Cloud Technology Ultimate Exam, Exams of Technology

Cloud Technology Ultimate Exam is a comprehensive learning and certification preparation tool designed for individuals seeking expertise in modern cloud computing systems and services. The exam covers cloud architecture, virtualization, cloud deployment models, storage systems, networking, cybersecurity, scalability, disaster recovery, and cloud service management. Learners gain practical understanding of cloud platforms, infrastructure solutions, and operational best practices through realistic exam-style questions and in-depth explanations. This Ultimate Exam is ideal for IT students, cloud engineers, and technology professionals preparing for academic or industry certification exams.

Typology: Exams

2025/2026

Available from 05/07/2026

nicky-jone
nicky-jone 🇮🇳

2.9

(44)

28K documents

1 / 89

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Cloud Technology Ultimate Exam
**Question 1. Which of the following is NOT a characteristic of cloud computing?**
A) Ondemand selfservice
B) Broad network access
C) Fixed capacity provisioning
D) Measured service
Answer: C
Explanation: Cloud computing provides elastic, ondemand resources; fixed capacity provisioning contradicts
rapid elasticity.
**Question 2. In the IaaS service model, the customer is responsible for which of the following?**
A) Physical server maintenance
B) Virtual machine OS patches
C) Network backbone upgrades
D) Data center power supply
Answer: B
Explanation: IaaS gives the provider control of physical hardware, while the customer manages the guest OS
and applications.
**Question 3. Which deployment model is best suited for a consortium of universities sharing resources while
maintaining separate administrative control?**
A) Public cloud
B) Private cloud
C) Community cloud
D) Hybrid cloud
Answer: C
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d
pf4e
pf4f
pf50
pf51
pf52
pf53
pf54
pf55
pf56
pf57
pf58
pf59

Partial preview of the text

Download Cloud Technology Ultimate Exam and more Exams Technology in PDF only on Docsity!

Question 1. Which of the following is NOT a characteristic of cloud computing? A) On‑demand self‑service B) Broad network access C) Fixed capacity provisioning D) Measured service Answer: C Explanation: Cloud computing provides elastic, on‑demand resources; fixed capacity provisioning contradicts rapid elasticity. Question 2. In the IaaS service model, the customer is responsible for which of the following? A) Physical server maintenance B) Virtual machine OS patches C) Network backbone upgrades D) Data center power supply Answer: B Explanation: IaaS gives the provider control of physical hardware, while the customer manages the guest OS and applications. Question 3. Which deployment model is best suited for a consortium of universities sharing resources while maintaining separate administrative control? A) Public cloud B) Private cloud C) Community cloud D) Hybrid cloud Answer: C

Explanation: Community clouds are shared by organizations with common concerns such as regulatory compliance or mission. Question 4. In the shared responsibility model, which security task is typically the cloud provider’s responsibility? A) Patch management of guest operating systems B) Encryption of data at rest in storage services C) Physical security of the data center D) Identity and access management for customer accounts Answer: C Explanation: Providers secure the underlying infrastructure, including physical data‑center security. Question 5. Type‑1 hypervisors differ from Type‑2 hypervisors primarily because they: A) Run on top of a host operating system B) Require a separate licensing fee per VM C) Operate directly on bare metal hardware D) Are only used for desktop virtualization Answer: C Explanation: Type‑1 (bare‑metal) hypervisors run directly on hardware, offering better performance and isolation. Question 6. Which VM lifecycle operation creates a point‑in‑time copy that can be used to restore a virtual machine? A) Cloning B) Snapshotting C) Live migration

C. Reducing latency for IoT sensor data processing D. Hosting static website content only Answer: C Explanation: Edge locations process data close to its source, minimizing latency for time‑critical workloads. Question 10. GDPR compliance primarily affects cloud architectures by requiring: A. Encryption of all data in transit B. Data residency within the European Economic Area C. Use of only open‑source software D. 24/7 on‑premises monitoring Answer: B Explanation: GDPR mandates that personal data of EU citizens be stored and processed in ways that respect data‑subject rights, often necessitating regional storage. Question 11. In a VPC, a public subnet typically includes which component to enable internet access? A. NAT gateway B. Internet gateway C. Private link D. Transit gateway Answer: B Explanation: An Internet Gateway attaches to the VPC and routes traffic from public subnets to the internet. Question 12. Which routing element allows instances in a private subnet to access the internet without exposing inbound connections? A. Internet gateway

B. NAT gateway C. VPC peering D. Route reflector Answer: B Explanation: NAT gateways provide outbound internet access for private subnets while blocking inbound traffic. Question 13. VPC peering differs from a transit gateway in that peering: A. Supports transitive routing between multiple VPCs B. Requires a dedicated physical device C. Allows direct traffic only between two VPCs D. Provides built‑in firewall capabilities Answer: C Explanation: VPC peering creates a one‑to‑one connection; traffic does not transit through a central hub. Question 14. A site‑to‑site VPN tunnel is most appropriate for which use case? A. Connecting a mobile user’s laptop to the cloud B. Linking an on‑premises data center to a VPC over the internet C. Providing a high‑throughput dedicated link between two regions D. Exposing a public API to external developers Answer: B Explanation: Site‑to‑site VPNs securely extend an on‑premises network to a cloud VPC via encrypted tunnels. Question 15. Which dedicated connectivity option typically offers the lowest latency to a cloud provider?

Question 18. Which DNS routing policy routes users to the nearest endpoint based on latency measurements? A. Weighted routing B. Geolocation routing C. Latency‑based routing D. Simple routing Answer: C Explanation: Latency‑based routing selects the endpoint that provides the lowest network latency to the requester. Question 19. An API gateway can enforce which of the following security controls? A. Physical rack access control B. Rate limiting and JWT validation C. Hypervisor patching D. Disk encryption at rest Answer: B Explanation: API gateways manage request throttling, authentication, and authorization for APIs. Question 20. The principle of least privilege is best implemented by: A. Granting all users administrator rights B. Assigning broad, catch‑all policies C. Creating fine‑grained roles with only needed permissions D. Disabling multi‑factor authentication Answer: C

Explanation: Least privilege limits each identity to the minimum actions required for its job. Question 21. Which protocol is commonly used for federated identity between an on‑premises AD and a cloud provider? A. FTP B. SAML 2. C. SNMP D. DHCP Answer: B Explanation: Security Assertion Markup Language (SAML) enables single sign‑on and federation across domains. Question 22. Multi‑factor authentication (MFA) significantly reduces risk of: A. Unpatched operating systems B. Credential‑theft attacks C. Network latency spikes D. Data duplication errors Answer: B Explanation: MFA adds an extra verification step beyond passwords, mitigating stolen credential usage. Question 23. Which service is used to centrally manage encryption keys for data at rest in most public clouds? A. CloudWatch B. KMS (Key Management Service) C. CloudFormation D. Elastic Load Balancer

D. Edge computing protocol Answer: B Explanation: NIST SP 800‑53 provides security and privacy controls for federal information systems, used as a compliance reference. Question 27. Which cloud service provides immutable, write‑once storage for backup compliance? A. Object storage with versioning and Object Lock B. Elastic File System with automatic snapshots C. Block storage with RAID‑ 0 D. In‑memory cache with TTL Answer: A Explanation: Object Lock enforces WORM (Write‑Once‑Read‑Many) semantics, preventing alteration of stored objects. Question 28. CloudTrail (or equivalent) primarily provides: A. Real‑time metric collection for CPU usage B. Automated scaling of compute resources C. Auditable logs of API calls and user activity D. Encryption of data at rest Answer: C Explanation: CloudTrail records governance events, enabling forensic analysis and compliance reporting. Question 29. A CSPM solution helps organizations by: A. Automatically provisioning new VPCs B. Continuously scanning cloud configurations for policy violations

C. Managing container image registries D. Providing low‑latency edge caching Answer: B Explanation: Cloud Security Posture Management continuously evaluates resource configurations against best‑practice policies. Question 30. In Docker, the command docker build is used to: A. Run a container from an image B. Pull an image from a registry C. Create a new image from a Dockerfile D. Delete stopped containers Answer: C Explanation: docker build processes a Dockerfile to assemble a container image. Question 31. Which Kubernetes object defines a logical set of Pods and a policy to access them? A. Service B. Deployment C. ConfigMap D. Ingress Answer: A Explanation: A Service provides a stable network endpoint and load‑balancing for a group of Pods. Question 32. A Kubernetes Deployment primarily manages: A. Persistent storage volumes

A. Amazon S B. Amazon SQS C. Amazon SNS D. Amazon EFS Answer: C Explanation: SNS (Simple Notification Service) implements a pub‑sub pattern for asynchronous messaging. Question 36. Serverless databases such as Aurora Serverless automatically: A. Provision a fixed number of EC2 instances B. Scale compute capacity based on demand without manual intervention C. Require manual sharding of tables D. Store data on local disks only Answer: B Explanation: Aurora Serverless adjusts its underlying compute resources dynamically as workload fluctuates. Question 37. In Infrastructure as Code, Terraform uses a __________ language to describe resources. A. Imperative Python scripts B. Declarative HCL (HashiCorp Configuration Language) C. XML configuration files D. Bash shell commands Answer: B Explanation: Terraform’s HCL is a declarative language that defines the desired end state of infrastructure.

Question 38. Which CI/CD practice ensures that every code change passes automated tests before deployment? A. Continuous monitoring B. Continuous integration C. Continuous provisioning D. Continuous backup Answer: B Explanation: Continuous Integration runs automated builds and tests on each change, catching defects early. Question 39. GitOps primarily relies on which of the following to drive infrastructure changes? A. Manual CLI commands executed by operators B. Direct API calls from monitoring tools C. Pull requests and merges in a Git repository D. Scheduled cron jobs on VMs Answer: C Explanation: GitOps treats Git as the single source of truth; changes are applied when code is merged. Question 40. Which cloud‑native relational database service offers automatic failover across multiple AZs? A. Amazon DynamoDB B. Amazon Aurora C. Amazon Redshift Spectrum D. Amazon ElastiCache Answer: B Explanation: Aurora provides built‑in high‑availability with automatic replication and failover across AZs.

Explanation: MLOps focuses on the end‑to‑end lifecycle of machine‑learning models. Question 44. Retrieval‑Augmented Generation (RAG) improves generative AI by: A. Storing model weights in a cold archive B. Augmenting model output with relevant external data retrieved at runtime C. Replacing transformers with rule‑based systems D. Limiting the model to a single language Answer: B Explanation: RAG fetches up‑to‑date information to ground generated text, reducing hallucinations. Question 45. Which pre‑built AI service provides speech‑to‑text conversion? A. Vision API B. Translate API C. Speech Recognition API D. Rekognition API Answer: C Explanation: Speech Recognition (or Speech‑to‑Text) APIs transcribe spoken audio into text. Question 46. In FinOps, tagging resources primarily helps with: A. Improving network throughput B. Automating OS patching C. Allocating cost to business units or projects D. Enabling faster DNS resolution Answer: C

Explanation: Consistent tags allow cost reporting and chargeback to specific teams or projects. Question 47. A Reserved Instance provides cost savings by: A. Paying for compute capacity on a pay‑as‑you‑go basis B. Committing to a specific instance type for a term (1‑3 years) C. Using Spot market pricing for excess capacity D. Leveraging free tier services only Answer: B Explanation: Reserved Instances lock in capacity and price, delivering a discount versus on‑demand rates. Question 48. Which metric is used to define the maximum tolerable downtime in a disaster‑recovery plan? A. RPO (Recovery Point Objective) B. SLA (Service Level Agreement) C. RTO (Recovery Time Objective) D. MTTR (Mean Time To Repair) Answer: C Explanation: RTO specifies the target time to restore services after a disruption. Question 49. Immutable backups are important because they: A. Can be edited to correct data errors after creation B. Prevent tampering or deletion, ensuring data integrity for compliance C. Reduce storage costs by compressing data aggressively D. Enable instant scaling of compute resources Answer: B

D. Public Internet Gateway Answer: B Explanation: Dedicated interconnect services offer private, low‑latency links bypassing the public internet. Question 53. Which AWS service is a managed, serverless data warehouse that separates compute and storage? A. Amazon Aurora B. Amazon Redshift Serverless C. Amazon RDS D. Amazon DynamoDB Answer: B Explanation: Redshift Serverless automatically provisions compute resources while storing data in S3‑based storage. Question 54. Which Kubernetes resource is used to expose HTTP services outside the cluster using host‑based or path‑based routing? A. Service (ClusterIP) B. Ingress C. ConfigMap D. StatefulSet Answer: B Explanation: An Ingress defines rules for external HTTP(S) traffic to reach services inside the cluster. Question 55. A CloudFormation template written in JSON is an example of: A. Imperative IaC

B. Declarative IaC C. Serverless function code D. Container orchestration manifest Answer: B Explanation: CloudFormation describes the desired end state of resources, letting the service handle creation steps. Question 56. Which of the following best describes “spot instances”? A. Reserved capacity with a fixed price B. On‑demand instances with a 24‑hour guarantee C. Unused capacity offered at discounted rates, subject to termination D. Instances that run only in a private subnet Answer: C Explanation: Spot instances let users bid on excess cloud capacity, providing cost savings but possible interruption. Question 57. In the context of data sovereignty, which strategy helps ensure compliance? A. Storing all data in a single global region for simplicity B. Encrypting data but ignoring where it resides C. Deploying workloads in regions that meet local residency regulations D. Using only open‑source databases Answer: C Explanation: Placing data in jurisdictions that satisfy legal residency requirements addresses sovereignty concerns.