IBM Assessment: Cloud Computing Architecture Advanced Practice Exam: Hard Questions 2025

A global financial services company is designing a multi-region cloud architecture that must guarantee data residency compliance while maintaining sub-50ms latency for all users. They have compliance requirements preventing data replication across regional boundaries, but need disaster recovery capabilities. The application uses a microservices architecture with eventual consistency acceptable for non-financial transactions. Which architectural pattern best addresses these requirements?

An enterprise is experiencing intermittent performance degradation in their containerized application running on a managed Kubernetes service. Monitoring shows CPU throttling occurring despite average CPU utilization being only 40%. The application has burstable workload patterns with sudden spikes lasting 2-5 seconds. Container resource requests are set to 500m CPU and limits to 2000m CPU. What is the most likely root cause and appropriate solution?

A healthcare organization must implement a zero-trust security model for their hybrid cloud environment containing both legacy on-premises applications and cloud-native services. The architecture must support HIPAA compliance, least-privilege access, and continuous verification. Identity federation is required across multiple identity providers. Which combination of security controls best implements this zero-trust architecture?

An e-commerce platform experiences a cascading failure where a spike in database connection pool exhaustion in the order service triggers timeouts, which causes the API gateway to retry requests, further overwhelming the database and eventually bringing down multiple dependent services. Post-incident analysis is needed. Which architectural pattern combination would most effectively prevent this cascading failure scenario?

A company is migrating a monolithic application to cloud using the strangler fig pattern. The legacy system uses two-phase commit transactions across multiple databases, while the new microservices architecture uses eventual consistency. During the transition period, some business processes span both the legacy system and new microservices. How should transactional integrity be maintained across this hybrid architecture?

A SaaS provider is designing a multi-tenant architecture where tenants have vastly different usage patterns: some have predictable load, others are highly variable, and some require data isolation for regulatory reasons. The platform must optimize costs while ensuring tenant isolation and performance guarantees. Which multi-tenancy model best addresses these requirements?

An organization's cloud infrastructure uses instance metadata service (IMDS) for applications to retrieve temporary credentials. A security audit reveals potential SSRF (Server-Side Request Forgery) vulnerabilities in several applications that could allow attackers to access the metadata service. The organization needs to implement defense-in-depth without breaking existing applications. What is the most comprehensive mitigation strategy?

A media streaming platform experiences unpredictable traffic patterns with flash crowds during live events. The platform uses autoscaling, but during a recent event, scaling lag caused 15 minutes of degraded performance before adequate capacity was provisioned. The application startup time is 3 minutes (includes container pull, initialization, and health checks). Predictive scaling based on event schedules is partially effective but doesn't account for viral content. How should the architecture be optimized to handle these scenarios?

A financial institution is implementing a cloud disaster recovery strategy for their trading platform that processes real-time market data. The RTO (Recovery Time Objective) is 5 minutes, RPO (Recovery Point Objective) is 0 seconds (no data loss acceptable), and they must maintain audit trails of all recovery operations. The platform consists of stateful services, real-time data streams, and batch processing jobs. Which DR architecture meets these stringent requirements?

A global enterprise uses a hybrid cloud architecture with sensitive data governed by multiple conflicting regulations (GDPR in EU, data localization in various countries, and industry-specific compliance). They need to implement data classification and protection that automatically enforces policy based on data attributes, user location, and access context. The solution must work across on-premises and multiple cloud providers. Which architectural approach best addresses these requirements?