← Back to exam page

C1000-100 IBM Cloud Solution Architect v4

Loading demo links...

Showing 7–9 of 10 questions

Question 7 (Exam Pool B)

A VPC has been created with a single subnet. Virtual server instances have been deployed on the subnet that have different functions which support a production application. The security team has now said that they want to ensure that network traffic between the different server types can be controlled. How can this be achieved?

Select an option, then click Submit answer.

  • Use a Hardware Security Module to create advanced network routing tables that ensure traffic does not route between server types, as per the security team’s wishes

  • Create security groups for the different server types with inbound and outbound rules that satisfy the security team, into which the VSIs can be placed

  • Create a VPC load balancer and place each server type into its own back-end pool, then create Layer-7 routing policies that restrict network traffic flowing between the different pools

  • Create multiple access control lists with rules that satisfy the security team’s requirements and associate each VSI to the respective ACL
Question 8 (Exam Pool A)

When connecting an Application Server running on a VSI to a database server running on Bare Metal in IBM Cloud, which of the following is the recommended connectivity option at the lowest cost?

Select an option, then click Submit answer.

  • Over the IBM Cloud private network

  • Using VPC VPN

  • Via a Direct Link VPN

  • Through the public network
Question 9 (Exam Pool B)

A Financial Institution is interested in using IBM Blockchain Platform on IBM Cloud with the requirement that any application meet FIPS 140-2 Level 3 compliance. What option should an architect use for the nodes?

Select an option, then click Submit answer.

  • Financial Cloud Connector

  • Spectrum Protect Module

  • Hardware Security Module

  • Cloud Internet Connector