Certified DevOps Operational Engineer Certification Exam Guide, Exams of Technology

This exam guide focuses on the operational side of DevOps, covering infrastructure management, configuration automation, cloud operations, monitoring, incident response, and service reliability. Candidates learn to manage scalable systems, implement operational best practices, and align DevOps workflows with business objectives. Practical scenarios and exam-aligned questions reinforce operational excellence and certification readiness.

Typology: Exams

2025/2026

Available from 02/10/2026

shilpi-jain-3
shilpi-jain-3 🇮🇳

2.5

(11)

80K documents

1 / 93

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Certified DevOps Operational Engineer
Certification Exam Guide
**Question 1.** Which of the following best describes the “First Way” in the Three Ways of
DevOps?
A) Emphasizing rapid feedback loops
B) Optimizing the flow of work from development to operations
C) Encouraging continuous learning and experimentation
D) Implementing strict changecontrol processes
**Answer:** B
**Explanation:** The First Way focuses on improving the flow of value by streamlining the
handoff from development to operations, ensuring work moves quickly and efficiently through
the system.
**Question 2.** In the CALMS framework, the “M” stands for:
A) Metrics
B) Monitoring
C) Measurement
D) Management
**Answer:** C
**Explanation:** CALMS stands for Culture, Automation, Lean, Measurement, and Sharing.
“Measurement” emphasizes datadriven decisionmaking and continuous improvement.
**Question 3.** A Service Level Objective (SLO) is:
A) The maximum amount of downtime allowed per month
B) A target for a specific reliability metric, such as latency or error rate
C) The total budget allocated for infrastructure costs
D) A contract that defines the legal responsibilities of a vendor
**Answer:** B
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d
pf4e
pf4f
pf50
pf51
pf52
pf53
pf54
pf55
pf56
pf57
pf58
pf59
pf5a
pf5b
pf5c
pf5d

Partial preview of the text

Download Certified DevOps Operational Engineer Certification Exam Guide and more Exams Technology in PDF only on Docsity!

Certification Exam Guide

Question 1. Which of the following best describes the “First Way” in the Three Ways of DevOps? A) Emphasizing rapid feedback loops B) Optimizing the flow of work from development to operations C) Encouraging continuous learning and experimentation D) Implementing strict change‑control processes Answer: B Explanation: The First Way focuses on improving the flow of value by streamlining the hand‑off from development to operations, ensuring work moves quickly and efficiently through the system. Question 2. In the CALMS framework, the “M” stands for: A) Metrics B) Monitoring C) Measurement D) Management Answer: C Explanation: CALMS stands for Culture, Automation, Lean, Measurement, and Sharing. “Measurement” emphasizes data‑driven decision‑making and continuous improvement. Question 3. A Service Level Objective (SLO) is: A) The maximum amount of downtime allowed per month B) A target for a specific reliability metric, such as latency or error rate C) The total budget allocated for infrastructure costs D) A contract that defines the legal responsibilities of a vendor Answer: B

Certification Exam Guide

Explanation: An SLO defines the desired performance level for a service, such as 99.9% availability or 95th‑percentile latency under a given threshold. Question 4. In Lean management, “Muda” refers to: A) Continuous improvement activities B) Value‑adding work C) Waste that does not add value to the customer D) Standardized work procedures Answer: C Explanation: “Muda” is a Japanese term for waste; Lean seeks to identify and eliminate non‑value‑adding activities. Question 5. Which IaC tool uses a declarative language to describe AWS resources? A) Terraform B) Ansible C) Chef D) Packer Answer: A Explanation: Terraform uses a declarative HCL (HashiCorp Configuration Language) to define the desired end state of infrastructure, including AWS resources. Question 6. Which of the following statements about imperative IaC is true? A) The final state is described, not the steps to achieve it B) It is inherently idempotent without additional logic C) It specifies exact commands to reach the desired configuration D) It cannot be used with cloud‑native services

Certification Exam Guide

C) Using containers for pet‑level applications only D) Differentiating between production and development environments Answer: A Explanation: “Cattle” are interchangeable instances that can be destroyed and recreated, whereas “Pets” are manually maintained, unique servers. Question 10. Packer is used to: A) Provision cloud resources at runtime B) Build immutable machine images for multiple platforms C) Orchestrate Kubernetes deployments D) Manage secrets across environments Answer: B Explanation: Packer creates golden images (e.g., AMIs, Docker images) that can be used for immutable infrastructure deployments. Question 11. NetDevOps primarily automates: A) Application code compilation B) Network device configuration and provisioning C) Database schema migrations D) User authentication flows Answer: B Explanation: NetDevOps applies DevOps principles to networking, automating the configuration of routers, firewalls, load balancers, and VPCs. Question 12. Which of the following is a key benefit of using a CI/CD pipeline for operations teams?

Certification Exam Guide

A) Reducing the need for version control B) Eliminating all manual testing C) Ensuring consistent, repeatable deployments D) Allowing developers to bypass security checks Answer: C Explanation: CI/CD pipelines automate build, test, and deployment steps, providing repeatable and reliable delivery of changes. Question 13. In Jenkins, a “pipeline” is defined using: A) XML configuration files B) Groovy‑based Jenkinsfile C) Bash scripts stored in the workspace D) JSON manifests in the Jenkins UI Answer: B Explanation: Jenkins pipelines are defined in a Jenkinsfile using a Groovy‑based DSL, describing stages, steps, and conditions. Question 14. Which deployment strategy minimizes risk by sending a small portion of traffic to a new version before full rollout? A) Blue/Green B) Rolling update C) Canary release D) Recreate deployment Answer: C Explanation: Canary releases route a fraction of traffic to the new version, allowing validation before scaling to all users.

Certification Exam Guide

Explanation: Nexus (or Artifactory) stores Maven, npm, and other binary artifacts, providing versioned storage and access control. Question 18. A Dockerfile instruction that reduces image size by removing build‑time dependencies is: A) FROM B) RUN apt‑get clean && rm - rf /var/lib/apt/lists/* C) ENTRYPOINT D) EXPOSE Answer: B Explanation: Cleaning package caches after installing build dependencies reduces the final image size. Question 19. In Kubernetes, a “Pod” is: A) A virtual machine instance B) The smallest deployable unit that can contain one or more containers C) A load‑balancing service object D) A storage volume definition Answer: B Explanation: A Pod encapsulates one or more tightly coupled containers that share the same network namespace and storage. Question 20. Which Kubernetes object provides stable network endpoints for a set of Pods? A) ConfigMap B) Secret C) Service

Certification Exam Guide

D) DaemonSet Answer: C Explanation: A Service abstracts a group of Pods and provides a stable IP and DNS name for client access. Question 21. Helm charts primarily help with: A) Container runtime security scanning B) Packaging, versioning, and deploying Kubernetes resources as a single unit C) Managing CI/CD pipelines in GitLab D) Monitoring cluster health metrics Answer: B Explanation: Helm packages Kubernetes manifests into reusable charts, enabling versioned deployments and rollbacks. Question 22. GitOps principles rely on: A) Manual configuration changes on production servers B) Storing the entire desired state of a system in Git and using automation to reconcile it C) Periodic backups of database snapshots D) Running scripts only when a ticket is approved Answer: B Explanation: GitOps treats Git as the single source of truth; automated agents continuously apply the declarative state stored in Git to the target environment. Question 23. The three pillars of observability are: A) Alerts, Dashboards, and Logs B) Metrics, Logs, and Distributed Tracing

Certification Exam Guide

A) Elasticsearch B) Logstash C) Kibana D) Beats Answer: B Explanation: Logstash parses, filters, and forwards logs to Elasticsearch for indexing. Question 27. An “on‑call rotation” is primarily used to: A) Deploy code automatically every night B) Ensure that a qualified person is available to respond to alerts 24/ C. Schedule regular backup windows D. Rotate encryption keys periodically Answer: B Explanation: On‑call rotations assign responsibility for incident response, ensuring timely acknowledgment and mitigation. Question 28. A blameless post‑mortem focuses on: A. Assigning blame to the individual who caused the outage B. Identifying systemic root causes and improvement actions without finger‑pointing C. Documenting only the financial impact of the incident D. Publishing the incident details publicly without internal review Answer: B Explanation: Blameless post‑mortems aim to uncover process gaps and technical failures to prevent recurrence, fostering a learning culture. Question 29. Chaos Engineering typically begins with:

Certification Exam Guide

A. Randomly shutting down production servers without analysis B. Defining a steady‑state hypothesis and then introducing controlled failures to test it C. Disabling all monitoring tools to see if alerts still fire D. Removing all load balancers from the architecture Answer: B Explanation: Chaos experiments start with a hypothesis about normal system behavior, then inject failures to verify resilience. Question 30. In SRE, an “error budget” represents: A. The total number of bugs allowed per release B. The allowable amount of downtime or errors beyond the SLO C. The budget allocated for security tools D. The maximum number of incidents per month Answer: B Explanation: An error budget quantifies how much unreliability is acceptable; it balances feature development against reliability work. Question 31. Which of the following is a lean principle that helps reduce “batch size” in software delivery? A. Waterfall development B. Continuous integration C. Monolithic architecture D. Manual change‑control boards Answer: B Explanation: Continuous integration encourages small, frequent changes, reducing batch size and enabling faster feedback.

Certification Exam Guide

Explanation: Canary deployments expose a subset of traffic to the new version, allowing monitoring before full rollout. Question 35. Which of the following is NOT a typical metric collected by Prometheus? A. CPU usage percentage B. HTTP request latency histogram C. Raw log file contents D. Number of active database connections Answer: C Explanation: Prometheus collects numeric time‑series data; raw log contents are handled by logging systems like Loki or ELK. Question 36. In Kubernetes, a “DaemonSet” ensures that: A. All Pods are evenly distributed across nodes B. A copy of a specific Pod runs on every node (or a subset) C. Secrets are automatically rotated D. Services are load‑balanced across clusters Answer: B Explanation: DaemonSets deploy a Pod instance on each node, useful for log collectors, monitoring agents, etc. Question 37. Which GitOps tool continuously reconciles the desired state from a Git repository to a Kubernetes cluster? A. Jenkins B. Argo CD C. Terraform

Certification Exam Guide

D. Ansible Tower Answer: B Explanation: Argo CD watches a Git repo and applies any drift between the repo’s manifests and the cluster state. Question 38. The primary purpose of a “Service Mesh” (e.g., Istio) is to: A. Replace the Kubernetes scheduler B. Provide advanced traffic management, security, and observability at the network layer C. Store container images in a registry D. Automate server provisioning on bare metal Answer: B Explanation: Service meshes inject sidecar proxies to handle routing, mTLS, and telemetry without modifying application code. Question 39. Which of the following best describes “Infrastructure drift”? A. When developers forget to push code changes B. When the actual state of infrastructure diverges from the declared IaC configuration C. When network latency increases due to bandwidth limits D. When logs are not forwarded to a central system Answer: B Explanation: Drift occurs when manual changes or external factors cause the real environment to differ from the code‑defined desired state. Question 40. In the context of CI/CD, “artifact” refers to: A. Source code stored in a repository B. A compiled binary, container image, or package produced by a build pipeline

Certification Exam Guide

A. Zero downtime by updating Pods incrementally while keeping the desired number of replicas available B. Immediate replacement of all Pods simultaneously C. Automatic database schema migration D. Creation of a new namespace for each version Answer: A Explanation: Rolling updates replace Pods gradually, ensuring the service remains available throughout the upgrade. Question 44. In a microservices architecture, “circuit breaker” patterns help to: A. Increase the number of microservice instances automatically B. Prevent cascading failures by stopping calls to an unhealthy service C. Encrypt all inter‑service communication D. Deploy services in a blue/green fashion Answer: B Explanation: Circuit breakers detect failures and short‑circuit requests, protecting the system from overload. Question 45. Which of the following tools is specifically designed for secret management? A. Terraform B. HashiCorp Vault C. Ansible D. Prometheus Answer: B Explanation: Vault provides secure storage, dynamic secrets, and fine‑grained access control for credentials, API keys, etc.

Certification Exam Guide

Question 46. The primary purpose of “Feature Flags” in a CI/CD pipeline is to: A. Disable CI jobs for certain branches B. Toggle functionality at runtime without redeploying code C. Encrypt configuration files D. Enforce code style guidelines Answer: B Explanation: Feature flags allow teams to release code safely and enable/disable features dynamically, supporting canary releases and rollback. Question 47. Which of the following is a common method for achieving “blue/green” deployments in Kubernetes? A. Using two separate Deployments with distinct Service selectors and switching the Service target B. Scaling the same Deployment to zero and then back up C. Applying a ConfigMap change that updates the image tag D. Deleting all Pods and recreating them with the new version Answer: A Explanation: Two Deployments (blue and green) each have their own label set; the Service selector is switched to point to the green version for traffic cut‑over. Question 48. In the context of observability, “distributed tracing” helps to: A. Store time‑series metrics in a database B. Visualize the flow of a request across multiple services and identify latency bottlenecks C. Aggregate logs into a single index D. Generate alerts based on CPU usage thresholds

Certification Exam Guide

C. Use imperative local-exec provisioners for all resources D. Store state files in the local filesystem only Answer: B Explanation: Modular, versioned code encourages reuse and maintainability; credentials should be managed externally. Question 52. In AWS, which service provides a managed version of Prometheus? A. Amazon CloudWatch B. Amazon Managed Service for Prometheus (AMP) C. AWS Lambda D. Amazon RDS Answer: B Explanation: AMP offers a fully managed Prometheus-compatible service for scaling metrics collection. Question 53. What is the primary purpose of a “Service Level Indicator” (SLI)? A. To define the cost of a service B. To measure a specific aspect of service performance (e.g., latency) used to calculate SLOs C. To track the number of developers working on a service D. To document the architecture diagram of a service Answer: B Explanation: SLIs are quantifiable measurements (e.g., 99th‑percentile latency) that feed into SLO calculations. Question 54. Which of the following is a key advantage of using “immutable servers” over “mutable servers”?

Certification Exam Guide

A. Ability to patch operating systems in place B. Predictable, repeatable deployments with reduced configuration drift C. Faster boot times due to fewer layers D. Easier manual debugging of running instances Answer: B Explanation: Immutable servers are replaced rather than altered, eliminating drift and ensuring consistency across environments. Question 55. In a CI pipeline, the “artifact repository” is typically used for: A. Storing source code branches B. Holding compiled binaries, container images, or packages for downstream deployment stages C. Managing user permissions for the CI server D. Logging build console output Answer: B Explanation: Artifact repositories act as a central, versioned store for build outputs that can be pulled by deployment processes. Question 56. Which Kubernetes object can be used to enforce resource limits (CPU, memory) on a namespace? A. ConfigMap B. ResourceQuota C. PersistentVolumeClaim D. ServiceAccount Answer: B Explanation: ResourceQuota sets caps on total resource consumption for a namespace, preventing over‑provisioning.