746 お客様のコメント
クリック」
質問 1:
A company has ten cloud engineers working on different manual cloud deployments. In the past, engineers have had difficulty keeping deployments consistent. Which of the following is the best method to address this issue?
A. Service logging
B. Change ticketing
C. Deployment documentation
D. Configuration as code
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
A social networking company operates globally. Some users from Brazil and Argentina are reporting the following error: website address was not found. Which of the following is the most likely cause of this outage?
A. Client DNS misconfigutation
B. DNS server misconfiguration
C. Regional DNS provider outage
D. DNS propagation issues
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
A cloud administrator wants to provision a host with two VMs. The VMs require the following:
After configuring the servers, the administrator notices that during certain hours of the day, the performance heavily degrades. Which of the following is the best explanation?
A. The RAM on each VM is insufficient.
B. A higher number of processes occur at those times.
C. The host requires additional physical CPUs.
D. The storage is overutilized.
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
An engineer made a change to an application and needs to select a deployment strategy that meets the following requirements:
* Is simple and fast
* Can be performed on two Identical platforms
Which of the following strategies should the engineer use?
A. in-place
B. Rolling
C. Blue-green
D. Canary
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
A company hosts various containerized applications for business uses. A client reports that one of its routine business applications fails to load the web-based login prompt hosted in the company cloud.
INSTRUCTIONS
Click on each device and resource. Review the configurations, logs, and characteristics of each node in the architecture to diagnose the issue. Then, make the necessary changes to the WAF configuration to remediate the issue.
Web app 1
Web app 2
Web app 3
Web app 4
Client app
正解:
The issue is with Web app 1 (Finance application).
From the WAF logs, we can see that requests to https://webapp1.comptia.org/FIN/login.html are being blocked (Rule ID 1006). The rule is configured to block access to the finance application's login page. This corresponds to the reported issue of the web-based login prompt not loading.
To remediate the issue, the WAF configuration for Rule ID 1006 should be changed from "Block" to "Allow". This will enable the web-based login prompt to load for the client.
Additionally, the client app configuration indicates that the client laptop (IP 192.168.10.142) is trying to access the service, and the WAF logs show that requests from this IP are being blocked due to the current rule set. Changing the action for Rule ID 1006 will also ensure that legitimate attempts to access the login page from this IP are not blocked.
Steps for remediation:
Go to the WAF configuration.
Find Rule ID 1006 for the Finance application 1.
Change the action from "Block" to "Allow".
Save the changes.
Reference:
Web application firewall (WAF) configurations typically include rules that define which traffic should be allowed or blocked. Blocking legitimate traffic to login pages can prevent users from accessing the application, which seems to be the case here.
Client application configurations and WAF logs provide valuable insights into the source of the traffic and the rules that are affecting it. It's important to ensure that the rules align with the intended access policies for the application.
質問 6:
An organization's critical data was exfiltrated from a computer system in a cyberattack. A cloud analyst wants to identify the root cause and is reviewing the following security logs of a software web application:
"2021/12/18 09:33:12" "10. 34. 32.18" "104. 224. 123. 119" "POST / login.php?u=administrator&p=or%201%20=1"
"2021/12/18 09:33:13" "10.34. 32.18" "104. 224. 123.119" "POST /login. php?u=administrator&p=%27%0A"
"2021/12/18 09:33:14" "10. 34. 32.18" "104. 224. 123. 119" "POST /login. php?u=administrator&p=%26"
"2021/12/18 09:33:17" "10.34. 32.18" "104. 224. 123.119" "POST / login.php?u=administrator&p=%3B"
"2021/12/18 09:33:12" "10.34. 32. 18" "104. 224. 123. 119" "POST / login. php?u=admin&p=or%201%20=1"
"2021/12/18 09:33:19" "10.34.32.18" "104. 224. 123.119" "POST / login. php?u=admin&p=%27%0A"
"2021/12/18 09:33:21" "10. 34. 32.18" "104.224. 123.119" "POST / login. php?u=admin&p=%26"
"2021/12/18 09:33:23" "10. 34. 32.18" "104. 224. 123.119" "POST / login. php?u=admin&p=%3B" Which of the following types of attacks occurred?
A. Privilege escalation
B. Reuse of leaked credentials
C. Cross-site scripting
D. SQL injection
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
A company has ten cloud engineers working on different manual cloud deployments. In the past, engineers have had difficulty keeping deployments consistent. Which of the following is the best method to address this issue?
A. Service logging
B. Change ticketing
C. Deployment documentation
D. Configuration as code
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
A social networking company operates globally. Some users from Brazil and Argentina are reporting the following error: website address was not found. Which of the following is the most likely cause of this outage?
A. Client DNS misconfigutation
B. DNS server misconfiguration
C. Regional DNS provider outage
D. DNS propagation issues
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
A cloud administrator wants to provision a host with two VMs. The VMs require the following:
After configuring the servers, the administrator notices that during certain hours of the day, the performance heavily degrades. Which of the following is the best explanation?
A. The RAM on each VM is insufficient.
B. A higher number of processes occur at those times.
C. The host requires additional physical CPUs.
D. The storage is overutilized.
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
An engineer made a change to an application and needs to select a deployment strategy that meets the following requirements:
* Is simple and fast
* Can be performed on two Identical platforms
Which of the following strategies should the engineer use?
A. in-place
B. Rolling
C. Blue-green
D. Canary
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
A company hosts various containerized applications for business uses. A client reports that one of its routine business applications fails to load the web-based login prompt hosted in the company cloud.
INSTRUCTIONS
Click on each device and resource. Review the configurations, logs, and characteristics of each node in the architecture to diagnose the issue. Then, make the necessary changes to the WAF configuration to remediate the issue.
Web app 1
Web app 2
Web app 3
Web app 4
Client app
正解:
The issue is with Web app 1 (Finance application).
From the WAF logs, we can see that requests to https://webapp1.comptia.org/FIN/login.html are being blocked (Rule ID 1006). The rule is configured to block access to the finance application's login page. This corresponds to the reported issue of the web-based login prompt not loading.
To remediate the issue, the WAF configuration for Rule ID 1006 should be changed from "Block" to "Allow". This will enable the web-based login prompt to load for the client.
Additionally, the client app configuration indicates that the client laptop (IP 192.168.10.142) is trying to access the service, and the WAF logs show that requests from this IP are being blocked due to the current rule set. Changing the action for Rule ID 1006 will also ensure that legitimate attempts to access the login page from this IP are not blocked.
Steps for remediation:
Go to the WAF configuration.
Find Rule ID 1006 for the Finance application 1.
Change the action from "Block" to "Allow".
Save the changes.
Reference:
Web application firewall (WAF) configurations typically include rules that define which traffic should be allowed or blocked. Blocking legitimate traffic to login pages can prevent users from accessing the application, which seems to be the case here.
Client application configurations and WAF logs provide valuable insights into the source of the traffic and the rules that are affecting it. It's important to ensure that the rules align with the intended access policies for the application.
質問 6:
An organization's critical data was exfiltrated from a computer system in a cyberattack. A cloud analyst wants to identify the root cause and is reviewing the following security logs of a software web application:
"2021/12/18 09:33:12" "10. 34. 32.18" "104. 224. 123. 119" "POST / login.php?u=administrator&p=or%201%20=1"
"2021/12/18 09:33:13" "10.34. 32.18" "104. 224. 123.119" "POST /login. php?u=administrator&p=%27%0A"
"2021/12/18 09:33:14" "10. 34. 32.18" "104. 224. 123. 119" "POST /login. php?u=administrator&p=%26"
"2021/12/18 09:33:17" "10.34. 32.18" "104. 224. 123.119" "POST / login.php?u=administrator&p=%3B"
"2021/12/18 09:33:12" "10.34. 32. 18" "104. 224. 123. 119" "POST / login. php?u=admin&p=or%201%20=1"
"2021/12/18 09:33:19" "10.34.32.18" "104. 224. 123.119" "POST / login. php?u=admin&p=%27%0A"
"2021/12/18 09:33:21" "10. 34. 32.18" "104.224. 123.119" "POST / login. php?u=admin&p=%26"
"2021/12/18 09:33:23" "10. 34. 32.18" "104. 224. 123.119" "POST / login. php?u=admin&p=%3B" Which of the following types of attacks occurred?
A. Privilege escalation
B. Reuse of leaked credentials
C. Cross-site scripting
D. SQL injection
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
三浦** -
ソフトとアプリがもらえて、内容も濃く、問題や擬似問題集と回答などもあり