Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. What needs to be considered when designing a distributed storage solution?
A. Multiple management tools
B. Fault domain detection and isolation to ensure data availability
C. RAID configuration to ensure a drive failure is avoided
D. Automated storage tiering to enable efficient use of drive
Answer: B
Explanation: A distributed data store is a computer network where information is stored on more than one node, often in a replicated fashion. Distributed data stores typically use an error detection and correction technique. Some distributed data stores (such as Parchive over NNTP) use forward error correction techniques to recover the original file when parts of that file are damaged or unavailable. Others try again to download that file from a different mirror. Explanation:
References: https://en.wikipedia.org/wiki/Distributed_data_store
Q2. An organization wants to deploy a block storage in the cloud using a storage array that is accessible through the iSCSI protocol. The hosts support iSCSI.
Why would network segmentation be included in the design to support this requirement?
A. Secure all traffic between the storage array and the hosts
B. Enable CHAP between the array and hosts
C. iSCSI traffic is not supported on networks with other types of traffic
D. Enable LUN masking capabilities of the array
Answer: D
Explanation: LUN masking is a further constraint added to LUN zoning to ensure that only devices authorized to access a specific server can access the corresponding port.
A logical unit number (LUN) is a unique identifier that designates individual hard disk devices or grouped devices for address by a protocol associated with a SCSI, iSCSI, Fibre Channel (FC) or similar interface. LUNs are central to the management of block storage arrays shared over a storage area network (SAN).
Explanation: References:
http://searchvirtualstorage.techtarget.com/definition/LUN-masking
Q3. An organization is currently using a private cloud to host gaming applications. The private cloud is located in the organization's data center. These applications have very little static data and no requirements for securing data. Authentication is handled through an external resource.
During holiday and vacation seasons, application usage increases significantly and more resources are required. However, the increase only occurs about 10% of the year and the organization wants to maintain performance.
What can be done to meet this requirement?
A. Deploy global load balances
B. Create QoS policies during peak usage
C. Move to a hybrid cloud model
D. Implement a CDN solution
Answer: C
Explanation: Hybrid cloud is a cloud computing environment which uses a mix of on-premises, private cloud and third-party, public cloud services with orchestration between the two platforms. By allowing workloads to move between private and public clouds as computing needs and costs change, hybrid cloud gives businesses greater flexibility and more data deployment options.
Incorrect:
Not D: A content delivery network (CDN) is a system of distributed servers (network) that deliver webpages and other Web content to a user based on the geographic locations of the user, the origin of the webpage and a content delivery server.
References:
http://searchcloudcomputing.techtarget.com/definition/hybrid-cloud
Q4. In addition to the operating system, what other components does the consumer manage in an IaaS cloud service model?
A. Application, data, storage, and physical networking
B. Data, middleware, application, and runtime
C. Runtime, physical servers, application, and middleware
D. Middleware, runtime, hypervisor, and application
Answer: B
Explanation: In the case of IaaS the computing resource provided is specifically that of virtualised hardware, in other words, computing infrastructure.
IaaS clouds often offer additional resources such as a virtual-machine disk-image library, raw block storage, file or object storage, firewalls, load balancers, IP addresses, virtual local area networks (VLANs), and software bundles. Figure: Cloud-computing layers accessible within a stack
Incorrect:
Not A: not Physical networking not C: Not physical servers. Not D: Not Hypervisors. Explanation:
References: http://www.interoute.com/what-iaas
Q5. An organization plans to deploy a spine/leaf network topology to support a cloud design. Leaf switches will use layer- 3 protocols to communicate with the spine switches. Hosts will each connect to two leaf switches using layer-2 protocols.
Which technology must be enabled between the host and leaf switches to provide the maximum throughput for a single data stream?
A. Generic Network Virtualization Encapsulation
B. Spanning Tree Protocol
C. Equal-Cost Multi-Path Routing
D. Multi-Chassis Aggregation
Answer: A
Explanation: Generic Network Virtualization Encapsulation (Geneve) is the peacemaking protocol drafted to unify VXLAN, NVGRE, and whatever other tunneling protocols emerge for network virtualization. Geneve doesn't exactly replace VXLAN and other protocols. Rather, it provides a common superset among them, so that outside software can provide hooks to Geneve rather than having to accommodate multiple encapsulation standards.
Note: NVGRE (Network Virtualization using Generic Routing Encapsulation) is a network virtualization technology that attempts to alleviate the scalability problems associated with large cloud computing deployments. It uses Generic Routing Encapsulation (GRE) to tunnel layer 2 packets over layer 3 networks. Its principal backer is Microsoft. Explanation:
References:
https://www.sdxcentral.com/articles/news/intel-supports-geneve-unify-vxlan-nvgre/2014/09/
Q6. What describes the storage categories represented by OpenStack Swift and EMC XtremIO requirements?
A. Swift = Distributed Object StorageXtremIO = Central Storage
B. Swift = Central Storage XtremIO = Distributed File Storage
C. Swift = Distributed Block StorageXtremIO = Distributed Object Storage
D. Swift = Distributed File StorageXtremIO = Distributed Block Storage
Answer: A
Explanation: OpenStack Swift is a globally-distributed object storage with a single namespace that's durable enough for the most demanding private clouds and now brought to you in an easy-to-deploy/scale/manage system.
XtremIO is a flash-based Storage Array. Explanation:
References:
https://www.swiftstack.com/#testimonial/2 http://www.emc.com/collateral/white-papers/h11752-intro-to-XtremIO- array-wp.pdf
Q7. A cloud architect has determined that the cloud management infrastructure requires an authentication and PKI environment. In addition, each tenant will require its own authentication and PKI environment. What describes these separate environments in a cloud design document?
A. Availability zones
B. Fault domains
C. Multi-tenancy
D. Trust zones
Answer: C
Explanation: The term "software multitenancy" refers to a software architecture in which a single instance of software runs on a server and serves multiple tenants. A tenant is a group of users who share a common access with specific privileges to the software instance.
Incorrect:
Not A: Availability zones (AZs) are isolated locations within data center regions from which public cloud services originate and operate.
Not B: A fault domain is a set of hardware components - computers, switches, and more - that share a single point of failure.
Not D: Zones of trust are a defined area of the system where by by necessity, by the presence of key information assets and by the wider environmental context the connections within the zone are treated as at the same level of trust. This effectively couples the components within that subsystem for security purposes.
References:
https://en.wikipedia.org/wiki/Multitenancy
Q8. A cloud architect is evaluating an organization's need to support thousands of virtual machine instances and some form of encryption. Which encryption type should be selected and why?
A. Storage array encryption to provide centralized management
B. Full file systems encryption to simplify key management
C. Network-based encryption to increase security at the cost of server overhead
D. Self-encrypting storage devices to increase security at the cost of increased overhead
Answer: B
Q9. A cloud architect is designing a private cloud for an organization. The organization has no existing backup infrastructure. They want to offer consumers the ability to backup virtual machine instances using image-based backups.
What should the cloud architect look for when selecting a backup application for this environment?
A. Virtual machine hardware is on the backup application vendor's compatibility list
B. Hypervisor servers' hardware is on the backup application vendor's compatibility list
C. Backup application can be integrated with the selected CMP components
D. Backup application supports a cloud gateway for accessing the cloud-based virtual machines
Answer: D
Explanation: A cloud storage gateway provides basic protocol translation and simple connectivity to allow the incompatible technologies to communicate transparently. The gateway can make cloud storage appear to be a NAS filer, a block storage array, a backup target or even an extension of the application itself.
Explanation: References:
http://searchcloudstorage.techtarget.com/definition/cloud-storage-gateway
Q10. An organization is considering the use of a cloud gateway to backup services to a public cloud. They will use their existing backup application. What is a design consideration?
A. Ensuring the cloud storage provider is using the same compression algorithm as the backup software
B. Ensuring data is encrypted and key management is defined
C. Ensuring the cloud storage provider is using the same PKI solution as the organization
D. Ensuring the backup application supports the same authentication mechanism as the public cloud provider
Answer: B
Q11. An organization plans to deploy a spine/leaf network topology to support a cloud design. Leaf switches will use layer- 3 protocols to communicate with the spine switches. Hosts will each connect to two leaf switches using layer-2 protocols.
Which technology must be enabled between the host and leaf switches to provide the maximum throughput for a single data stream?
A. Generic Network Virtualization Encapsulation
B. Spanning Tree Protocol
C. Equal-Cost Multi-Path Routing
D. Multi-Chassis Aggregation
Answer: A
Explanation: Generic Network Virtualization Encapsulation (Geneve) is the peacemaking protocol drafted to unify VXLAN, NVGRE, and whatever other tunneling protocols emerge for network virtualization. Geneve doesn't exactly replace VXLAN and other protocols. Rather, it provides a common superset among them, so that outside software can provide hooks to Geneve rather than having to accommodate multiple encapsulation standards.
Note: NVGRE (Network Virtualization using Generic Routing Encapsulation) is a network virtualization technology that attempts to alleviate the scalability problems associated with large cloud computing deployments. It uses Generic Routing Encapsulation (GRE) to tunnel layer 2 packets over layer 3 networks. Its principal backer is Microsoft. Explanation:
References:
https://www.sdxcentral.com/articles/news/intel-supports-geneve-unify-vxlan-nvgre/2014/09/
Q12. Which aspect of the project definition does the cloud design scope provide?
A. Broad directions for the project
B. Boundaries of what the project should and should not include
C. Sales figures that must be met when designing the project
D. Specific features or functions that must be included in the project
Answer: D
Q13. An architect is designing the compute resource pools for a cloud. As part of the deliverables, the architect has included the standard specifications for the physical servers to be used. The organization has provided estimates for future growth but has concerns about whether these estimates are accurate. What should be included in the design to address these concerns?
A. A monitoring application and procedures for pool expansion
B. A chargeback application and orchestration workflows to auto-scale pools
C. A metering application and orchestration workflows to auto-scale pools
D. A configuration management application and procedures for pool expansion
Answer: A
Q14. In a cloud design, an architect has defined a separate trust zone for host management. The hosts will be running open source hypervisors.
What should be included in the design deliverables to support this separate trust zone?
A. Isolated management network and a common super-user account
B. Separate PKI and encrypted CMI portal access
C. Separate authentication source and a preferred zone set
D. Isolated management network and a separate authentication source
Answer: D
Q15. A cloud architect is designing a hybrid cloud for an organization. A requirement for this environment is that the private cloud user credential be trusted by both cloud provisioning APIs. Which type of authentication will meet this requirement?
A. Federated authentication
B. Asymmetric encryption
C. Symmetric encryption
D. Shared-key authentication
Answer: A
Explanation: A federated identity in information technology is the means of linking a person's electronic identity and attributes, stored across multiple distinct identity management systems.
Explanation: References:
https://en.wikipedia.org/wiki/Federated_identity
Q16. In a cloud design, an architect has defined a separate trust zone for host management. The hosts will be running open source hypervisors.
What should be included in the design deliverables to support this separate trust zone?
A. Isolated management network and a common super-user account
B. Separate PKI and encrypted CMI portal access
C. Separate authentication source and a preferred zone set
D. Isolated management network and a separate authentication source
Answer: D
Q17. Which categories of network traffic should be isolated from inter-host communication and each other?
A. Logging and messaging
B. Cloud services and administration
C. Administration and storage
D. Messaging and storage
Answer: B
Q18. When implementing QoS across a cloud network, how is storage traffic usually prioritized?
A. Most important
B. More important than tenant traffic but less important than management traffic
C. More important than management traffic but less important than tenant traffic
D. Least improtant
Answer: C