CompTIA Cloud+ Certification - CV0-002 Exam Questions [2026]

QUESTION NO: 1
Recent feedback from an employee engagement survey stated that users are frustrated with multiple logins to different SaaS providers, and the cloud engineering teams is directed to address this issue and implement a solution. The security policy states that users must access the SaaS from approved IP addresses.
Which of the following is the BEST and most efficient solution to deploy?

A. Deploy a CASB solution and whitelist the approved SaaS applications. B. Deploy a smart card login and change passwords to each SaaS vendor every 30 days. C. Deploy SSO and enforce VPN access to the corporate domain. D. Deploy an IPSec tunnel to each SaaS provider and enable biometric login.

Correct Answer: C

QUESTION NO: 2
A security and risk team requires a weekly report to detect VM file system changes and validate the integrity of the OS. Which of the following is the BEST solution for this requirement?

A. Configure debugging on the VM and forward syslogs to a central location. B. Configure a FIM agent on the VM and forward syslogs to a central location. C. Configure an antivirus agent on the VM and create the report through the web GUI. D. Configure a FIM agent on the VM and create the report through the web GUI.

Correct Answer: B

QUESTION NO: 3
Which of the following is the BEST way to ensure accounts in a cloud environment are disabled as soon as they no longer need to be active?

A. When users leave the company, ensure an account disablement request is initiated and will be fulfilled in less than four hours. B. Have accounts checked by the cloud systems administrator once per day to ensure active accounts are still valid. C. Reboot directory services servers once a day to ensure all account disablement requests are committed. D. Have the user contact the cloud systems administrator to disable the account when it is no longer needed.

Correct Answer: D

QUESTION NO: 4
The InfoSec team has directed compliance database activity monitoring without agents on a hosted database server in the public IaaS. Which of the following configurations is needed to ensure this requirement is achieved?

A. Configure the agent configuration file to log to the syslog server. B. Implement built-in database tracking functionality. C. Implement database encryption and secure copy to the NAS. D. Configure sniffing mode on database traffic.

Correct Answer: D

QUESTION NO: 5
A new application with availability SLA requirements of 99.99% has been deployed in a cloud. For a test spanning a month, which of the following unavailability times would mean the test was successful? (Select TWO).

A. 1 minute B. 4 minutes C. 10 minutes D. 60 minutes E. 30 minutes

Correct Answer: A,B

QUESTION NO: 6
A company security policy mandates education and training for new employees. The policy must outline acceptable use policies for SaaS applications. Given these requirements, which of the following security controls is BEST suited?

A. Preventive B. Corrective C. Physical D. Detective

Correct Answer: B

QUESTION NO: 7
A company is consuming a SaaS solution with a large user base and wants to minimize user management, but also ensure access is as secure as possible. Which of the following should the cloud administrator select to help meet these requirements? (Choose two.)

A. SSO B. AAA C. NAC D. ACL E. MFA

Correct Answer: A,E

QUESTION NO: 8
A company has developed a SaaS product for the financial services industry. The Chief Executive Officer (CEO) of the SaaS company has engaged an independent third party to run tests against its platform. Which of the following is the MOST likely test the third party has been engaged to perform?

A. Load testing B. Functionality testing C. Vulnerability testing D. Penetration testing

Correct Answer: D

QUESTION NO: 9
A company wants to leverage a SaaS provider for its back-office services, and security is paramount. Which of the following solutions should a cloud engineer deploy to BEST meet the security requirements?

A. IPS/IDS B. Proxy gateway C. CASB D. Firewall

Correct Answer: C

QUESTION NO: 10
The following three hosts are being put into a virtualization cluster for a new project initiative:

As more VMs are deployed to the cluster, which of the following virtualization technologies is MOST likely to report an error with this configuration?

A. Memory overcommitment B. Hyperthreading C. High availability D. Ballooning

Correct Answer: D

QUESTION NO: 11
A company wants to take advantage of cloud benefits while retaining control of and maintaining compliance with all its security policy obligations. Based on the non-functional requirements, which of the following should the company use?

A. Hybrid cloud, as use is restricted to trusted customers B. SaaS, as the cloud provider has less security responsibility C. IaaS, as the cloud provider has a minimal level of security responsibility D. PaaS, as the cloud customer has the most security responsibility

Correct Answer: C

QUESTION NO: 12
In an IaaS model, to which of the following methodologies would the client apply a list of OS patches, assuming approval from CAB has been given?

A. Using a patch management system, identify the applications needing the patch, select the required application in a patch management console, and apply the patches. B. Using a patch management system, identify the services that require patching, and select and apply the patches. C. Using a patch management system, identify the hypervisor type, select a group of hypervisors to be patched, and perform a rolling application of patches. D. Using a patch management system, identify the guests that require patching, and select and apply the patches.

Correct Answer: D

Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).

QUESTION NO: 13
A customer is building a web cluster in which all nodes must access a shared pool of images.
Which of the following storage types would be BEST for this workload?

A. Direct attached storage B. Object Storage C. File-level access storage D. Block storage

Correct Answer: B

QUESTION NO: 14
Cloud developers are experiencing a delay caused by the static code review before each deployment. The security operator and developer must address the issue without cutting corners with security testing. Which of the following would BEST address the delay issue?

A. Perform the static code analysis earlier in the SDLC. B. Replace the static code analysis with a vulnerability analysis. C. Perform a penetration test instead of a static code analysis. D. Replace the static code analysis with hardening techniques.

Correct Answer: D