Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Cloud Architecture and Design practice sets

CV0-004 Cloud Architecture and Design • Complete Question Bank

CV0-004 Cloud Architecture and Design — All Questions With Answers

Complete CV0-004 Cloud Architecture and Design question bank — all 0 questions with answers and detailed explanations.

59
Questions
Free
No signup
Certifications/CV0-004/Practice Test/Cloud Architecture and Design/All Questions
Question 1easymultiple choice
Read the full NAT/PAT explanation →

A company is migrating a legacy on-premises application to a public cloud. The application currently uses a single monolithic architecture and relies on a local file system for storage. The cloud architect needs to redesign the application to take advantage of cloud-native features. Which design principle should the architect prioritize to ensure scalability and resilience?

Question 2mediummultiple choice
Read the full Cloud Architecture and Design explanation →

A cloud architect is designing a multi-tier web application in a cloud environment. The application must handle unpredictable traffic spikes while minimizing costs. The architect decides to use auto-scaling groups for the web tier and a managed database service for the data tier. Which additional design consideration is MOST important to ensure the application remains available during a regional outage?

Question 3hardmultiple choice
Read the full Cloud Architecture and Design explanation →

A company is deploying a critical financial application on a private cloud. The compliance team requires that all data at rest be encrypted with a key managed by the company's hardware security module (HSM). The cloud architect must select a storage solution that supports customer-managed keys and integrates with the existing HSM. Which storage option should the architect choose?

Question 4easymultiple choice
Study the full virtualization explanation →

A cloud engineer is troubleshooting a performance issue in a virtualized environment. A critical application is running slowly, and the engineer suspects resource contention. The host server has 32 vCPUs and 256 GB of RAM, running four VMs. Which tool should the engineer use to determine if CPU ready time is causing the performance degradation?

Question 5mediummultiple choice
Read the full Cloud Architecture and Design explanation →

A cloud architect is designing a disaster recovery plan for a cloud-based application. The primary site is in a cloud region, and the recovery site is in a different geographic region. The application uses a relational database with synchronous replication. The recovery time objective (RTO) is 1 hour, and the recovery point objective (RPO) is 15 minutes. Which replication strategy BEST meets these objectives?

Question 6mediummulti select
Read the full Cloud Architecture and Design explanation →

A cloud architect is designing a hybrid cloud environment that connects an on-premises data center to a public cloud. The architect needs to ensure secure, low-latency connectivity and isolate traffic between different business units. Which TWO solutions should the architect implement? (Choose two.)

Question 7hardmulti select
Read the full Cloud Architecture and Design explanation →

A cloud administrator is reviewing the security posture of a cloud deployment. The company has a policy of least privilege and must ensure that only authorized services can access storage buckets. Which THREE mechanisms should the administrator configure to enforce this policy? (Choose three.)

Question 8hardmultiple choice
Read the full NAT/PAT explanation →

A company is migrating its on-premises e-commerce application to a public cloud. The application consists of a stateless web tier, a stateful application tier that stores session data in memory, and a relational database. The migration must ensure high availability, scalability, and minimal downtime during cutover. The cloud provider offers load balancers, auto-scaling groups, managed database services, and caching services. The current on-premises architecture uses a single web server, a single application server, and a single database server. The application tier stores session data in local memory, which is lost if the server fails. The team needs to redesign the architecture to be cloud-native. Which of the following is the BEST course of action?

Question 9easymultiple choice
Read the full Cloud Architecture and Design explanation →

A company is migrating its on-premises application to the cloud and needs to ensure high availability. The application requires a stateless web tier and a stateful database tier. Which design approach BEST meets these requirements?

Question 10mediummultiple choice
Read the full Cloud Architecture and Design explanation →

A cloud architect is designing a multi-tier application that must meet a recovery time objective (RTO) of 15 minutes and a recovery point objective (RPO) of 1 hour. Which disaster recovery strategy is MOST cost-effective while meeting these requirements?

Question 11hardmultiple choice
Review the full routing breakdown →

A company has a cloud environment with multiple VPCs that need to communicate with each other using private IP addresses. The company wants a centrally managed solution that simplifies routing and security. Which networking architecture should the architect implement?

Question 12easymultiple choice
Read the full Cloud Architecture and Design explanation →

An architect is designing a cloud application that must handle unpredictable spikes in traffic. The application should automatically add resources during peak demand and remove them when demand decreases to minimize costs. Which scaling strategy should be used?

Question 13mediumdrag order
Read the full Cloud Architecture and Design explanation →

Order the steps to configure a load balancer to distribute traffic across multiple web servers.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5
Question 14mediumdrag order
Read the full Cloud Architecture and Design explanation →

Order the steps to migrate an on-premises database to a cloud-managed database service (e.g., RDS, Cloud SQL).

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5
Question 15mediummatching
Read the full Cloud Architecture and Design explanation →

Match each cloud deployment model to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Shared infrastructure over the internet

Dedicated to a single organization

Combination of public and private

Shared by several organizations with common concerns

Question 16mediummatching
Read the full Cloud Architecture and Design explanation →

Match each cost management concept to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Prepaid compute for discounted rate

Cheap compute with possible termination

Adjust resources based on demand

Label resources for cost allocation

Upfront purchase vs operational expense

Question 17easymultiple choice
Read the full Cloud Architecture and Design explanation →

A startup is deploying a web application on a public cloud and expects variable traffic throughout the day. The team wants to minimize costs while ensuring that the application can handle sudden spikes in demand. Which scaling strategy best meets these requirements?

Question 18mediummultiple choice
Read the full Cloud Architecture and Design explanation →

A company is migrating its on-premises application to the cloud and wants to ensure high availability across multiple geographic regions. The application consists of stateless web servers and a stateful database. Which architecture should the company implement?

Question 19hardmultiple choice
Read the full Cloud Architecture and Design explanation →

A financial services company must store sensitive customer data in the cloud. The compliance team requires that data at rest be encrypted using customer-managed keys (CMK), and that the keys are rotated every 90 days. Additionally, the cloud provider must not have access to the keys. Which key management solution should the company choose?

Question 20easymultiple choice
Read the full Cloud Architecture and Design explanation →

A company is designing a cloud architecture that must meet a recovery time objective (RTO) of 4 hours and a recovery point objective (RPO) of 1 hour for a critical database. The database is 500 GB and runs on a virtual machine. Which backup strategy should be used?

Question 21mediummultiple choice
Read the full Cloud Architecture and Design explanation →

A company is deploying a containerized microservices application on a cloud platform. The operations team needs to manage secrets, such as database credentials and API keys, securely without embedding them in container images. Which solution should they use?

Question 22hardmultiple choice
Read the full VPN explanation →

A company has a hybrid cloud environment where on-premises servers communicate with cloud resources via a VPN connection. The network team notices intermittent connectivity issues and packet loss. The VPN tunnel is established, but performance is degraded. Which step should the team take first to diagnose the issue?

Question 23easymultiple choice
Read the full Cloud Architecture and Design explanation →

A company plans to use a public cloud to host a static website with minimal configuration. The website content is stored in an object storage bucket. Users access the site via a custom domain name. Which cloud service should the company use to serve the content with low latency globally?

Question 24mediummultiple choice
Read the full Cloud Architecture and Design explanation →

An organization is designing a cloud architecture for a data analytics workload that processes large datasets. The workload is CPU-intensive and runs once per day. The company wants to minimize costs. Which compute model should be used?

Question 25hardmultiple choice
Read the full Cloud Architecture and Design explanation →

A company is migrating a legacy monolithic application to a microservices architecture on the cloud. The application has tight coupling and shared database schemas. Which migration strategy should the company adopt to reduce risk and enable iterative migration?

Question 26easymulti select
Read the full Cloud Architecture and Design explanation →

Which TWO factors should be considered when selecting a cloud region for deploying a latency-sensitive application serving a global user base?

Question 27mediummulti select
Read the full Cloud Architecture and Design explanation →

Which THREE design principles are fundamental to building a highly available cloud architecture?

Question 28hardmulti select
Read the full Cloud Architecture and Design explanation →

Which TWO are best practices for designing a multi-tenant SaaS application on a public cloud?

Question 29easymultiple choice
Read the full Cloud Architecture and Design explanation →

A company is migrating a web application to the cloud. The application requires low latency and high availability across multiple geographic regions. Which cloud deployment model BEST meets these requirements?

Question 30mediummultiple choice
Read the full Cloud Architecture and Design explanation →

A cloud architect is designing a multi-tier application on a public cloud. To minimize costs while maintaining performance for variable workloads, the architect decides to use a mix of reserved and spot instances. Which design principle is being applied?

Question 31hardmultiple choice
Read the full NAT/PAT explanation →

An organization must comply with a regulation requiring that all data stored in the cloud be encrypted at rest using a cloud provider's native encryption service. The company also needs to maintain control over the encryption keys. Which solution should the architect recommend?

Question 32easymultiple choice
Read the full Cloud Architecture and Design explanation →

A company wants to deploy a cloud application that requires predictable performance and dedicated resources for a critical database. Which cloud service model is MOST appropriate?

Question 33mediummultiple choice
Read the full NAT/PAT explanation →

A cloud architect is planning a disaster recovery (DR) strategy for a mission-critical application. The RTO must be under 1 hour and RPO under 15 minutes. The primary site is in a different region. Which DR pattern meets these requirements?

Question 34hardmultiple choice
Read the full Cloud Architecture and Design explanation →

A company is moving a legacy monolithic application to the cloud. The application has interdependencies that make it difficult to refactor. The architect needs to minimize changes while gaining cloud benefits like elasticity and pay-as-you-go. Which migration strategy is BEST?

Question 35easymultiple choice
Read the full Cloud Architecture and Design explanation →

A cloud administrator needs to design a storage solution that provides block-level access for a database server and must be highly durable. Which storage type should be used?

Question 36mediummultiple choice
Read the full Cloud Architecture and Design explanation →

An organization is designing a cloud architecture that must be fault-tolerant within a single region. The architect decides to deploy application instances in multiple Availability Zones (AZs). Which cloud characteristic is being leveraged?

Question 37hardmultiple choice
Read the full NAT/PAT explanation →

A company uses a public cloud provider and has a requirement that all data must be encrypted in transit and at rest. The architect notices that the cloud provider's load balancer terminates TLS and forwards traffic to backend instances over HTTP. Which design change should the architect make?

Question 38easymulti select
Read the full Cloud Architecture and Design explanation →

Which TWO characteristics are essential for a cloud service to be considered as a true Infrastructure as a Service (IaaS) offering?

Question 39mediummulti select
Read the full Cloud Architecture and Design explanation →

Which THREE factors should be considered when selecting a cloud region for deploying a globally distributed application to minimize latency?

Question 40hardmulti select
Read the full NAT/PAT explanation →

Which TWO design patterns can help a cloud architect achieve a Recovery Time Objective (RTO) of less than 5 minutes for a critical application?

Question 41easymultiple choice
Read the full Cloud Architecture and Design explanation →

A company is migrating a legacy application to the cloud. The application requires low-latency access to a shared filesystem that must be accessible from multiple virtual machines simultaneously. Which storage solution should the cloud architect recommend?

Question 42mediummultiple choice
Read the full Cloud Architecture and Design explanation →

A cloud architect is designing a multi-tier web application that must handle sudden traffic spikes. The application layer is stateless, and the database layer is read-heavy with occasional writes. Which design best meets the requirement for elasticity and cost efficiency?

Question 43hardmultiple choice
Read the full Cloud Architecture and Design explanation →

A company runs a critical application on a cloud VM that must achieve a 99.99% monthly uptime SLA. The VM is deployed in a single availability zone. The current architecture has no redundancy. What is the most effective design change to meet the SLA requirement?

Question 44easymultiple choice
Read the full Cloud Architecture and Design explanation →

A cloud architect is selecting a deployment model for a workload that has strict data sovereignty requirements; data must remain within the company's on-premises data center. Which cloud deployment model should be chosen?

Question 45mediummultiple choice
Read the full Cloud Architecture and Design explanation →

A company is designing a disaster recovery plan for its cloud infrastructure. The primary site is in US-East, and the DR site is in US-West. The RPO is 15 minutes, and the RTO is 2 hours. Which replication strategy best meets these requirements at the lowest cost?

Question 46hardmultiple choice
Read the full Cloud Architecture and Design explanation →

An organization uses a cloud-based infrastructure with multiple VPCs peered together. The security team notices that traffic between VPCs is not being inspected by the central firewall. What design change should be implemented to ensure all inter-VPC traffic passes through a centralized firewall?

Question 47easymultiple choice
Read the full Cloud Architecture and Design explanation →

A cloud architect needs to choose a compute service for a batch processing job that runs once a day and takes about 30 minutes. The job is CPU-intensive and can tolerate interruptions. Which compute option is the most cost-effective?

Question 48mediummulti select
Read the full Cloud Architecture and Design explanation →

Which TWO of the following are benefits of a multi-cloud strategy? (Select exactly two.)

Question 49hardmulti select
Read the full NAT/PAT explanation →

Which THREE of the following are key considerations when designing a cloud-native application for high availability? (Select exactly three.)

Question 50easymulti select
Read the full Cloud Architecture and Design explanation →

Which TWO of the following are characteristics of a hybrid cloud deployment? (Select exactly two.)

Question 51mediummultiple choice
Read the full NAT/PAT explanation →

A cloud architect reviews the above IAM policy attached to a user. What is the effect of this policy on the user's ability to stop or terminate instances?

Exhibit

Refer to the exhibit.

```
{
  "PolicyDocument": {
    "Version": "2012-10-17",
    "Statement": [
      {
        "Effect": "Allow",
        "Action": [
          "ec2:StopInstances",
          "ec2:StartInstances"
        ],
        "Resource": "arn:aws:ec2:us-east-1:111122223333:instance/*",
        "Condition": {
          "StringEquals": {
            "ec2:ResourceTag/Environment": "production"
          }
        }
      },
      {
        "Effect": "Deny",
        "Action": [
          "ec2:TerminateInstances"
        ],
        "Resource": "*"
      }
    ]
  }
}
```
Question 52hardmultiple choice
Read the full Cloud Architecture and Design explanation →

A company runs an e-commerce platform on a public cloud. The architecture consists of a front-end load balancer, a web server tier, and an RDS database. The web servers are in an auto-scaling group across two availability zones. The database is a single Multi-AZ deployment. After a recent traffic surge, the web servers scaled but the database CPU utilization reached 90%, causing slow page loads. The database is a db.r5.large instance with 16 GB RAM and 2 vCPUs. The company expects double the traffic during the upcoming holiday season. The budget is limited. Which action should the cloud architect take to address the database bottleneck while minimizing cost?

Question 53mediummultiple choice
Read the full Cloud Architecture and Design explanation →

A company is migrating a monolithic application to microservices on a cloud platform. The current application uses a single relational database. The migration plan involves decomposing the application into several services, each with its own database (polyglot persistence). One service handles high-volume time-series data, another handles user profiles, and a third handles transactions. The architect must ensure data consistency across services for user profile updates that affect other services. Which approach should be used to maintain data consistency without tight coupling?

Question 54mediummultiple choice
Read the full Cloud Architecture and Design explanation →

A company uses a cloud provider's container orchestration service (e.g., EKS, AKS, GKE) to run a set of microservices. The current cluster uses three worker nodes, each of size m5.large (2 vCPU, 8 GB RAM). The operations team notices that CPU utilization on the worker nodes averages 80% during peak hours, and some pods are being evicted due to resource pressure. The team wants to ensure that the cluster can handle a 50% increase in traffic without performance degradation. Which action should the cloud architect take?

Question 55hardmultiple choice
Study the full ACL explanation →

A company is designing a cloud network architecture for a three-tier application. The web tier must be accessible from the internet, the application tier should only be accessible from the web tier, and the database tier should only be accessible from the application tier. The company uses a single VPC with multiple subnets. The security team requires that all traffic between tiers be encrypted in transit. The architect proposes using security groups and network ACLs. Which combination of security group rules meets these requirements while following the principle of least privilege?

Question 56mediummultiple choice
Read the full Cloud Architecture and Design explanation →

A company operates a hybrid cloud environment with on-premises servers and a public cloud provider. They use AWS for compute and storage. Their application requires low-latency access to on-premises databases. They set up a Direct Connect link between their data center and AWS. Recently, users report slow application performance. Cloud engineers notice increased latency on the Direct Connect link. The on-premises network team confirms no issues with their internal network. The application uses jumbo frames on the on-premises side for optimized performance. The virtual interface on the AWS side is configured with a default MTU of 1500. Which of the following is the MOST likely cause of the increased latency?

Question 57easymulti select
Read the full Cloud Architecture and Design explanation →

A cloud architect is designing a multi-tier application that must remain available during a single Availability Zone failure. Which TWO design principles should the architect apply?

Question 58mediummultiple choice
Read the full Cloud Architecture and Design explanation →

Refer to the exhibit. An IAM policy is attached to a group that includes engineers. An engineer attempts to start a stopped EC2 instance that has tags {Environment: development, Project: alpha}. What will happen?

Exhibit

Refer to the exhibit.

```
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ec2:DescribeInstances",
        "ec2:StartInstances",
        "ec2:StopInstances"
      ],
      "Resource": "arn:aws:ec2:us-east-1:123456789012:instance/*",
      "Condition": {
        "StringEquals": {
          "ec2:ResourceTag/Environment": "production"
        }
      }
    },
    {
      "Effect": "Deny",
      "Action": "ec2:TerminateInstances",
      "Resource": "*"
    }
  ]
}
```
Question 59hardmultiple choice
Open the full BGP breakdown →

A cloud architect manages a hybrid cloud environment where on-premises workloads are being migrated to a public cloud provider. The company uses a cloud-native container orchestration platform (e.g., Amazon EKS) for microservices. Recently, a critical application experienced intermittent connectivity failures between microservices during peak hours. The architect observes that the Kubernetes cluster uses a Calico network plugin with BGP peering to on-premises routers. The cluster nodes are spread across three Availability Zones, and the application pods communicate across zones. The architect also notes that the BGP session between the cluster and on-premises routers uses a single physical interface per node, and the on-premises routers have equal-cost multipath (ECMP) configured for the cluster node IPs. During peak hours, the on-premises routers experience high CPU utilization, and some BGP flaps occur. Which of the following is the MOST effective solution to improve connectivity reliability?

Practice tests

Scored 10-question sessions with instant feedback and explanations.

CV0-004 Practice Test 1 — 10 Questions→CV0-004 Practice Test 2 — 10 Questions→CV0-004 Practice Test 3 — 10 Questions→CV0-004 Practice Test 4 — 10 Questions→CV0-004 Practice Test 5 — 10 Questions→CV0-004 Practice Exam 1 — 20 Questions→CV0-004 Practice Exam 2 — 20 Questions→CV0-004 Practice Exam 3 — 20 Questions→CV0-004 Practice Exam 4 — 20 Questions→Free CV0-004 Practice Test 1 — 30 Questions→Free CV0-004 Practice Test 2 — 30 Questions→Free CV0-004 Practice Test 3 — 30 Questions→CV0-004 Practice Questions 1 — 50 Questions→CV0-004 Practice Questions 2 — 50 Questions→CV0-004 Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Operations and SupportCloud Architecture and DesignSecurityDeploymentTroubleshooting

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Cloud Architecture and Design setsAll Cloud Architecture and Design questionsCV0-004 Practice Hub