Troubleshooting for CompTIA Cloud+

This page covers the Troubleshooting domain of the CompTIA Cloud+ certification. Master Cybersecurity offers 43 practice questions in this domain, drawn from the same content we use across our timed exam simulations. Below are five sample questions with full answer explanations.

Sample Practice Questions

  1. Question 1

    A cloud engineer is troubleshooting an application that consumes multiple third-party REST APIs. The application is randomly experiencing high latency. Which of the following would best help determine the source of the latency?
    1. A. Configuring centralized logging to analyze HTTP requests
    2. B. Running a flow log on the network to analyze the packets
    3. C. Configuring an API gateway to track all incoming requests
    4. D. Enabling tracing to detect HTTP response times and codes
    Explanation

    The correct answer is: D. Enabling tracing to detect HTTP response times and codes.

    Random high latency in an application that fans out to multiple third-party REST APIs is a distributed tracing problem: you need per-request, per-call timing to see which downstream dependency is slow on which calls. Enabling tracing instruments outbound HTTP calls so each span records response time and status code, letting the engineer isolate whether latency comes from a specific provider, a specific endpoint, or a regional path. Centralized logging captures events but, without correlation IDs and spans, struggles to tie an inbound user request to all of its downstream HTTP calls. Flow logs record packet-level metadata at the network layer; they show that traffic happened but not which API call took two seconds. An API gateway tracks inbound requests to your own application, not the outbound calls you make to third parties. Tracing is the targeted instrumentation.

  2. Question 2

    A company runs a discussion forum that caters to global users. The company’s monitoring system reports that the home page suddenly is seeing elevated response times, even though internal monitoring has reported no issues or changes. Which of the following is the most likely cause of this issue?
    1. A. Cryptojacking
    2. B. Human error
    3. C. DDos
    4. D. Phishing
    Explanation

    The correct answer is: C. DDos.

    A global discussion forum where the home page response time suddenly rises while internal monitoring reports no issues or changes points to an external traffic event rather than a code or infrastructure regression. A distributed denial-of-service attack drives elevated front-end response times by consuming connection slots, application-pool capacity, or upstream bandwidth, even when the application is healthy. Cryptojacking is local CPU abuse on hijacked VMs and rarely shows up first as user-facing latency on a public site. Human error usually corresponds to a recent change, which is explicitly ruled out here. Phishing is a credential-harvesting tactic aimed at users and would not affect home-page response time. A sudden, unexplained latency spike with no internal change is the textbook signal of a volumetric or application-layer DDoS, addressed by CDN absorption, rate limiting, and scrubbing.

  3. Question 3

    A developer is testing code that will be used to deploy a web farm in a public cloud. The main code block is a function to create a load balancer and a loop to create 1,000 web servers, as shown below: The developer runs the code against the company’s cloud account and observes that the load balancer is successfully created, but only 100 web servers have been created. Which of the following should the developer do to fix this issue?
    1. A. Request an increase of instance quota.
    2. B. Run the code multiple times until all servers are created.
    3. C. Check the my_web_server () function to ensure itis using the right credentials.
    4. D. Place the my_load_balancer () function after the loop.
    Explanation

    The correct answer is: A. Request an increase of instance quota..

    The script created 100 web servers out of 1,000 and the load balancer was created successfully. That split outcome where compute deployment stops at a round number while a different resource type succeeded is the classic shape of a service quota hit specifically on the instance count for the account or region. Cloud providers cap the number of running instances per region by default and expect tenants to request an increase before running large fleets. The fix is to request an instance quota increase from the provider and then re-run the deployment. Re-running the code blindly will hit the same wall at 100. The credentials are not the issue because some servers did launch successfully with those credentials. Moving the load balancer function after the loop changes the construction order but does not increase the allowed instance count. Quota increases are the targeted remedy.

  4. Question 4

    A developer sends multiple requests to a SaaS application in a short amount of time. The developer realizes that the entire server and all other users can no longer send requests to the application. Which of the following best describes the issue?
    1. A. Service quotas
    2. B. API rate limiting
    3. C. Full outage
    4. D. Regional service availability
    Explanation

    The correct answer is: B. API rate limiting.

    The detail that distinguishes this scenario is that all users, not just the developer who sent the burst, become unable to reach the SaaS application. That tenant-wide impact points to API rate limiting applied at a shared scope such as the customer account or the API endpoint itself, where exceeding the request budget throttles every caller behind that limit. A service quota is also a cap, but quotas are usually static, longer-horizon allotments (for example, number of provisioned resources) rather than something tripped by a short burst of requests, and they typically return a quota-exceeded error rather than rejecting other users' traffic in real time. A full outage would affect the service across customers, not be tied to one developer's burst. Regional service availability concerns which regions offer a service and is unaffected by request volume. The pattern matches shared-scope rate limiting.

  5. Question 5

    A company’s website suddenly crashed. A cloud engineer investigates the following logs: Which of the following is the MOST likely cause of the issue?
    1. A. SQL injection
    2. B. Cross-site scripting
    3. C. Leaked credentials
    4. D. DDoS
    Explanation

    The correct answer is: D. DDoS.

    A sudden site crash whose logs show a flood of requests from many distinct sources hammering the same endpoints within a short window is the classic profile of a distributed denial-of-service attack. DDoS overwhelms front-end capacity, exhausts connection pools, and saturates bandwidth so legitimate users cannot complete requests, which lines up with a site that crashes outright rather than returning isolated errors. SQL injection targets data through crafted query payloads and produces data leakage or tampering, not mass-availability collapse. Cross-site scripting executes in victim browsers and does not by itself bring a server down. Leaked credentials would surface as anomalous successful logins from unexpected geographies, not a traffic surge that crashes the site. The volumetric, multi-source traffic pattern in the logs is what makes DDoS the right diagnosis here.

Other CompTIA Cloud+ domains

Practice all 43 Troubleshooting questions · Browse CompTIA Cloud+