Certified Kubernetes Application Developer (CKAD) Exam, Exams of Technology

The Certified Kubernetes Application Developer (CKAD) Exam certifies expertise in designing, building, and running applications on Kubernetes. Candidates are tested on their ability to develop applications using Kubernetes, including how to work with containers, design Kubernetes resources, deploy applications, and troubleshoot issues. The certification is vital for software developers and engineers working with Kubernetes in cloud-native environments, ensuring their ability to handle the complexities of developing and managing applications in a containerized ecosystem.

Typology: Exams

2024/2025

Available from 04/16/2025

nicky-jone
nicky-jone 🇮🇳

2.9

(44)

28K documents

1 / 50

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Certified Kubernetes Application Developer (CKAD) Practice Exam
Question 1: Which Kubernetes component is responsible for scheduling Pods onto Nodes?
A. kube-apiserver
B. kube-controller-manager
C. kube-scheduler
D. kubelet
Answer: C
Explanation: The kube-scheduler selects suitable nodes for pods based on resource availability and
scheduling policies.
Question 2: What is the primary function of the kube-apiserver in a Kubernetes cluster?
A. Running containerized applications
B. Exposing the Kubernetes API and serving as the front end of the control plane
C. Monitoring node health
D. Managing network policies
Answer: B
Explanation: The kube-apiserver acts as the gateway to the Kubernetes control plane, handling API
requests and communication between components.
Question 3: Which Kubernetes object is the basic unit that encapsulates one or more containers?
A. Deployment
B. ReplicaSet
C. Pod
D. Service
Answer: C
Explanation: A Pod is the smallest deployable unit in Kubernetes that can contain one or more
containers.
Question 4: What is the role of a Deployment in Kubernetes?
A. Directly managing node resources
B. Defining and managing a set of identical Pods
C. Providing external load balancing
D. Configuring network policies
Answer: B
Explanation: A Deployment provides declarative updates for Pods and ReplicaSets, managing the
lifecycle of a set of identical Pods.
Question 5: Which Kubernetes resource is used to manage a group of identical Pods for high
availability?
A. Service
B. ReplicaSet
C. ConfigMap
D. Namespace
Answer: B
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32

Partial preview of the text

Download Certified Kubernetes Application Developer (CKAD) Exam and more Exams Technology in PDF only on Docsity!

Certified Kubernetes Application Developer (CKAD) Practice Exam

Question 1: Which Kubernetes component is responsible for scheduling Pods onto Nodes? A. kube-apiserver B. kube-controller-manager C. kube-scheduler D. kubelet Answer: C Explanation: The kube-scheduler selects suitable nodes for pods based on resource availability and scheduling policies. Question 2: What is the primary function of the kube-apiserver in a Kubernetes cluster? A. Running containerized applications B. Exposing the Kubernetes API and serving as the front end of the control plane C. Monitoring node health D. Managing network policies Answer: B Explanation: The kube-apiserver acts as the gateway to the Kubernetes control plane, handling API requests and communication between components. Question 3: Which Kubernetes object is the basic unit that encapsulates one or more containers? A. Deployment B. ReplicaSet C. Pod D. Service Answer: C Explanation: A Pod is the smallest deployable unit in Kubernetes that can contain one or more containers. Question 4: What is the role of a Deployment in Kubernetes? A. Directly managing node resources B. Defining and managing a set of identical Pods C. Providing external load balancing D. Configuring network policies Answer: B Explanation: A Deployment provides declarative updates for Pods and ReplicaSets, managing the lifecycle of a set of identical Pods. Question 5: Which Kubernetes resource is used to manage a group of identical Pods for high availability? A. Service B. ReplicaSet C. ConfigMap D. Namespace Answer: B

Explanation: ReplicaSets ensure that a specified number of pod replicas are running at any given time to provide high availability. Question 6: What does the term “control plane” refer to in Kubernetes? A. The set of worker nodes running applications B. The system responsible for managing and maintaining the state of the cluster C. A special type of Pod D. The container runtime environment Answer: B Explanation: The control plane consists of components like the kube-apiserver, etcd, kube-scheduler, and kube-controller-manager that manage the cluster’s overall state. Question 7: Which API object is used to logically separate resources within a cluster? A. Label B. Node C. Namespace D. Service Answer: C Explanation: Namespaces allow administrators to partition cluster resources between multiple users or teams. Question 8: How do Kubernetes Resource Requests and Limits benefit a cluster? A. They prevent resource contention by defining minimum and maximum resource allocations for containers B. They manage network traffic between Pods C. They automatically scale applications D. They create backups of application data Answer: A Explanation: Resource requests guarantee a minimum amount of resources for a container, while limits cap its resource usage to prevent any one container from consuming excessive resources. Question 9: What is the purpose of a Service in Kubernetes networking? A. To store application configuration B. To expose an application running on a set of Pods as a network service C. To manage cluster nodes D. To create persistent volumes Answer: B Explanation: Services abstract the access to a group of Pods, providing stable endpoints and load balancing. Question 10: Which Service type is used to expose a service on a static port on each Node’s IP address? A. ClusterIP B. NodePort C. LoadBalancer D. ExternalName Answer: B

Explanation: StatefulSets are designed for applications that need stable network identities and persistent storage, such as databases. Question 16: Which Kubernetes resource is ideal for running a Pod on every node in the cluster? A. Deployment B. DaemonSet C. ReplicaSet D. StatefulSet Answer: B Explanation: DaemonSets ensure that a copy of a Pod runs on all (or selected) nodes, useful for cluster- wide services like logging or monitoring agents. Question 17: What is the primary purpose of a Job in Kubernetes? A. To continuously run an application B. To perform a one-time batch task until completion C. To manage persistent storage D. To configure network policies Answer: B Explanation: A Job creates one or more Pods and ensures that a specified number of them successfully terminate, making it ideal for batch tasks. Question 18: Which Kubernetes resource is used to run periodic tasks? A. Job B. CronJob C. Deployment D. StatefulSet Answer: B Explanation: CronJobs allow you to schedule Jobs to run at specified intervals, much like cron in Unix systems. Question 19: In Kubernetes, how can environment variables be injected into Pods? A. Through Secrets and ConfigMaps B. Through Persistent Volumes C. Through Service Accounts D. Through ReplicaSets Answer: A Explanation: Environment variables can be set using data stored in Secrets and ConfigMaps, providing a flexible configuration method. Question 20: What is Helm primarily used for in Kubernetes? A. Monitoring cluster performance B. Managing container images C. Packaging, deploying, and managing Kubernetes applications D. Configuring network policies Answer: C Explanation: Helm is a package manager for Kubernetes that simplifies the deployment and management of applications by using charts.

Question 21: What are Persistent Volumes (PVs) used for in Kubernetes? A. Storing temporary data only B. Providing persistent storage independent of Pod lifecycle C. Managing container images D. Scheduling Pods Answer: B Explanation: PVs are storage resources in the cluster that persist beyond the lifecycle of individual Pods. Question 22: How do Persistent Volume Claims (PVCs) interact with Persistent Volumes (PVs)? A. PVCs directly manage network traffic B. PVCs request specific storage resources from PVs C. PVCs schedule Pods on Nodes D. PVCs configure container runtimes Answer: B Explanation: PVCs are requests for storage by a user that are matched with available PVs based on the claim’s requirements. Question 23: What is the function of Storage Classes in Kubernetes? A. They define policies for dynamic storage provisioning B. They manage container networking C. They control Pod scheduling D. They create backups of data Answer: A Explanation: Storage Classes provide a way to define different types of storage and policies for dynamic provisioning of Persistent Volumes. Question 24: Which volume type in Kubernetes is ephemeral and exists only for the lifetime of the Pod? A. hostPath B. emptyDir C. NFS D. PersistentVolume Answer: B Explanation: The emptyDir volume is created when a Pod is assigned to a node and exists only as long as that Pod is running. Question 25: What does the term “ReadWriteOnce” mean in Kubernetes volume access modes? A. The volume can be mounted as read-only by many nodes B. The volume can be mounted as read-write by a single node C. The volume is accessible only once per cluster D. The volume is read-write for all nodes Answer: B Explanation: ReadWriteOnce means that the volume can be mounted as read-write by a single node, ensuring data consistency. Question 26: Which component is responsible for maintaining the overall state of the Kubernetes cluster?

C. Liveness probe D. Health probe Answer: B Explanation: A readiness probe indicates whether a Pod is ready to serve requests, allowing Services to route traffic only to healthy Pods. Question 32: What is the main purpose of a liveness probe in Kubernetes? A. To check if a Pod should be restarted because it’s not functioning correctly B. To determine if a Pod is ready for traffic C. To monitor container logs D. To manage persistent storage Answer: A Explanation: A liveness probe detects if a container has become unresponsive or stuck, prompting Kubernetes to restart it if necessary. Question 33: How does Kubernetes achieve high availability for applications? A. By using a single node for all workloads B. By replicating Pods and using services for load balancing C. By storing all data in a single persistent volume D. By limiting container resources Answer: B Explanation: High availability is achieved by replicating Pods across multiple nodes and using Services to distribute traffic among them. Question 34: What is the advantage of using Init containers in a Pod? A. They run after the main containers B. They execute tasks sequentially before the main containers start C. They replace the need for health probes D. They handle network routing Answer: B Explanation: Init containers run before the main application containers, performing setup tasks such as configuration or initialization. Question 35: What is the function of labels in Kubernetes? A. To restrict network access B. To attach metadata to objects for identification and selection C. To define container resource limits D. To manage persistent storage Answer: B Explanation: Labels are key-value pairs attached to objects that allow users to organize and select subsets of resources. Question 36: How do selectors work in Kubernetes? A. They manage network traffic B. They query objects based on their labels C. They schedule Pods D. They allocate persistent storage

Answer: B Explanation: Label selectors allow users to identify a group of objects by filtering on specific label values. Question 37: What is the purpose of annotations in Kubernetes? A. To enforce security policies B. To provide non-identifying metadata that can be used by external tools C. To manage container networking D. To limit resource usage Answer: B Explanation: Annotations attach non-identifying information to objects, which can be used by tools and libraries without affecting core behavior. Question 38: When managing resources in different namespaces, which command flag is used with kubectl? A. --context B. --namespace C. --cluster D. --resource Answer: B Explanation: The --namespace flag specifies which namespace to operate on when using kubectl commands. Question 39: What is the purpose of mounting ConfigMaps into a Pod? A. To provide external storage B. To inject configuration data into containers C. To manage network policies D. To secure container images Answer: B Explanation: Mounting a ConfigMap as a volume or environment variable allows containers to use configuration data at runtime. Question 40: How are Secrets typically mounted into Pods for use by applications? A. As regular files in a volume or as environment variables B. By directly embedding them into container images C. Through network proxies D. Via ServiceAccounts Answer: A Explanation: Secrets can be mounted as files within a Pod or injected as environment variables to provide secure access to sensitive data. Question 41: What does a rolling update in Kubernetes allow you to do? A. Roll back a cluster to a previous version B. Gradually replace Pods with new versions without downtime C. Instantly replace all Pods D. Update container images on a single node only Answer: B

Question 47: How can you perform a rollback of a Deployment update in Kubernetes? A. Using kubectl scale B. Using kubectl rollout undo C. Deleting the Deployment D. Modifying the Service Answer: B Explanation: The kubectl rollout undo command allows you to revert a Deployment to a previous stable revision. Question 48: Which Kubernetes object is most suitable for managing batch processing tasks? A. Deployment B. DaemonSet C. Job D. ReplicaSet Answer: C Explanation: Jobs are designed for running batch processes that complete after executing the required task. Question 49: In a CronJob, what does the schedule field specify? A. The image to be used B. The timing for executing the Job C. The number of Pods to run D. The storage class Answer: B Explanation: The schedule field in a CronJob uses a cron format to define when the job should be triggered. Question 50: What does “scaling” refer to in the context of Kubernetes applications? A. Increasing the cluster’s physical size B. Adjusting the number of Pod replicas to match demand C. Changing container image versions D. Configuring network policies Answer: B Explanation: Scaling involves modifying the number of replicas of an application’s Pods to handle increased or decreased demand. Question 51: What is Horizontal Pod Autoscaling (HPA) used for in Kubernetes? A. Adjusting resource limits of a container B. Automatically increasing or decreasing the number of Pod replicas based on observed metrics C. Configuring persistent volumes D. Managing network ingress Answer: B Explanation: HPA monitors metrics like CPU utilization to automatically adjust the number of Pods running an application. Question 52: Which metric is most commonly used by HPA for scaling decisions? A. Memory usage

B. Network traffic C. CPU utilization D. Disk I/O Answer: C Explanation: CPU utilization is the default metric used by HPA to determine when to scale the number of Pod replicas. Question 53: What is the purpose of Vertical Pod Autoscaling (VPA) in Kubernetes? A. To adjust the number of Pods B. To automatically adjust resource requests and limits for containers C. To change the image version D. To configure network policies Answer: B Explanation: VPA automatically adjusts the resource requests and limits for containers based on their actual usage. Question 54: How does Cluster Autoscaler differ from HPA? A. It scales the entire cluster by adding or removing nodes, not individual Pods B. It adjusts container image versions C. It manages network policies D. It is used for batch processing Answer: A Explanation: Cluster Autoscaler works at the node level, automatically scaling the number of nodes in the cluster based on workload demand. Question 55: What is the purpose of using Service Accounts in Kubernetes? A. To expose Pods externally B. To provide an identity for processes running in a Pod to interact with the API C. To manage persistent volumes D. To schedule Pods Answer: B Explanation: Service Accounts provide an identity for processes running inside Pods, allowing them to securely interact with the Kubernetes API. Question 56: What is Role-Based Access Control (RBAC) in Kubernetes? A. A method for automating deployments B. A system for controlling access to the Kubernetes API based on user roles C. A networking protocol D. A storage management technique Answer: B Explanation: RBAC enables administrators to define roles and assign permissions, controlling which users and service accounts can access specific resources. Question 57: What do Pod Security Policies (PSP) help enforce? A. The number of Pods in a cluster B. Security constraints on Pods, such as running as non-root C. The selection of storage classes

Explanation: The Pod lifecycle describes the phases a Pod experiences, including Pending, Running, Succeeded, and Failed. Question 63: What is the significance of readiness and liveness probes in Pods? A. They manage persistent storage B. They ensure that containers are running correctly and can handle traffic C. They create network policies D. They configure container images Answer: B Explanation: Readiness probes indicate if a Pod is ready to accept traffic, while liveness probes check if a Pod is still running properly, prompting restarts if needed. Question 64: Which command would you use to create a new Deployment from a YAML file? A. kubectl run - f B. kubectl create - f C. kubectl apply - f D. kubectl deploy - f Answer: C Explanation: The kubectl apply - f command is used to create or update resources defined in a YAML file, making it ideal for managing Deployments. Question 65: How do you list all the namespaces in a Kubernetes cluster? A. kubectl get pods --all-namespaces B. kubectl get namespaces C. kubectl list ns D. kubectl describe namespace Answer: B Explanation: The command kubectl get namespaces displays all namespaces present in the cluster, allowing for easy resource organization. Question 66: Which Kubernetes resource would you use to restrict which Pods can communicate with each other? A. NetworkPolicy B. ServiceAccount C. ReplicaSet D. ConfigMap Answer: A Explanation: NetworkPolicies define rules that restrict or allow traffic between Pods, enhancing security and traffic control. Question 67: What is the function of the kubelet on each Node? A. Managing cluster networking B. Communicating with the control plane and ensuring containers are running as expected C. Storing configuration data D. Running the kube-proxy Answer: B

Explanation: The kubelet is an agent running on each node that ensures containers are healthy and communicates their status back to the control plane. Question 68: Which Kubernetes resource would you use to expose an application internally to other services within the cluster? A. NodePort B. ClusterIP C. LoadBalancer D. ExternalName Answer: B Explanation: ClusterIP is the default service type and exposes an application on a cluster-internal IP, making it accessible only within the cluster. Question 69: What is the main benefit of using Namespaces in Kubernetes? A. They increase container performance B. They provide a scope for names and help isolate resources between different users or teams C. They manage network traffic D. They define persistent storage classes Answer: B Explanation: Namespaces partition cluster resources, allowing different teams or projects to operate independently and securely. Question 70: Which of the following is true about PersistentVolumeClaims (PVCs)? A. They are used to define network policies B. They are requests for storage that are fulfilled by PersistentVolumes C. They control the scheduling of Pods D. They define resource limits for containers Answer: B Explanation: PVCs are user-defined requests for storage that are matched to available PersistentVolumes based on size and access modes. Question 71: What does dynamic provisioning in Kubernetes storage refer to? A. Pre-allocating storage manually B. Automatically creating PersistentVolumes when a PVC is requested C. Manually resizing storage volumes D. Disabling persistent storage for Pods Answer: B Explanation: Dynamic provisioning automates the creation of PersistentVolumes based on a StorageClass when a PersistentVolumeClaim is made. Question 72: Which volume type would be most appropriate for temporary data storage that is lost after a Pod is deleted? A. PersistentVolume B. emptyDir C. hostPath D. NFS Answer: B

Question 78: Which Kubernetes command is used to update the configuration of a running resource? A. kubectl patch B. kubectl update C. kubectl edit D. Both A and C Answer: D Explanation: Both kubectl patch and kubectl edit can be used to update a resource’s configuration; patch applies a partial update while edit opens the resource in an editor. Question 79: Which of the following is a best practice for managing container images? A. Use the latest tag in production B. Use immutable image tags to prevent unexpected changes C. Frequently rebuild images without testing D. Embed secrets directly in images Answer: B Explanation: Immutable image tags ensure that a specific version of an image is used consistently, reducing the risk of unintentional changes. Question 80: What is the purpose of the kubectl apply command in Kubernetes? A. To display resource logs B. To create or update resources using a declarative configuration file C. To delete resources D. To monitor network traffic Answer: B Explanation: kubectl apply uses a YAML or JSON configuration file to create or update resources declaratively, making configuration management easier. Question 81: Which Kubernetes object is best suited for applications that require stable network identities? A. Deployment B. ReplicaSet C. StatefulSet D. Job Answer: C Explanation: StatefulSets provide stable, unique network identifiers and persistent storage for stateful applications, such as databases. Question 82: How can you monitor resource usage of individual Pods in a Kubernetes cluster? A. Using kubectl describe pods B. Using kubectl top pods C. Using kubectl logs D. Using kubectl get events Answer: B Explanation: The kubectl top pods command shows CPU and memory usage for each Pod, aiding in resource monitoring and optimization.

Question 83: Which component is responsible for enforcing network rules on each Node in Kubernetes? A. kube-apiserver B. kubelet C. kube-proxy D. etcd Answer: C Explanation: kube-proxy manages network rules on nodes, ensuring proper routing and load balancing for Services. Question 84: What does the term “pod affinity” refer to in Kubernetes scheduling? A. Prioritizing Pods based on their resource requests B. Scheduling Pods on nodes where similar Pods are already running C. Balancing network traffic among Pods D. Configuring persistent storage for Pods Answer: B Explanation: Pod affinity rules allow scheduling Pods on nodes where similar or related Pods already exist, which can optimize communication or data locality. Question 85: What is the main purpose of a Service’s ClusterIP? A. To provide a stable internal IP for accessing the service B. To manage persistent storage C. To secure network communications D. To scale applications Answer: A Explanation: The ClusterIP is a virtual IP address assigned to a Service, providing a stable internal endpoint for Pods to communicate with the service. Question 86: Which Kubernetes object is used to provide a single DNS name for a set of Pods? A. ConfigMap B. ReplicaSet C. Service D. Ingress Answer: C Explanation: A Service provides a single DNS name that abstracts a group of Pods, facilitating load balancing and service discovery. Question 87: What is the advantage of using a Helm release for application deployment? A. It eliminates the need for container images B. It provides version control and easy rollback for application configurations C. It bypasses Kubernetes security policies D. It automates node scaling Answer: B Explanation: Helm releases allow you to version your deployments, making it easier to roll back to previous configurations if needed.

Question 93: Which Kubernetes resource is ideal for running short-lived, one-off tasks? A. Deployment B. ReplicaSet C. Job D. DaemonSet Answer: C Explanation: Jobs are intended for running tasks that complete after execution, making them perfect for one-off or batch processing workloads. Question 94: What is one benefit of using namespaces for resource isolation in a multi-tenant Kubernetes cluster? A. Improved container performance B. Easier monitoring of network traffic C. Logical separation of resources, reducing the risk of accidental interference between teams D. Increased scheduling speed Answer: C Explanation: Namespaces provide a logical boundary between different teams or projects, ensuring that resources do not conflict or interfere with each other. Question 95: Which Kubernetes command can be used to view the status and details of a specific Deployment? A. kubectl get deployment B. kubectl describe deployment C. kubectl logs deployment D. kubectl exec deployment Answer: B Explanation: The kubectl describe deployment command provides detailed information about a Deployment, including its status, events, and configuration. Question 96: What does the term “pod disruption budget” (PDB) refer to in Kubernetes? A. The maximum number of Pods that can be scheduled B. The minimum number of Pods that must remain available during voluntary disruptions C. A limit on container resource usage D. A method for managing persistent storage Answer: B Explanation: A pod disruption budget specifies the minimum number of Pods that must remain available during maintenance or voluntary disruptions, ensuring application availability. Question 97: Which of the following is a recommended best practice for storing sensitive data in Kubernetes? A. Embed secrets directly in container images B. Use ConfigMaps to store all sensitive data C. Use Secrets and mount them as files or environment variables D. Store secrets in plain text on disk Answer: C

Explanation: Using Kubernetes Secrets to store sensitive data and mounting them securely prevents exposure of sensitive information in configuration files. Question 98: What is a primary benefit of using CI/CD pipelines for Kubernetes deployments? A. They eliminate the need for testing B. They automate the build, test, and deployment processes, reducing manual errors C. They remove the need for container images D. They manage cluster networking Answer: B Explanation: CI/CD pipelines automate repetitive tasks such as building, testing, and deploying applications, ensuring consistency and reducing the risk of human error. Question 99: Which tool is commonly used to back up Kubernetes clusters, including persistent volumes and resource configurations? A. Jenkins B. Velero C. Prometheus D. GitLab Answer: B Explanation: Velero is a popular tool for backing up and restoring Kubernetes cluster resources and persistent volumes, helping with disaster recovery. Question 100: What is the purpose of a ClusterRole in Kubernetes RBAC? A. To define permissions for resources only within a single namespace B. To define permissions for resources across the entire cluster C. To manage network traffic D. To schedule Pods Answer: B Explanation: A ClusterRole provides permissions that are applied across all namespaces in a cluster, making it essential for cluster-wide access control. Question 101: Which statement best describes the use of a ServiceAccount in Kubernetes? A. It is used to create network policies B. It provides an identity for processes running in a Pod, enabling secure API access C. It scales Deployments automatically D. It creates persistent volumes Answer: B Explanation: ServiceAccounts offer identities for Pods, allowing them to interact with the Kubernetes API securely and with appropriate permissions. Question 102: Which Kubernetes resource would you use to manage scheduled tasks such as database backups? A. Job B. CronJob C. Deployment D. ReplicaSet Answer: B