CompTIA Cloud+

The CompTIA Cloud+ certification is an internationally recognized validation of the knowledge required of IT practitioners working in cloud computing environments.

The CompTIA Cloud+ exam will certify the successful candidate has the knowledge and skills required to understand standard cloud methodologies; to implement, maintain, and deliver cloud technologies (e.g., network, storage, and virtualization technologies); and to understand aspects of IT security and use industry best practices related to cloud implementations.

CompTIA Cloud+ : CV0-002

1.0 Configuration and Deployment

Analyze system requirements to ensure successful system deployment.

  • Appropriate commands, structure, tools, and automation/orchestration as needed
  • Platforms and applications
  • Interaction of cloud components and services
  • Interaction of non-cloud components and services
  • Baselines
  • Target hosts
  • Existing systems
  • Cloud architecture
  • Cloud elements/target objects

Execute a provided deployment plan.

  • Apply the Change Management Process
  • Refer to documentation and follow standard operating procedures
  • Execute workflow
  • Configure automation and orchestration, where appropriate, for the system being deployed
  • Use commands and tools as needed
  • Document results

Determine if a given testing plan is appropriate.

  • Underlying environment considerations included in the testing plan
  • Testing techniques

Analyze testing results to determine if the testing was successful in relation to given system requirements.

  • Consider success factor indicators of the testing environment
  • Document results
  • Baseline comparisons
  • SLA comparisons
  • Cloud performance fluctuation variables

Analyze sizing, subnetting, and basic routing for a provided deployment of the virtual network.

  • Cloud deployment models
  • Network components
  • Applicable port and protocol considerations when extending to the cloud
  • Determine configuration for the applicable platform as it applies to the network
  • Determine if cloud resources are consistent with the SLA and/or change management requirements

Analyze CPU and memory sizing for a provided deployment.

  • Available vs. proposed resources
  • Memory technologies
  • CPU technologies
  • Effect to HA/DR
  • Performance considerations
  • Cost considerations
  • Energy savings
  • Dedicated compute environment vs. shared compute environment

Analyze the appropriate storage type and protection capability for a provided deployment.

  • Requested IOPS and read/ write throughput
  • Protection capabilities
  • Storage types
  • Access protocols
  • Management differences
  • Provisioning model
  • Storage technologies
  • Storage tiers
  • Overcommitting storage
  • Security configurations for applicable platforms

Analyze characteristics of the workload (storage, network, compute) to ensure a successful migration.

  • Migration types
  • Source and destination format of the workload
  • Network connections and data transfer methodologies
  • Standard operating procedures for the workload migration
  • Environmental constraints

Apply elements required to extend the infrastructure into a given cloud solution.

  • Identity management elements
  • Appropriate protocols given requirements
  • Element considerations to deploy infrastructure services such as:

2.0 Security

Apply security configurations and compliance controls to meet given cloud infrastructure requirements.

  • Company security policies
  • Apply security standards for the selected platform
  • Compliance and audit requirements governing the environment
  • Encryption technologies
  • Key and certificate management
  • Tunneling protocols
  • Implement automation and orchestration processes as applicable
  • Appropriate configuration for the applicable platform as it applies to compute

Apply the appropriate ACL to the target objects to meet access requirements according to a security template.

  • Authorization to objects in the cloud
  • Effect of cloud service models on security implementations
  • Effect of cloud deployment models on security implementations
  • Access control methods

Implement defined security technologies to meet given security requirements.

  • Data classification
  • Concepts of segmentation and micro-segmentation
  • Use encryption as defined
  • Use multifactor authentication as defined
  • Apply defined audit/ compliance requirements

Apply the appropriate security automation technique to the target system.

  • Tools
  • Security services
  • Techniques
  • Impact of security tools to systems and services
  • Impact of security automation techniques as they relate to the criticality of systems

3.0 Maintenance

Cloud service model, determine the appropriate methodology to apply given patches.

  • Scope of cloud elements to be patched
  • Patching methodologies and standard operating procedures
  • Use order of operations as it pertains to elements that will be patched
  • Dependency considerations

Apply the appropriate automation tools to update cloud elements.

  • Types of updates
  • Automation workflow
  • Activities to be performed by automation tools

Apply an appropriate backup or restore method.

  • Backup types
  • Backup targets
  • Other considerations

Apply appropriate disaster recovery methods.

  • DR capabilities of a cloud service provider
  • Other considerations

Apply the appropriate steps to ensure business continuity.

  • Business continuity plan
  • SLAs for BCP and HA

Apply the appropriate maintenance automation technique to the target objects.

  • Maintenance schedules
  • Impact and scope of maintenance tasks
  • Impact and scope of maintenance automation techniques
  • Include orchestration as appropriate
  • Maintenance automation tasks

4.0 Management

Analyze defined metrics to determine the presence of an abnormality and/or forecast future needed cloud resources.

  • Monitoring
  • Event correlation
  • Forecasting resource capacity
  • Policies in support of event collection
  • Policies to communicate alerts appropriately

Determine the appropriate allocation of cloud resources.

  • Resources needed based on cloud deployment models
  • Capacity/elasticity of cloud environment
  • Support agreements
  • Configuration management tool
  • Resource balancing techniques

Determine when to provision/deprovision cloud resources.

  • Usage patterns
  • Cloud bursting
  • Cloud provider migrations
  • Extending cloud scope
  • Application life cycle
  • Business need change

Implement account provisioning techniques in a cloud environment to meet security and policy requirements.

  • Identification
  • Authentication methods
  • Authorization methods
  • Account life cycle
  • Account management policy
  • Automation and orchestration activities

Analyze deployment results to confirm they meet the baseline.

  • Procedures to confirm results

Specific environment and related data (e.g., performance, capacity, trends), apply appropriate changes to meet expected criteria.

  • Analyze performance trends
  • Refer to baseline
  • Refer to SLAs
  • Tuning of cloud target objects
  • Recommend changes to meet expected performance/capacity

Given SLA requirements, determine the appropriate metrics to report

  • Chargeback/showback models
  • Dashboard and reporting

5.0 Troubleshooting

Troubleshoot a deployment issue.

  • Common issues in the deployments

Troubleshoot common capacity issues.

  • Exceeded cloud capacity boundaries
  • Deviation from original baseline
  • Unplanned expansions

Troubleshoot automation/orchestration issues.

  • Breakdowns in the workflow

Troubleshoot connectivity issues.

  • Common networking issues
  • Network tool outputs
  • Network connectivity tools
  • Remote access tools for troubleshooting

Troubleshoot security issues.

  • Authentication issues
  • Authorization issues
  • Federation and single sign-on issues
  • Certificate expiration
  • Certification misconfiguration
  • External attacks
  • Internal attacks
  • Privilege escalation
  • Internal role change
  • External role change
  • Security device failure
  • Incorrect hardening settings
  • Unencrypted communication
  • Unauthorized physical access
  • Unencrypted data
  • Weak or obsolete security technologies
  • Insufficient security controls and processes
  • Tunneling or encryption issues

Explain the troubleshooting methodology.

  • Always consider corporate policies, procedures, and impacts before implementing changes
  • Identify the problem
  • Establish a theory of probable cause (question the obvious)
  • Test the theory to determine cause
  • Establish a plan of action to resolve the problem and implement the solution
  • Verify full system functionality and, if applicable, implement preventive measures
  • Document findings, actions, and outcomes