A company has decided to scale its e-commerce application from its corporate datacenter to a commercial cloud provider to meet an anticipated increase in demand during an upcoming holiday. The majority of the application load takes place on the application server under normal conditions. For this reason, the company decides to deploy additional application servers into a commercial cloud provider using the on-premises orchestration engine that installs and configures common software and network configurations. The remote computing environment is connected to the on-premises datacenter via a site-to-site IPSec tunnel. The external DNS provider has been configured to use weighted round-robin routing to load balance connections from the Internet.

During testing, the company discovers that only 20% of connections completed successfully.

Review the network architecture and supporting documents and fulfill these requirements: Identify the correct options to provide adequate configuration for hybrid cloud architecture.

Instructions:

If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

Simulation

Instruction: Only select a maximum of TWO options from the multiple choice question.

A. Deploy a Replica of the Database Server in the Cloud Provider

B. Update the PSK (Pre-shared key in Router2)

C. Update the A record on the DNS from 2.2.2.2 to 1.1.1.1

D. Promote deny All to allow All in Firewall1 and Firewall2

E. Change the Address Space on Router2

F. Change internal IP Address of Router1

G. Reverse the Weight property in the two CNAME records on the DNS

H. Add the Application Server at on-premises to the Load Balancer

Which of the following would be used to establish a dedicated connection in a hybrid cloud environment?

A. CHAP

B. AES

C. PKI

D. VPN

A college has implemented a private cloud for students and faculty. The college is required by their accrediting body to ensure that the cloud meets certain confidentiality and privacy requirements. Which of the following represents the LEAST intrusive testing method for the college to use, while ensuring separation of duties during the testing?

A. A vulnerability assessment should be conducted by the MIS department.

B. A penetration test should be conducted by an accredited third party.

C. A penetration test should be conducted by the MIS department.

D. A vulnerability assessment should be conducted by an accredited third party.

An engineer is responsible for managing a private cloud environment at a software company. Company developers perform all programming in the cloud environment. There are two departments working on a highly classified product that now requires dedicated resources, which cannot be viewed or accessed by other departments in the cloud environment. Which of the following should the engineer perform to ensure the requirements are met? (Choose three.)

A. Create a baseline

B. Assign an ACL

C. Verify segmentation

D. Use thin provisioned storage

E. Automate patch deployments

F. Create a tenant

G. Deploy a PKI solution

A company is migrating a website to a CSP to improve availability and performance. After testing the application, the systems engineer realizes the website stores the session state in a database system. Which of the following is the BEST way to ensure a successful migration?

A. Configure the new website to use the database system.

B. Migrate to a DBaaS and keep the session state.

C. Implement a new database system to store the session state.

D. Deploy a load balancer to store the session state.