulnerabilities in systems, software, and networks, which is the first step in the vulnerability management process before moving on to assessment, remediation, and reporting.



HOTSPOT (Drag and Drop is not supported)

An e-commerce company is migrating from an on-premises private cloud environment to a public cloud IaaS environment. You are tasked with right-sizing the environment to save costs after the migration. The company's requirements are to provide a 20% overhead above the average resource consumption, rounded up.

INSTRUCTIONS
Review the specifications and graphs showing resource usage for the web and database servers. Determine the average resource usage and select the correct specifications from the available drop- down options.

  1. See Explanation section for answer.

Answer(s): A

Explanation:

For the Web Server:
CPU: 2 vCPUs
RAM: 2GB
Disk Speed: 10MBps
For the Database Server:
CPU: 6 vCPUs
RAM: 128GB
Disk Speed: 110MBps
These selections are based on maintaining a 20% overhead above the average resource consumption and rounding up to the next available option in the dropdowns provided.



A company hosts various containerized applications for business uses. A client reports that one of its routine business applications fails to load the web-based login prompt hosted in the company cloud.

Click on each device and resource. Review the configurations, logs, and characteristics of each node in the architecture to diagnose the issue. Then, make the necessary changes to the WAF configuration to remediate the issue.











  1. See Explanation section for answer.

Answer(s): A

Explanation:

From the image, it's noticeable that some finance application rules are set to "Block" traffic. If the client's issue is with a finance-related application not loading the login prompt, these rules could be the cause.
The rule with ID 1005, labeled "Finance application 1", is configured to allow access to "webapp1" for finance-related paths. However, rule 1006, labeled "Finance application 2", is set to block access to "webapp1" for login-related paths.
To remediate the issue based on the WAF configuration you have provided, you would want to:
Ensure that the correct paths to the finance application are allowed through the WAF. Modify any rules that are incorrectly blocking access to the application. If the client's problem is specifically with the login prompt, then rule 1006 seems the most likely culprit. Changing the action from "Block" to "Allow" for rule 1006 could potentially resolve the client's issue. The rule should be carefully reviewed and updated to ensure legitimate traffic is not being blocked while still protecting against unauthorized access.



Viewing page 10 of 44
Viewing questions 46 - 50 out of 247 questions



Post your Comments and Discuss CompTIA CV0-004 exam prep with other Community members:

Join the CV0-004 Discussion