Master the E20-020 Cloud Infrastructure Specialist Exam for Cloud Architects content and be ready for exam day success quickly with this Examcollection E20-020 test. We guarantee it!We make it a reality and give you real E20-020 questions in our EMC E20-020 braindumps.Latest 100% VALID EMC E20-020 Exam Questions Dumps at below page. You can use our EMC E20-020 braindumps and pass your exam.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for EMC E20-020 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW E20-020 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/E20-020-exam-dumps.html
Q21. A cloud architect is evaluating an organization's need to support thousands of virtual machine instances and some form of encryption. Which encryption type should be selected and why?
A. Storage array encryption to provide centralized management
B. Full file systems encryption to simplify key management
C. Network-based encryption to increase security at the cost of server overhead
D. Self-encrypting storage devices to increase security at the cost of increased overhead
Answer: B
Q22. What describes the storage categories represented by OpenStack Swift and EMC XtremIO requirements?
A. Swift = Distributed Object StorageXtremIO = Central Storage
B. Swift = Central Storage XtremIO = Distributed File Storage
C. Swift = Distributed Block StorageXtremIO = Distributed Object Storage
D. Swift = Distributed File StorageXtremIO = Distributed Block Storage
Answer: A
Explanation: OpenStack Swift is a globally-distributed object storage with a single namespace that's durable enough for the most demanding private clouds and now brought to you in an easy-to-deploy/scale/manage system.
XtremIO is a flash-based Storage Array. Explanation:
References:
https://www.swiftstack.com/#testimonial/2 http://www.emc.com/collateral/white-papers/h11752-intro-to-XtremIO- array-wp.pdf
Q23. In addition to the operating system, what other components does the consumer manage in an IaaS cloud service model?
A. Application, data, storage, and physical networking
B. Data, middleware, application, and runtime
C. Runtime, physical servers, application, and middleware
D. Middleware, runtime, hypervisor, and application
Answer: B
Explanation: In the case of IaaS the computing resource provided is specifically that of virtualised hardware, in other words, computing infrastructure.
IaaS clouds often offer additional resources such as a virtual-machine disk-image library, raw block storage, file or object storage, firewalls, load balancers, IP addresses, virtual local area networks (VLANs), and software bundles. Figure: Cloud-computing layers accessible within a stack
Incorrect:
Not A: not Physical networking not C: Not physical servers. Not D: Not Hypervisors. Explanation:
References: http://www.interoute.com/what-iaas
Q24. An organization is currently using a private cloud to host gaming applications. The private cloud is located in the organization's data center. These applications have very little static data and no requirements for securing data. Authentication is handled through an external resource.
During holiday and vacation seasons, application usage increases significantly and more resources are required. However, the increase only occurs about 10% of the year and the organization wants to maintain performance.
What can be done to meet this requirement?
A. Deploy global load balances
B. Create QoS policies during peak usage
C. Move to a hybrid cloud model
D. Implement a CDN solution
Answer: C
Explanation: Hybrid cloud is a cloud computing environment which uses a mix of on-premises, private cloud and third-party, public cloud services with orchestration between the two platforms. By allowing workloads to move between private and public clouds as computing needs and costs change, hybrid cloud gives businesses greater flexibility and more data deployment options.
Incorrect:
Not D: A content delivery network (CDN) is a system of distributed servers (network) that deliver webpages and other Web content to a user based on the geographic locations of the user, the origin of the webpage and a content delivery server.
References:
http://searchcloudcomputing.techtarget.com/definition/hybrid-cloud
Q25. What is a benefit of a service catalog?
A. Handles every IT request simultaneously
B. Allows users to customize tenant roles
C. Services do not have to meet the standards set by the business
D. Enables the application of quotas on resources to control cost
Answer: D
Q26. An organization wants to deploy a service catalog in a private cloud. What requirements are met by using a service catalog?
A. Ability for administrators to manage multi-tenancy
B. Ability for users to measure service performance
C. Ability for users to aggregate service logs
D. Ability for administrators to attach storage pools
Answer: B
Explanation: Benefits of implementing and maintaining a service catalog include allowing an enterprise to track and manage metrics that represent the utilization of services and service-related traits, such as those associated with service supply and demand.
References:
https://en.wikipedia.org/wiki/Service_catalog
Q27. An organization plans to deploy many cloud-native applications that will generate a considerable amount of east-west traffic. The cloud-native applications will be deployed on hosts running hyppervisors. Why would distributed routers be considered in this design?
A. Enable network segment
B. Improve network performance between hosts
C. Minimize Internet traffic
D. Protect against a physical router failure
Answer: B
Explanation: Distributed Virtual Router (DVR) aims to isolate the failure domain of the traditional network node and to optimize network traffic by eliminating the centralized L3 agent. It does that by moving most of the routing previously performed on the network node to the compute nodes.
* East/west traffic (Traffic between different networks in the same tenant, for example between different tiers of your app) previously all went through one of your network nodes whereas with DVR it will bypass the network node, going directly between the compute nodes hosting the VMs. Etc. Explanation:
References:
http://assafmuller.com/2015/04/15/distributed-virtual-routing-overview-and-eastwest-routing/
Q28. A cloud architect is evaluating an organization's need for encryption. Which type of encryption eliminates the requirement for key management?
A. Embedded
B. File-based
C. File system-based
D. Virtual disk
Answer: D
Explanation: The most convenient form of encryption is disk/volume encryption. If you have any data on an existing Virtual Machine (VM), you can easily add an encrypted disk or volume. Then, when you unmount the encrypted volume (or power off the server), as long as you don't store the encryption key on the server, your data is safe.
The drawback with this type of encryption however is that if your server gets compromised somehow, there is a possibility that the attacker could capture your passphrase/key (and/or data) the next time you mount the disk image. Incorrect:
Not C: Filesystem-level encryption, often called file/folder encryption, is a form of disk encryption where individual files or directories are encrypted by the file system itself. Each file can be and usually is encrypted with a separate encryption key.
Explanation: References:
https://www.cloudsigma.com/securing-your-data-in-the-cloud-with-encryption/
Q29. An architect is designing the compute resource pools for a cloud. As part of the deliverables, the architect has included the standard specifications for the physical servers to be used. The organization has provided estimates for future growth but has concerns about whether these estimates are accurate. What should be included in the design to address these concerns?
A. A monitoring application and procedures for pool expansion
B. A chargeback application and orchestration workflows to auto-scale pools
C. A metering application and orchestration workflows to auto-scale pools
D. A configuration management application and procedures for pool expansion
Answer: A
Q30. You are designing consumer compute resources in an onsite private cloud. During an assessment, you discover that the organization's IT staff wants secure access to the underlying host OS. What should be included in the design to support this requirement?
A. Host IDS configurationSecure key infrastructure Bridged management network
B. Perimeter firewall configuration VPN encryption Separate management network
C. Host OS firewall configuration Central logging Physically isolated management network
D. Host OS firewall configuration Secure key infrastructure Separate management network
Answer: B
