























































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
This advanced study guide targets professionals specializing in DevOps implementation and optimization. It covers advanced CI/CD pipelines, infrastructure as code, containerization, orchestration, monitoring, incident response, and performance optimization. The guide emphasizes hands-on problem-solving, best practices, and toolchain integration. With in-depth explanations and exam-style assessments, it prepares candidates for specialist-level DevOps certification success.
Typology: Exams
1 / 95
This page cannot be seen from the preview
Don't miss anything!
























































































Question 1. Which Git branching model encourages short-lived feature branches merged directly into the mainline without long-lived release branches? A) GitFlow B) Trunk-Based Development C) Forking Workflow D) GitHub Flow Answer: B Explanation: Trunk-Based Development uses a single main branch (trunk) and encourages developers to create short-lived feature branches that are merged back quickly, reducing integration problems. Question 2. In a CI pipeline, which tool is primarily responsible for detecting code quality issues such as security vulnerabilities before code is merged? A) JUnit B) SonarQube C) Docker D) Jenkins Answer: B Explanation: SonarQube performs static code analysis (SAST) to identify bugs, code smells, and security vulnerabilities early in the CI process. Question 3. What is the main advantage of using immutable infrastructure over mutable infrastructure? A) Faster provisioning time B) Reduced configuration drift C) Easier manual patching D) Lower storage costs
Answer: B Explanation: Immutable infrastructure never changes after deployment; any update requires provisioning a new instance, eliminating configuration drift. Question 4. Which Terraform command is used to safely apply changes after reviewing a plan? A) terraform init B) terraform apply -auto-approve C) terraform apply D) terraform destroy Answer: C Explanation: terraform apply prompts for confirmation after showing the execution plan, allowing safe application of changes. Question 5. In Kubernetes, which object ensures that a specified number of pod replicas are always running? A) Service B) Deployment C) ConfigMap D) Ingress Answer: B Explanation: A Deployment manages replica sets and ensures the desired number of pod replicas are maintained. Question 6. Which deployment strategy routes a small percentage of traffic to a new version while keeping the majority on the stable version? A) Blue/Green
Question 9. In the context of observability, what does the “three pillars” model consist of? A) Logs, Metrics, Traces B) Alerts, Dashboards, Reports C) CI, CD, CM D) Security, Compliance, Governance Answer: A Explanation: The three pillars—logs, metrics, and traces—provide complementary data for diagnosing system behavior. Question 10. Which of the following is a key metric for measuring the reliability of a service? A) Mean Time To Recovery (MTTR) B) Lines of Code (LOC) C) Number of Commits per Day D) CPU Utilization Answer: A Explanation: MTTR quantifies how quickly a service recovers from a failure, directly reflecting reliability. Question 11. What does “policy as code” enable in a DevSecOps pipeline? A) Automatic generation of documentation B) Version-controlled, testable security policies C) Manual approval of infrastructure changes D) Dynamic scaling of compute resources Answer: B
Explanation: Policy as code stores security and compliance rules in version control, allowing automated testing and enforcement. Question 12. Which tool is commonly used for centralized log aggregation in the ELK stack? A) Logstash B) Prometheus C) Grafana D) Nagios Answer: A Explanation: Logstash collects, parses, and forwards logs to Elasticsearch for indexing and visualization via Kibana. Question 13. In a CI/CD pipeline, what is the purpose of an artifact repository such as Nexus or Artifactory? A) Store source code B) Host container images only C) Manage compiled binaries and libraries D) Run automated UI tests Answer: C Explanation: Artifact repositories store versioned build outputs (e.g., JARs, WARs) for downstream consumption and traceability. Question 14. Which Kubernetes object abstracts a set of pods and provides a stable IP address and DNS name? A) ConfigMap B) Service
A) Storing encrypted secrets B) Maintaining a record of deployed resources C) Defining user permissions D) Logging pipeline execution times Answer: B Explanation: Terraform’s state file tracks the current real-world resources, enabling accurate diff calculations for future changes. Question 18. Which metric is most appropriate for evaluating the speed of delivering a new feature from code commit to production? A) Lead Time B) Mean Time Between Failures (MTBF) C) CPU Load Average D) Disk I/O Throughput Answer: A Explanation: Lead Time measures the elapsed time from a feature request or commit to its deployment in production. Question 19. Which of the following is a primary benefit of using a “rolling update” strategy in Kubernetes? A) Zero additional resource consumption B) Immediate traffic cutover C) Gradual replacement of pods without downtime D) Automatic rollback on failure Answer: C Explanation: Rolling updates replace pods incrementally, ensuring that a portion of the service remains available throughout the process.
Question 20. What is the main purpose of a Service Level Objective (SLO) in a DevOps environment? A) Define a budget for cloud spend B) Set a target for a specific reliability metric C) Determine the number of developers needed D) Establish code style guidelines Answer: B Explanation: An SLO specifies a quantitative target (e.g., 99.9% uptime) for a service’s performance or reliability. Question 21. Which of these tools is specifically designed for distributed tracing in microservice architectures? A) Prometheus B) Jaeger C) Terraform D) Chef Answer: B Explanation: Jaeger collects and visualizes trace data across services, helping pinpoint latency sources. Question 22. In a CI pipeline, which stage is most appropriate for running integration tests that require a database? A) Linting B) Unit Test C) Build D) Post-Build (Integration Test)
C) Using machine learning to predict failures D) Deploying patches without testing Answer: B Explanation: Chaos engineering deliberately injects failures (e.g., killing pods) to verify that the system can self-heal and maintain availability. Question 26. In the CALMS framework, what does the “M” stand for? A) Metrics B) Management C) Monitoring D) Migration Answer: A Explanation: CALMS = Culture, Automation, Lean, Metrics, Sharing; “M” emphasizes measurement and data-driven decision making. Question 27. Which AWS feature enables automatic failover of a relational database across multiple Availability Zones? A) RDS Multi-AZ B) DynamoDB Global Tables C) S3 Cross-Region Replication D) Elastic Load Balancing Answer: A Explanation: RDS Multi-AZ creates a synchronous standby in another AZ and automatically fails over during an outage. Question 28. What is the primary purpose of a “pull request” workflow in SCM?
A) Deploy code directly to production B) Automate secret rotation C) Facilitate code review before merging changes D) Generate documentation automatically Answer: C Explanation: Pull requests allow reviewers to examine, comment on, and approve code changes before they are merged into the target branch. Question 29. Which of the following is a common method for implementing “blue/green” deployments on Kubernetes? A) Using two separate Deployments with distinct Service selectors B) Scaling a single Deployment to double its replica count C) Changing the image tag in the existing Deployment D) Recreating the namespace for each release Answer: A Explanation: Two Deployments (blue and green) expose separate versions; switching the Service selector routes traffic to the desired version. Question 30. In the context of CI/CD, what does “artifact promotion” refer to? A) Deleting old build artifacts B) Moving a verified artifact from a staging repository to production C) Encrypting artifacts before storage D) Running performance tests on the artifact Answer: B Explanation: Artifact promotion moves a validated build output to a higher-trust repository, indicating it’s ready for production deployment.
Answer: B Explanation: CloudWatch Alarms can trigger EC2 actions such as stop, terminate, or reboot when metric thresholds are crossed. Question 34. In a microservices environment, which pattern helps propagate request context (e.g., trace IDs) across service boundaries? A) Singleton B) Circuit Breaker C) Sidecar D) Correlation ID Answer: D Explanation: Correlation IDs (or trace IDs) are attached to each request, enabling end-to-end tracing across services. Question 35. Which of the following best describes “Infrastructure as Code” (IaC) in a declarative paradigm? A) Writing scripts that describe how resources are created step-by-step B) Specifying the desired end state of resources, letting the tool figure out the steps C) Manually configuring servers via SSH D) Using a GUI to drag-and-drop resources Answer: B Explanation: Declarative IaC defines the target state (e.g., a VPC with CIDR block), and the engine determines the actions required to achieve it. Question 36. What is the primary purpose of a “health check gate” in a CD pipeline? A) Validate code style before build
B) Ensure the target environment is ready before deployment proceeds C) Encrypt artifacts before storage D) Generate release notes automatically Answer: B Explanation: Health check gates verify that the environment (e.g., service availability, database connectivity) meets criteria before allowing the deployment to continue. Question 37. Which of the following is a core principle of the “Three Ways” in DevOps? A) Automate everything B) Emphasize siloed teams C) Promote fast feedback loops D) Prioritize manual testing Answer: C Explanation: The second way of DevOps focuses on creating fast feedback loops to detect problems early. Question 38. In Terraform, what does the depends_on meta-argument achieve? A) Locks state files for exclusive access B) Forces explicit ordering between resources C) Enables parallel execution of all resources D) Generates documentation automatically Answer: B Explanation: depends_on creates an explicit dependency, ensuring one resource is created only after another succeeds.
Answer: B Explanation: Service meshes abstract networking, offering traffic routing, mutual TLS, and telemetry for microservices. Question 42. Which of the following best describes a “canary release” in the context of feature flags? A) Enabling a feature for all users simultaneously B) Gradually toggling a feature for a small user segment before full rollout C) Removing a feature after a failed deployment D) Deploying a feature without any testing Answer: B Explanation: Feature flags allow a canary release by exposing a new capability to a limited audience, monitoring impact before broad activation. Question 43. In the context of CI/CD, what is “artifact versioning” primarily used for? A) Encrypting binaries B) Tracking which code changes produced which build outputs C) Reducing build time D) Enforcing naming conventions on source files Answer: B Explanation: Versioning artifacts ties them to specific source revisions, enabling reproducibility and traceability. Question 44. Which AWS service provides a managed, serverless environment for running Docker containers without managing servers? A) EC
B) ECS Fargate C) EKS D) Lambda Answer: B Explanation: Amazon ECS with Fargate runs containers without provisioning or managing underlying EC2 instances. Question 45. What is the main benefit of using “Git hooks” on the server side (e.g., pre-receive hook)? A) Speed up local development builds B) Enforce organization-wide policies before any push is accepted C) Automatically generate documentation D) Provide UI for merge conflict resolution Answer: B Explanation: Server-side hooks run on the remote repository, allowing enforcement of policies (e.g., commit message format) before changes are accepted. Question 46. Which of the following is a recommended practice when storing Terraform state remotely? A) Keep it in a local file on each developer’s laptop B) Store it in an encrypted S3 bucket with DynamoDB locking C) Commit the state file to the Git repository D) Use plain text on an NFS share Answer: B Explanation: Remote state in S3 with DynamoDB locking provides durability, encryption, and safe concurrent access.
Explanation: Database schema changes often require a full switch; blue-green lets you test the new schema in isolation and roll back instantly if issues arise. Question 50. Which of the following tools is specifically designed for secret management and dynamic credential generation? A) Terraform B) HashiCorp Vault C) Jenkins D) Prometheus Answer: B Explanation: Vault securely stores secrets and can generate dynamic, short-lived credentials for databases, cloud providers, etc. Question 51. In the context of CI/CD, what does “pipeline as code” refer to? A) Writing pipeline definitions in a programming language like Java B) Storing pipeline configuration in version-controlled files (e.g., YAML) C) Using a GUI to drag-and-drop pipeline steps D) Hard-coding pipeline steps into the CI server binaries Answer: B Explanation: Pipeline as code keeps the CI/CD workflow definition in source control, enabling review, versioning, and reuse. Question 52. Which AWS feature helps enforce least-privilege access for services running on EC2 instances? A) Security Groups B) IAM Instance Profiles C) VPC Peering
D) Elastic Load Balancer Answer: B Explanation: IAM Instance Profiles attach roles to EC2 instances, granting only the permissions required for the workload. Question 53. What is the purpose of “canary analysis” after a canary deployment? A) Automatically delete the canary version after a day B) Compare key metrics between canary and stable versions to detect regressions C) Scale the canary to 100% traffic immediately D) Encrypt traffic between canary and stable services Answer: B Explanation: Canary analysis evaluates performance and error metrics to decide whether to promote the canary to full production. Question 54. Which of the following best describes “immutable tags” in Docker image repositories? A) Tags that cannot be overwritten once pushed B) Tags that automatically delete after 30 days C) Tags that are mutable and can be retagged D) Tags that are only visible to administrators Answer: A Explanation: Immutable tags prevent overwriting of existing image digests, ensuring reproducibility and auditability. Question 55. In a CI pipeline, which of the following is a typical reason to use a “container registry” instead of storing images on a file server?