CCNA Clp Operations Support Questions

75 of 140 questions · Page 1/2 · Clp Operations Support topic · Answers revealed

1
MCQeasy

A company uses multiple AWS accounts. The cloud team wants to allocate costs to specific business units. What should they implement?

A.Cost Explorer
B.AWS Budgets
C.AWS Organizations
D.Tagging strategy
AnswerD

Tags allow cost tracking by business unit.

Why this answer

A tagging strategy with tags like environment, team, and project enables cost allocation.

2
Multi-Selectmedium

A cloud administrator is configuring cost management for a multi-account AWS environment. The company wants to allocate costs by department and project. Which TWO steps should the administrator take to achieve this? (Choose two.)

Select 2 answers
A.Enable AWS Cost Explorer
B.Create separate AWS accounts for each department
C.Activate cost allocation tags in the Billing console
D.Use AWS Budgets to set spending limits
E.Apply tags to resources such as Department and Project
AnswersC, E

Must activate tags for them to appear in reports.

Why this answer

Tagging resources and enabling cost allocation tags in AWS allow cost breakdown by department and project. AWS Cost Explorer can then filter by these tags.

3
MCQeasy

A cloud engineer is implementing a tagging strategy for cost allocation. Which tags should be applied to resources to track costs by business unit and environment?

A.BusinessUnit and Environment
B.Owner and Department
C.Project and Application
D.Location and Region
AnswerA

These tags directly support cost allocation by business unit and environment (e.g., dev, prod).

Why this answer

Tags like 'BusinessUnit' and 'Environment' are commonly used for cost allocation and reporting. Tags must be applied consistently for accurate cost tracking.

4
Multi-Selecthard

A cloud engineer is troubleshooting a performance issue in a microservices application. Which THREE tools can help with distributed tracing and latency diagnosis?

Select 3 answers
A.AWS CloudTrail
B.GCP Cloud Trace
C.Azure Application Insights
D.AWS X-Ray
E.VPC Flow Logs
AnswersB, C, D

Cloud Trace provides tracing for GCP.

Why this answer

AWS X-Ray, Azure Application Insights, and GCP Cloud Trace are distributed tracing services.

5
MCQeasy

A cloud administrator needs to monitor CPU utilization for a fleet of EC2 instances and receive notifications when utilization exceeds 80%. Which AWS service should be used to create a metric alarm that triggers an SNS notification?

A.AWS Config
B.AWS Trusted Advisor
C.Amazon CloudWatch
D.AWS CloudTrail
AnswerC

CloudWatch provides metrics and alarm functionality, including SNS notifications.

Why this answer

Amazon CloudWatch is the AWS service for monitoring metrics and creating alarms. CloudWatch Alarms can be configured to trigger SNS notifications when a metric crosses a threshold.

6
MCQmedium

A cloud architect is designing a disaster recovery plan. The application requires a Recovery Time Objective (RTO) of 15 minutes and a Recovery Point Objective (RPO) of 1 hour. Which strategy best meets these requirements?

A.Daily snapshots replicated to another region
B.Scheduled cross-region snapshots every 6 hours
C.Backup to tape and store offsite
D.Continuous replication to a warm standby site
AnswerD

Continuous replication ensures RPO within minutes, and warm standby allows fast failover meeting RTO.

Why this answer

Continuous replication to a standby environment (pilot light or warm standby) can achieve low RTO and RPO. Snapshot-based with daily backups has RPO of 1 day. Cross-region replication of snapshots can have RPO hours.

Warm standby with continuous replication meets both RTO and RPO.

7
Multi-Selecthard

A cloud engineer is designing an auto-scaling solution for a stateful application. The scaling policy must ensure that instances are properly drained before termination and that new instances are fully initialized before receiving traffic. Which THREE features should be used? (Choose THREE.)

Select 3 answers
A.Scheduled scaling actions
B.Elastic Load Balancer target group health checks
C.Auto-scaling group launch configurations with user data
D.Cooldown periods
E.Lifecycle hooks
AnswersB, C, E

Health checks ensure instances are healthy before receiving traffic from the load balancer.

Why this answer

Lifecycle hooks allow custom actions during scale-in (draining) and scale-out (initialization). Health checks ensure instances are healthy before receiving traffic. Cooldown periods prevent rapid scaling.

Elastic Load Balancer target group ensures traffic distribution. CloudWatch alarms trigger scaling.

8
Multi-Selecteasy

A company uses AWS CloudFormation to manage infrastructure. The operations team needs to be alerted when a stack update fails. Which TWO methods can be used to send notifications? (Choose two.)

Select 2 answers
A.Use AWS Trusted Advisor to monitor CloudFormation
B.Enable CloudTrail to log stack updates and send logs to CloudWatch Logs
C.Configure CloudFormation to send events to an SNS topic
D.Use AWS Config to detect stack failures
E.Create a CloudWatch Events rule that matches CloudFormation stack update failure events
AnswersC, E

SNS can notify subscribers of stack events.

Why this answer

CloudFormation can use SNS topics for stack events. CloudWatch Events (now Amazon EventBridge) can also match stack update failures and trigger notifications.

9
MCQhard

A company is migrating on-premises workloads to a public cloud. The disaster recovery plan requires an RTO of 15 minutes and an RPO of 5 minutes. Which replication strategy should be used for a critical database?

A.Weekly full backups with daily incrementals stored in the same region
B.Continuous replication to a standby instance in another region
C.Scheduled snapshots every hour with cross-region copy
D.Daily snapshots replicated cross-region
AnswerB

Continuous replication can achieve near-zero RPO and fast failover, meeting the requirements.

Why this answer

Continuous replication with synchronous or near-synchronous updates can achieve very low RPO (minutes) and low RTO. Cross-region replication may have higher latency, and snapshot-based backup typically has higher RPO and RTO.

10
MCQeasy

A cloud administrator needs to monitor CPU utilization of a group of EC2 instances and automatically add more instances when utilization exceeds 80% for 5 minutes. Which AWS service should the administrator use to define this scaling policy?

A.AWS Config
B.AWS CloudTrail
C.AWS Auto Scaling
D.AWS Systems Manager
AnswerC

Auto Scaling manages scaling policies including step scaling.

Why this answer

Auto Scaling groups can use step scaling policies to add instances based on CloudWatch alarms. The scenario describes a step scaling policy triggered by a CloudWatch alarm on CPU utilization.

11
MCQhard

A company is planning its disaster recovery strategy for a critical application. The application runs on EC2 with data in EBS volumes. The RTO is 2 hours and RPO is 15 minutes. Which approach meets these requirements most cost-effectively?

A.Hourly AMI backups to the same region
B.Pilot light with replication every 30 minutes
C.Cross-region continuous replication of EBS volumes
D.Daily snapshots to the same region
AnswerC

Continuous replication provides low RPO and cross-region failover meets RTO.

Why this answer

Continuous replication to another region achieves a low RPO (minutes) and can be failed over quickly to meet RTO.

12
MCQeasy

A company wants to receive alerts when their cloud costs exceed a budget threshold. Which cost management feature should they use?

A.Cost anomaly detection alerts
B.Rightsizing recommendations
C.Reserved Instance planning
D.Tagging strategy
AnswerA

These alerts notify when costs exceed thresholds.

Why this answer

Cost anomaly detection alerts notify when spending exceeds defined thresholds.

13
MCQmedium

A company wants to reduce costs by identifying underutilized EC2 instances and receiving recommendations to downsize them. Which AWS service provides rightsizing recommendations based on historical utilization metrics?

A.AWS Cost Explorer
B.AWS Trusted Advisor
C.AWS Auto Scaling
D.AWS Compute Optimizer
AnswerD

Compute Optimizer uses machine learning to recommend optimal instance types.

Why this answer

AWS Compute Optimizer analyzes utilization and provides recommendations to optimize instance types.

14
MCQmedium

A cloud application is experiencing intermittent high latency. The operations team has enabled distributed tracing using AWS X-Ray but is unable to pinpoint the source. Which additional step should the team take to identify the root cause of the latency?

A.Enable VPC Flow Logs to analyze network traffic patterns.
B.Increase the auto-scaling group size to handle the load.
C.Analyze traces in X-Ray to identify which service segment has the highest duration.
D.Examine application logs on each virtual machine.
AnswerC

Traces show timing of each service call; high duration segments indicate the source of latency.

Why this answer

Distributed tracing (like X-Ray) provides end-to-end visibility of requests. To pinpoint the source of latency, the team should analyze trace data to identify which service or segment is taking the most time. Enabling VPC Flow Logs, application logs, or scaling out would not directly identify the latency source within the application.

15
MCQhard

A company uses AWS Systems Manager Patch Manager to automate patching. They need to ensure that patches are applied during a specific maintenance window with minimal risk of failure. Which additional step should be taken to allow quick recovery if a patch causes issues?

A.Use AWS CloudFormation to re-create the instance
B.Create an AMI snapshot before applying patches
C.Configure a rollback procedure using AWS Systems Manager State Manager
D.Enable termination protection on the instances
AnswerB

An AMI snapshot allows you to revert the instance to its pre-patch state.

Why this answer

Creating an AMI snapshot or instance backup before patching enables rollback if a patch fails. The other options do not directly support rollback.

16
MCQhard

A cloud engineer needs to ensure that an auto-scaling group does not launch new instances immediately after a scale-in event to allow metrics to stabilize. Which feature should they configure?

A.Health checks
B.Scheduled scaling
C.Lifecycle hooks
D.Cooldown periods
AnswerD

Cooldown periods pause scaling activities after a scaling event.

Why this answer

Cooldown periods prevent premature scaling by allowing metrics to stabilize.

17
MCQhard

A cloud administrator is configuring auto-scaling for a batch processing application that uses an SQS queue. The number of jobs varies unpredictably. Which metric is most appropriate for scaling the worker instances?

A.Memory utilization of workers
B.SQS queue depth (ApproximateNumberOfMessages)
C.Network throughput
D.CPU utilization of workers
AnswerB

Queue depth directly indicates workload pending, ideal for scaling workers.

Why this answer

SQS queue depth (approximate number of messages) directly indicates the backlog of work and is a common metric for scaling workers.

18
Multi-Selecthard

A cloud team is planning a disaster recovery drill for their application running in a public cloud. They want to validate that the recovery process meets the defined RTO and RPO. Which THREE activities should be included in the DR drill? (Select THREE.)

Select 3 answers
A.Review cost optimization recommendations for the DR environment.
B.Measure the time taken to restore services from backups.
C.Run chaos engineering experiments to introduce random failures.
D.Perform a failover to the DR site and verify application functionality.
E.Check the timestamp of the most recent backup or replica to ensure data is within RPO.
AnswersB, D, E

This tests whether RTO is met.

Why this answer

Key DR drill activities include verifying the recovery time, checking data freshness to validate RPO, and conducting failover testing to ensure the process works. Chaos engineering is for resilience testing but not specifically for RTO/RPO validation.

19
MCQmedium

A cloud administrator is configuring automated scaling for a web application. The scaling policy should add two instances when CPU utilization exceeds 80% for five minutes. Which type of scaling policy should they implement?

A.Scheduled scaling
B.Dynamic scaling
C.Target tracking scaling
D.Step scaling
AnswerD

Step scaling adds or removes instances based on breach magnitude.

Why this answer

Step scaling allows adding a specific number of instances based on a metric threshold breach.

20
MCQmedium

A cloud operations team is configuring auto-scaling for a web application. They want to add two instances when CPU utilization exceeds 80% for five minutes, and remove one instance when CPU drops below 30% for five minutes. Which type of scaling policy should they use?

A.Simple scaling
B.Scheduled scaling
C.Target tracking scaling
D.Step scaling
AnswerD

Step scaling policies allow adding/removing specific instance counts based on metric thresholds.

Why this answer

Step scaling allows adding or removing a specific number of instances based on the size of the alarm breach.

21
MCQmedium

A cloud operations team is implementing a tagging strategy for cost attribution. They need to track costs by environment (dev, test, prod), project, and team. Which approach should they use?

A.Use resource groups to organize resources by environment
B.Apply tags such as Environment, Project, and Team to all resources
C.Use resource naming conventions to encode environment and project
D.Create separate cloud accounts for each environment
AnswerB

Tags allow flexible cost allocation and reporting across cloud providers.

Why this answer

Tags are key-value pairs that can be applied to resources. Using a consistent set of tags for all resources enables cost breakdown by those dimensions. Resource groups are Azure-specific and not universal.

Naming conventions are less reliable. Separate accounts add overhead.

22
Multi-Selecthard

A company uses AWS and wants to implement structured logging for their applications to improve queryability. Which THREE practices should they follow? (Select THREE.)

Select 3 answers
A.Send all logs to a single S3 bucket without partitioning
B.Include timestamp, severity, and request ID in each log entry
C.Use a consistent schema across all services
D.Write logs in JSON format
E.Encrypt log files at rest using AWS KMS
AnswersB, C, D

These fields enable filtering and correlation.

Why this answer

Structured logging uses JSON format, includes key fields, and uses consistent schemas.

23
MCQeasy

A company is designing a disaster recovery plan for a critical database that requires a recovery point objective (RPO) of 1 minute and a recovery time objective (RTO) of 15 minutes. The database runs on a cloud virtual machine. Which backup strategy should the administrator implement to meet these requirements?

A.Take daily snapshots and store them in the same region.
B.Perform weekly backups to tape and store offsite.
C.Use cross-region snapshot replication with hourly snapshots.
D.Implement continuous replication to a standby instance in a different region.
AnswerD

Continuous replication provides near-zero RPO and fast failover for low RTO.

Why this answer

Continuous replication to a standby instance in a different region can achieve RPO of 1 minute (near-zero data loss) and RTO of 15 minutes by failing over quickly, whereas snapshot-based replication would have higher RPO.

24
Multi-Selecthard

A company is planning a disaster recovery testing strategy. They want to validate both RTO and RPO without impacting production. Which THREE approaches should they consider? (Choose THREE.)

Select 3 answers
A.Perform regular backup restoration tests
B.Conduct scheduled DR drills in a separate environment
C.Run load tests against production systems
D.Use chaos engineering to inject failures in production
E.Enable continuous monitoring of production metrics
AnswersA, B, D

Restoring backups verifies data integrity and helps measure RTO/RPO.

Why this answer

Scheduled DR drills with isolated environments validate recovery procedures. Chaos engineering tests resilience. Backup verification ensures data integrity.

Continuous monitoring does not test recovery. Load testing is for performance.

25
MCQhard

A cloud architect is designing a disaster recovery plan for a critical application with an RTO of 15 minutes and an RPO of 1 minute. The application runs on AWS EC2 instances with data stored on EBS volumes. Which replication strategy best meets these requirements?

A.EBS snapshots replicated to another region every hour
B.Continuous replication using AWS Elastic Disaster Recovery
C.Daily AMI backups stored in a different region
D.Cross-region replication of S3 buckets
AnswerB

Continuous replication provides low RPO (seconds to minutes) and fast RTO.

Why this answer

Continuous replication (e.g., using AWS Elastic Disaster Recovery) provides near-synchronous replication with very low RPO. Snapshot-based replication has higher RPO. Cross-region replication for S3 is for object storage.

26
MCQeasy

A cloud engineer needs to apply security patches to a group of Linux VMs running in Azure. The engineer wants to automate the patching process and ensure that patches are applied during a predefined maintenance window. Which Azure service should be used?

A.Azure Security Center
B.Azure Policy
C.Azure Backup
D.Azure Update Management
AnswerD

Update Management provides automated patching with maintenance windows.

Why this answer

Azure Update Management (part of Azure Automation) allows automated patching with scheduled maintenance windows.

27
Multi-Selectmedium

A cloud operations team is implementing automated patching for Linux servers using AWS Systems Manager Patch Manager. They need to ensure patches are applied with minimal disruption and have a rollback plan. Which TWO actions should they take? (Select TWO.)

Select 2 answers
A.Create AMI snapshots of instances before patching
B.Configure a maintenance window for the patching operation
C.Enable auto-scaling to replace instances if patching fails
D.Use AWS Config to verify patch compliance after patching
E.Set the patch baseline to automatically approve all patches
AnswersA, B

Snapshots allow restoring the pre-patch state if needed.

Why this answer

Using maintenance windows ensures patches are applied during off-peak hours. Creating AMI snapshots before patching allows rollback if a patch causes issues.

28
MCQeasy

A cloud administrator needs to set up a centralized logging solution in GCP to collect logs from multiple projects. Which GCP service should be used?

A.GCP Cloud Monitoring
B.GCP Cloud Logging
C.GCP Cloud Functions
D.GCP Cloud Audit Logs
AnswerB

Cloud Logging ingests and stores logs from various sources.

Why this answer

GCP Cloud Logging (formerly Stackdriver Logging) is the centralized log management service. Cloud Monitoring is for metrics and alerting.

29
MCQhard

A cloud administrator is designing an auto-scaling policy for a web application that experiences predictable traffic spikes during business hours. The administrator wants to ensure that the application scales out before the start of business hours to avoid performance degradation. Which scaling policy type should be used?

A.Simple scaling
B.Step scaling
C.Scheduled scaling
D.Target tracking scaling
AnswerC

Scheduled scaling allows scaling at specific times, such as before business hours.

Why this answer

Scheduled scaling allows scaling actions at specific times (e.g., before business hours).

30
Multi-Selectmedium

A cloud operations team is preparing for a disaster recovery drill for a multi-tier application. Which TWO activities are essential for verifying the effectiveness of the DR plan? (Select TWO.)

Select 2 answers
A.Verify the RTO and RPO are achieved
B.Review the incident response plan
C.Update the asset inventory
D.Perform a failover test to the DR site
E.Conduct a security audit
AnswersA, D

Testing RTO/RPO confirms the recovery meets business continuity targets.

Why this answer

Failover testing validates that the DR site takes over correctly, and RTO/RPO verification ensures the recovery meets business requirements. Updating documentation is important but not a verification activity.

31
Multi-Selecthard

A cloud engineer is configuring auto-scaling for a web application that experiences variable traffic. The application runs on virtual machines and uses a message queue for incoming requests. The scaling policy must ensure that the average CPU utilization stays around 60% and that the queue depth does not exceed 100 messages. Which THREE metrics should the engineer use for the scaling policies? (Choose three.)

Select 3 answers
A.Network throughput (bytes in/out)
B.CPU utilization
C.SQS queue depth (message count)
D.Memory utilization
E.Custom application metrics (e.g., request latency)
AnswersB, C, E

CPU utilization is used for target tracking to maintain 60%.

Why this answer

The required metrics are CPU utilization, SQS queue depth (message queue length), and custom application metrics can be used for additional application-specific scaling. Memory and network throughput are not specified as requirements.

32
MCQeasy

A cloud architect needs to centrally manage logs from multiple AWS accounts. Which service should be used to aggregate logs into a single view?

A.AWS CloudWatch Logs
B.AWS CloudTrail
C.AWS Config
D.AWS X-Ray
AnswerA

CloudWatch Logs aggregates logs from multiple sources.

Why this answer

AWS CloudWatch Logs can aggregate log data from multiple accounts into a single log group for centralized monitoring.

33
MCQmedium

A cloud engineer wants to be notified when the average CPU utilization of an auto-scaling group exceeds 80% for 5 minutes. Which alerting mechanism should be used?

A.AWS Systems Manager OpsCenter
B.AWS Config rule
C.AWS Trusted Advisor
D.AWS CloudWatch Alarm
AnswerD

Alarms evaluate metric thresholds and trigger notifications.

Why this answer

CloudWatch Alarms can monitor metrics and trigger actions when a threshold is breached for a specified period.

34
MCQeasy

A cloud architect is designing a monitoring solution for a web application. Which service should they use to collect and visualize metrics such as CPU utilization and network throughput?

A.AWS CloudTrail
B.AWS CloudWatch
C.AWS Config
D.AWS Trusted Advisor
AnswerB

CloudWatch provides metrics collection and dashboards.

Why this answer

AWS CloudWatch is the service for collecting and visualizing metrics on AWS.

35
MCQmedium

A company wants to implement a disaster recovery strategy with an RTO of 15 minutes and an RPO of 1 hour for a critical application running on AWS. Which approach would best meet these requirements?

A.Continuous replication to a warm standby environment with automated failover
B.Backup to AWS S3 and restore using AWS CloudFormation
C.Cross-region replication with a read replica and manual promotion
D.Daily snapshots of EBS volumes to another region
AnswerA

Continuous replication achieves RPO of seconds to minutes, and automated failover achieves RTO of minutes.

Why this answer

Continuous replication to a standby environment with automatic failover provides the lowest RTO and RPO, meeting the requirements.

36
MCQmedium

An organization wants to automate patching of their EC2 instances running Windows Server. They need to schedule patching during a maintenance window and ensure minimal downtime. Which AWS service should they use?

A.AWS OpsWorks
B.Amazon Inspector
C.AWS CloudFormation
D.AWS Systems Manager Patch Manager
AnswerD

Patch Manager automates OS patching and integrates with maintenance windows.

Why this answer

AWS Systems Manager Patch Manager automates patching and can be scheduled via maintenance windows.

37
Multi-Selectmedium

A cloud operations team wants to implement automated patching for their fleet of virtual machines. They need to minimize disruption during business hours and ensure that critical security patches are applied within 48 hours of release. The team also requires a rollback plan in case a patch causes issues. Which THREE actions should the team take? (Choose three.)

Select 3 answers
A.Define maintenance windows that occur during off-peak hours.
B.Document rollback procedures to revert patches if necessary.
C.Disable automatic updates to maintain control over patch deployment.
D.Enable automated patching using a tool such as AWS Systems Manager Patch Manager.
E.Apply all patches immediately upon release regardless of maintenance windows.
AnswersA, B, D

Maintenance windows minimize disruption by scheduling patching during low-usage periods.

Why this answer

Automated patching requires defining maintenance windows to avoid disruption, enabling automated patching tools like AWS Systems Manager Patch Manager, and having a rollback procedure in place. Testing patches in a staging environment first is wise but not a direct action for the described requirements.

38
MCQhard

During a scheduled DR drill, the cloud team fails over a critical application to the secondary region. After the drill, the application is failed back. The application's RTO was 2 hours, but the actual failover took 2.5 hours. Which action should be taken to improve future failover times?

A.Increase the frequency of DR drills
B.Increase the bandwidth between regions for data replication
C.Automate the failover process using infrastructure as code and runbooks
D.Reduce the RTO to 1 hour to force faster execution
AnswerC

Automation reduces manual intervention and speeds up failover.

Why this answer

Failing the RTO indicates the process is not meeting the target. Automating the failover process with scripts or runbooks reduces manual steps and time. Rehearsing the process more often also helps but automation directly reduces time.

39
MCQmedium

A company uses GCP and wants to implement alerting based on anomaly detection for their Compute Engine instances. Which GCP service should they use?

A.Cloud Logging
B.Cloud Functions
C.Cloud Audit Logs
D.Cloud Monitoring
AnswerD

Cloud Monitoring provides alerting policies with anomaly detection capabilities.

Why this answer

GCP's Cloud Monitoring (formerly Stackdriver) includes alerting policies that support anomaly detection. Cloud Logging is for logs. Cloud Audit Logs for auditing.

Cloud Functions can be triggered but not directly for anomaly detection.

40
MCQmedium

A company wants to ensure that logs from their application are easily searchable and structured for analysis. Which logging format should be recommended?

A.JSON format
B.CSV format
C.Binary format
D.Plain text format
AnswerA

JSON is a standard structured format that integrates well with log analysis tools.

Why this answer

Structured logging in JSON format allows for efficient querying and parsing.

41
MCQmedium

A cloud administrator needs to centralize logs from multiple AWS accounts and on-premises servers for security analysis. Which approach should be used?

A.Create a Lambda function that copies logs from each account to an S3 bucket in a management account
B.Enable VPC Flow Logs in each account and store them locally
C.Use AWS Config rules to aggregate logs into a single account
D.Configure each AWS account's CloudTrail to deliver logs to a central S3 bucket, and use the CloudWatch agent on on-premises servers to send logs to a central CloudWatch Logs group
AnswerD

This centralizes logs from multiple sources in one place.

Why this answer

Centralized logging can be achieved by sending logs from multiple sources to a central Amazon S3 bucket and using CloudWatch Logs for querying. CloudTrail logs API calls from AWS accounts, and on-premises logs can be sent via the CloudWatch agent.

42
MCQmedium

A cloud engineer is configuring an auto-scaling group and wants to add instances based on a sustained increase in CPU utilization above 80% for 5 minutes. Which scaling policy type should be used?

A.Target tracking scaling policy
B.Step scaling policy
C.Simple scaling policy
D.Scheduled scaling policy
AnswerB

Step scaling policies allow you to define specific adjustments based on the magnitude of the metric breach.

Why this answer

Step scaling policies allow you to define steps that respond to metric breaches with specific actions, such as adding a certain number of instances when CPU exceeds 80% for a specified period.

43
MCQmedium

A cloud administrator is configuring an auto-scaling group for a stateless application. The scaling policy should add 2 instances when the average CPU utilization exceeds 80% for 5 minutes, and remove 1 instance when CPU drops below 40% for 5 minutes. Which type of scaling policy should be used?

A.Simple scaling policy
B.Scheduled scaling policy
C.Step scaling policy
D.Target tracking scaling policy
AnswerC

Step scaling can define different adjustments for different metric ranges.

Why this answer

Step scaling allows specifying different scaling adjustments based on the size of the alarm breach. It can add a specific number of instances for a high CPU breach and remove a specific number for a low CPU breach.

44
MCQmedium

A cloud engineer needs to implement a solution to automatically scale an application based on the number of messages in an SQS queue. The goal is to keep the queue length short. Which Auto Scaling policy type should the engineer use?

A.Step scaling
B.Simple scaling
C.Scheduled scaling
D.Target tracking scaling
AnswerD

Target tracking keeps the metric near a target value (e.g., 100 messages).

Why this answer

Target tracking scaling maintains a target metric value (e.g., queue length), adjusting capacity automatically.

45
MCQhard

A company uses AWS and wants to analyze cost trends and identify the top services contributing to monthly spending. Which AWS tool provides a pre-built dashboard for this purpose?

A.AWS Trusted Advisor
B.AWS Cost Explorer
C.AWS Compute Optimizer
D.AWS Budgets
AnswerB

Cost Explorer offers customizable dashboards and reports for cost analysis.

Why this answer

AWS Cost Explorer provides pre-built reports and dashboards for cost trend analysis.

46
Multi-Selectmedium

An organization is using Azure and wants to implement a patch management strategy with minimal disruption. Which TWO actions should they take? (Select TWO.)

Select 2 answers
A.Implement rollback procedures
B.Define maintenance windows for patching
C.Use only manual patching
D.Patch all servers simultaneously
E.Disable automatic updates on all VMs
AnswersA, B

Rollback procedures allow reverting patches if they cause problems.

Why this answer

Maintenance windows schedule updates during low activity, and rollback procedures enable recovery if issues occur.

47
MCQeasy

Which GCP service provides centralized log management and analysis with the ability to create log-based metrics and alerts?

A.GCP Cloud Monitoring
B.GCP Cloud Audit Logs
C.GCP Cloud Trace
D.GCP Cloud Logging
AnswerD

Cloud Logging provides centralized log storage, querying, and alerting capabilities.

Why this answer

GCP Cloud Logging is the centralized logging service that supports log-based metrics and alerting.

48
MCQmedium

A cloud administrator wants to analyze network traffic to troubleshoot connectivity issues between VMs. Which feature should be enabled?

A.AWS CloudTrail
B.VPC Flow Logs
C.AWS X-Ray
D.AWS Config
AnswerB

Flow logs capture network traffic metadata.

Why this answer

VPC flow logs capture IP traffic information for network debugging.

49
MCQmedium

A cloud administrator is configuring an alert for an Azure virtual machine. The alert should trigger when the average CPU percentage exceeds 90% for more than 10 minutes. Which Azure service should be used to create this metric alert?

A.Azure Advisor
B.Azure Log Analytics
C.Azure Security Center
D.Azure Monitor Alerts
AnswerD

Azure Monitor Alerts can trigger on metric thresholds and aggregate over time.

Why this answer

Azure Monitor Alerts allow you to create metric alerts based on conditions like CPU percentage thresholds and evaluation periods.

50
MCQmedium

An organization uses GCP and wants to implement a tagging strategy to track costs by project and environment. Which GCP feature should be used to assign metadata to resources for cost attribution?

A.Annotations
B.Tags
C.Metadata
D.Labels
AnswerD

Labels are used to organize resources and enable cost breakdown.

Why this answer

GCP labels are key-value pairs used to organize and track resources for cost allocation.

51
MCQhard

A cloud administrator is troubleshooting a network connectivity issue between two subnets. They suspect a security group or NACL is blocking traffic. Which tool should they use to analyze the traffic flow?

A.AWS X-Ray
B.AWS CloudTrail
C.AWS Config
D.VPC Flow Logs
AnswerD

Flow logs record allowed/denied traffic for analysis.

Why this answer

VPC Flow Logs capture network traffic metadata, helping identify dropped packets.

52
MCQmedium

A cloud administrator is configuring an auto-scaling group for a web application. The application experiences predictable traffic spikes every weekday at 9 AM. Which scaling policy is most appropriate?

A.Step scaling with a cool-down period
B.Simple scaling with a 300-second cooldown
C.Target tracking scaling based on average CPU utilization
D.Scheduled scaling to add instances before 9 AM
AnswerD

Scheduled scaling handles predictable patterns by scaling in advance.

Why this answer

Scheduled scaling allows you to increase capacity at specific times. Target tracking and step scaling are reactive. Cooldown periods are settings within policies.

53
MCQhard

A company uses AWS and wants to verify that its disaster recovery plan meets the defined RTO and RPO objectives. Which type of testing should be performed to simulate a real failover scenario without impacting production?

A.Tabletop exercise
B.Chaos engineering
C.Full-scale DR drill
D.Partial failover test
AnswerC

Full-scale DR drill involves executing the failover plan to validate RTO/RPO without impacting production (using a sandbox or isolated environment).

Why this answer

A full-scale DR drill involves actually failing over to the DR environment to validate RTO/RPO without affecting production if isolated.

54
MCQmedium

A company needs to back up a critical database with a Recovery Point Objective (RPO) of 15 minutes and a Recovery Time Objective (RTO) of 2 hours. Which disaster recovery strategy should be implemented?

A.Weekly backups to an external tape library
B.Daily snapshots stored in the same region
C.Cold standby with hourly snapshots
D.Cross-region replication with a read replica
AnswerD

Continuous replication (e.g., MySQL cross-region replica) can achieve RPO of seconds/minutes and RTO within hours.

Why this answer

Continuous replication (such as using database replication) can achieve a very low RPO like 15 minutes.

55
MCQmedium

A company uses a multi-cloud strategy with workloads in AWS and Azure. The cloud team wants a centralized log management solution to correlate security events across both platforms. Which approach is most suitable?

A.Use AWS CloudWatch Logs with cross-account log groups
B.Deploy a third-party SIEM solution such as Splunk
C.Use GCP Cloud Logging with a log sink to BigQuery
D.Use Azure Log Analytics and forward AWS logs to it via an agent
AnswerB

A third-party SIEM can ingest logs from multiple cloud providers for centralized analysis.

Why this answer

Azure Log Analytics, AWS CloudWatch Logs, and GCP Cloud Logging each work only within their own cloud. A third-party SIEM like Splunk can aggregate logs from multiple clouds.

56
MCQmedium

A cloud operations team wants to analyze application performance and identify slow database queries. They need a distributed tracing solution. Which service should they use?

A.Amazon Inspector
B.AWS CloudTrail
C.Amazon CloudWatch Logs Insights
D.AWS X-Ray
AnswerD

X-Ray traces requests and helps pinpoint performance issues like slow queries.

Why this answer

AWS X-Ray provides distributed tracing to trace requests through applications and identify performance bottlenecks.

57
Multi-Selecthard

A company wants to implement a disaster recovery plan with minimal data loss and fast recovery. Which TWO strategies best achieve an RPO of minutes and RTO of hours?

Select 2 answers
A.Multi-site active-active
B.Pilot light environment
C.Cross-region replication of data
D.Backup and restore
E.Warm standby
AnswersB, C

Pilot light can be scaled up for recovery within hours.

Why this answer

Cross-region replication and pilot light can achieve low RPO and moderate RTO.

58
Multi-Selecteasy

A cloud engineer is required to set up cost allocation tags. Which THREE standard tag categories are commonly used for cost attribution? (Choose THREE)

Select 3 answers
A.Project
B.Instance type
C.Environment
D.Team
E.Region
AnswersA, C, D

Project tags attribute costs to specific projects.

Why this answer

Environment, project, and team are common tag categories for cost allocation.

59
Multi-Selectmedium

A cloud architect is designing a monitoring strategy to detect anomalies in application latency. Which TWO services can be used for anomaly detection?

Select 2 answers
A.AWS Trusted Advisor
B.AWS Config
C.AWS CloudTrail
D.AWS CloudWatch Anomaly Detection
E.Azure Monitor smart detection
AnswersD, E

CloudWatch has built-in anomaly detection for metrics.

Why this answer

CloudWatch anomaly detection and Azure Monitor smart detection can detect anomalies in metrics.

60
MCQeasy

An organization wants to track cloud costs by project and environment (development, testing, production). Which strategy should be employed for cost attribution?

A.Set up billing alerts for each account
B.Enable detailed billing reports with resource IDs
C.Implement a tagging strategy for resources with Environment and Project tags
D.Use AWS Budgets to set spending limits per project
AnswerC

Tags allow you to filter and group costs in cost reports.

Why this answer

Tagging resources with key-value pairs (e.g., Project, Environment) enables cost allocation reports. Billing alerts and budgets help manage costs but not attribution.

61
MCQeasy

A company uses AWS and wants to receive alerts when CPU utilization of an EC2 instance exceeds 90% for 10 minutes. Which AWS service should be used to create this alarm?

A.Amazon CloudWatch Alarms
B.AWS CloudTrail
C.AWS Config
D.AWS Trusted Advisor
AnswerA

CloudWatch Alarms monitor metrics and send notifications.

Why this answer

CloudWatch Alarms monitor metrics and trigger actions based on thresholds and duration.

62
MCQeasy

A cloud administrator needs to receive real-time notifications when CPU utilization on a critical web server exceeds 90% for more than 5 minutes. Which cloud monitoring service should be used to create the alert?

A.AWS CloudTrail
B.AWS Config
C.AWS Trusted Advisor
D.AWS CloudWatch Alarms
AnswerD

CloudWatch Alarms monitor metrics and trigger notifications based on threshold breaches.

Why this answer

CloudWatch Alarms (AWS) allow you to monitor metrics and trigger actions when thresholds are breached. Other options are not specific to AWS or not designed for alerting on metrics.

63
MCQmedium

A company is planning to migrate to AWS and wants to achieve the lowest possible compute costs for a steady-state workload that will run 24/7. Which purchasing option should be recommended?

A.Spot Instances
B.Reserved Instances
C.On-Demand Instances
D.Dedicated Hosts
AnswerB

Reserved Instances provide a discount for a 1- or 3-year term, ideal for steady-state.

Why this answer

Reserved Instances offer a significant discount over On-Demand for consistent usage. Spot Instances are cheaper but can be interrupted. Savings Plans are also cost-effective, but Reserved Instances are a traditional choice for steady-state.

64
MCQmedium

A cloud team wants to automatically scale an application based on the number of pending messages in an SQS queue. Which scaling policy type should be used?

A.Target tracking scaling
B.Scheduled scaling
C.Simple scaling
D.Step scaling
AnswerA

Target tracking can maintain a target value for the queue depth metric.

Why this answer

Target tracking scaling policy adjusts the number of instances to keep a specific metric at the target value, such as queue depth.

65
MCQhard

A company uses a hybrid cloud environment with workloads in AWS and on-premises. They want to use a single monitoring dashboard to view metrics from both environments. Which solution should they implement?

A.Deploy a third-party monitoring tool in AWS and replicate all logs to it
B.Set up a VPN connection and use VPC Flow Logs for on-premises traffic
C.Install the CloudWatch agent on on-premises servers and send metrics to CloudWatch, then create a CloudWatch dashboard
D.Use AWS CloudTrail to log on-premises activity
AnswerC

This allows unified monitoring from a single dashboard.

Why this answer

Amazon CloudWatch can collect metrics from on-premises servers using the CloudWatch agent, and from AWS services natively. A single CloudWatch dashboard can then display all metrics.

66
MCQeasy

A cloud engineer needs to collect and query log data from multiple GCP services in a centralized location. Which GCP service should be used for centralised log management?

A.GCP Cloud Audit Logs
B.GCP Cloud Monitoring
C.GCP Cloud Logging
D.GCP Cloud Storage
AnswerC

Cloud Logging centralizes logs from all GCP services.

Why this answer

GCP Cloud Logging (formerly Stackdriver Logging) allows centralized log collection and querying.

67
Multi-Selecthard

A cloud engineer is planning a disaster recovery drill for a critical application that spans multiple availability zones. The drill must validate RTO and RPO without affecting production. Which THREE actions should the engineer include? (Choose three.)

Select 3 answers
A.Perform a failover to the secondary environment using production data
B.Terminate production instances to simulate a disaster
C.Verify that the recovered data is consistent with the source data at the last replication point
D.Delete all backups to ensure they are not used during the drill
E.Monitor the time taken to complete the failover and recovery
AnswersA, C, E

Using a secondary environment avoids production impact.

Why this answer

Performing a failover in a non-production environment validates recovery steps. Monitoring recovery time measures RTO, and verifying data integrity checks RPO.

68
Multi-Selectmedium

A cloud engineer is troubleshooting a network connectivity issue between two subnets in a VPC. The engineer wants to capture and analyze traffic metadata to identify dropped packets. Which TWO tools can provide this information? (Select TWO.)

Select 2 answers
A.AWS X-Ray
B.Amazon CloudWatch Logs
C.AWS Network Firewall logs
D.AWS CloudTrail
E.VPC Flow Logs
AnswersC, E

Network Firewall logs provide detailed information about traffic that matches firewall rules, including dropped packets.

Why this answer

VPC Flow Logs capture metadata about IP traffic going to and from network interfaces. AWS X-Ray provides distributed tracing but for application-level requests, not raw network traffic. AWS CloudTrail logs API calls, not traffic.

69
MCQmedium

A company uses Azure Log Analytics to centralize logs from multiple subscriptions. The security team requires that logs be retained for seven years to meet compliance regulations. What should the administrator configure to meet this requirement?

A.Export logs to Azure Blob Storage and set a lifecycle management policy
B.Set the retention policy in the Log Analytics workspace to 2555 days
C.Enable Azure Sentinel
D.Create a log-based alert to notify when logs are about to expire
AnswerB

Log Analytics supports retention up to 7 years (2555 days) when configured.

Why this answer

Log Analytics workspaces allow setting retention policies up to 730 days (2 years) by default, but for longer retention, Azure Data Explorer or archive to Azure Storage with lifecycle management can be used. However, the question expects the correct answer as setting retention policy to 2555 days (7 years) is possible if workspace is configured for longer retention (up to 7 years with additional cost).

70
MCQeasy

A cloud administrator needs to receive real-time notifications when CPU utilization exceeds 90% on a production server. Which AWS service should be used to trigger an alert based on a metric threshold?

A.CloudWatch Alarms
B.Amazon SNS
C.AWS Config
D.AWS CloudTrail
AnswerA

CloudWatch Alarms monitor metrics and trigger actions based on defined thresholds.

Why this answer

CloudWatch Alarms monitor metrics and trigger actions when a threshold is breached. SNS is a notification channel, not a metric monitor. CloudTrail logs API calls, and Config tracks configuration changes.

71
MCQhard

A cloud engineer is configuring auto-scaling for a web application. The scaling policy should add 2 instances when CPU utilization exceeds 80% for 5 consecutive minutes and remove 1 instance when CPU drops below 50% for 10 minutes. Which type of scaling policy should they use?

A.Scheduled scaling policy
B.Target tracking scaling policy
C.Simple scaling policy
D.Step scaling policy
AnswerD

Step scaling allows defined steps (add/remove specific numbers) based on metric thresholds.

Why this answer

Step scaling allows adding or removing a specific number of instances based on the size of the alarm breach. Target tracking adjusts to maintain a target metric value. Simple scaling is older and less flexible.

Scheduled scaling is time-based.

72
MCQhard

A cloud operations team is implementing structured logging for better querying. They have decided to use JSON format. What is a key benefit of structured logging over unstructured logging?

A.Easier to read for humans
B.Enables querying specific fields
C.Reduced storage costs
D.Faster log ingestion
AnswerB

Structured logs allow field-level queries.

Why this answer

Structured logging (e.g., JSON) enables efficient querying and filtering of log data.

73
Multi-Selectmedium

A cloud architect is designing a monitoring solution for a serverless application. The architect needs to collect custom application metrics and set up anomaly detection alerts. Which TWO services should be used? (Select TWO.)

Select 2 answers
A.AWS Config
B.AWS CloudWatch
C.AWS CloudWatch Alarms with anomaly detection
D.AWS CloudTrail
E.AWS CloudWatch Logs
AnswersB, C

CloudWatch can store custom metrics via the PutMetricData API.

Why this answer

CloudWatch (AWS) can collect custom metrics, and CloudWatch Alarms with anomaly detection can trigger alerts when behavior deviates from normal patterns. CloudTrail is for API auditing, not metrics.

74
MCQmedium

A cloud administrator is troubleshooting network connectivity issues between two VPCs in AWS. The administrator wants to examine traffic flow logs to identify dropped packets. Which AWS feature provides detailed network traffic logs for VPCs?

A.AWS X-Ray
B.AWS CloudTrail
C.VPC Flow Logs
D.Amazon CloudWatch Logs
AnswerC

VPC Flow Logs capture information about IP traffic going to and from network interfaces.

Why this answer

VPC Flow Logs capture IP traffic information for network interfaces in a VPC.

75
MCQhard

A company uses AWS and wants to implement a disaster recovery plan with an RTO of 4 hours and RPO of 1 hour. They have a primary site in us-east-1 and a DR site in us-west-2. The application data is stored in Amazon RDS for MySQL. Which strategy meets both RTO and RPO with minimal data loss?

A.Use AWS Database Migration Service (DMS) for continuous replication to a separate RDS instance in us-west-2.
B.Create a cross-region read replica in us-west-2 and promote it during failover.
C.Export data to S3 using AWS Backup and restore in us-west-2.
D.Take daily automated snapshots of the RDS instance and copy them to us-west-2.
AnswerB

Cross-region read replicas provide low RPO and can be promoted quickly, meeting both RTO and RPO.

Why this answer

Cross-region read replicas for Amazon RDS provide asynchronous replication with a typical RPO of less than 5 minutes, easily meeting the 1-hour requirement. In a disaster, you can promote the replica to a primary instance within minutes, meeting the 4-hour RTO.

Page 1 of 2 · 140 questions totalNext →

Ready to test yourself?

Try a timed practice session using only Clp Operations Support questions.

CCNA Clp Operations Support Questions — Page 1 of 2 | Courseiva