




























































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
This exam validates practical DevOps skills across the software delivery lifecycle. Topics include CI/CD pipelines, automation, version control, configuration management, containerization, monitoring, collaboration, and DevOps cultural principles. Candidates demonstrate hands-on knowledge for improving deployment speed, quality, and operational efficiency.
Typology: Exams
1 / 101
This page cannot be seen from the preview
Don't miss anything!





























































































Question 1. Which of the following best describes the primary goal of the “Three Ways” in DevOps? A) Automate testing only B) Increase the speed of feature development C) Optimize flow, create feedback loops, and foster a culture of continual learning D) Replace traditional ITIL processes Answer: C Explanation: The Three Ways—Flow, Feedback, and Continuous Learning—are the foundational principles that guide DevOps to improve delivery speed, quality, and organizational culture. Question 2. In the context of DevOps culture, a “blameless post‑mortem” is primarily used to: A) Assign penalties to the responsible team B) Identify root causes without focusing on who caused the incident C) Document legal liabilities D) Increase the number of change requests Answer: B Explanation: Blameless post‑mortems focus on learning from failures rather than assigning blame, encouraging openness and continuous improvement. Question 3. Which activity is considered “toil” that should be minimized in a DevOps pipeline? A) Writing automated unit tests B) Manually restarting a failing service C) Deploying infrastructure as code
D) Monitoring application metrics Answer: B Explanation: Toil refers to repetitive, manual, automatable work; manually restarting services is a classic example. Question 4. A “T‑shaped” professional in DevOps is expected to have: A) Deep expertise in one area and no knowledge of others B) Broad knowledge across many disciplines and deep expertise in at least one C) Only superficial knowledge of all tools D) No specialization, only generalist skills Answer: B Explanation: T‑shaped professionals combine deep expertise (vertical bar) with broad, collaborative knowledge (horizontal bar). Question 5. The “shift‑left” approach in testing emphasizes: A) Performing security tests after production deployment B) Conducting tests earlier in the development lifecycle C) Moving testing responsibilities to operations teams only D) Delaying testing until the release phase Answer: B Explanation: Shift‑left means integrating testing (including security) early, reducing defects and rework later.
Answer: B Explanation: “Ours” denotes the version from the current (checked‑out) branch during a conflict resolution. Question 9. Which of the following best distinguishes Continuous Delivery (CD) from Continuous Deployment? A) CD includes automated testing, while Continuous Deployment does not B) CD releases to production automatically; Continuous Deployment requires manual approval C) CD ensures code is always releasable, but deployment to production may be manual; Continuous Deployment automates that step D) There is no difference; they are synonymous Answer: C Explanation: Continuous Delivery keeps the software deployable at any time; Continuous Deployment adds automatic production release after passing the pipeline. Question 10. An artifact repository such as JFrog Artifactory primarily provides: A) Source code versioning B) Build automation scripts C) Binary storage, versioning, and distribution D) Real‑time log aggregation Answer: C Explanation: Artifact repositories store built binaries, manage versions, and serve them to downstream environments.
Question 11. Which IaC principle describes the practice of never modifying a running server but instead replacing it with a new one? A) Mutable infrastructure B) Declarative configuration C) Immutable infrastructure D) Imperative provisioning Answer: C Explanation: Immutable infrastructure treats servers as disposable; changes are made by provisioning new instances. Question 12. In Terraform, the command terraform plan is used to: A) Apply changes directly to the cloud environment B) Destroy all managed resources C) Show a preview of the actions Terraform will take D) Initialize the backend configuration Answer: C Explanation: terraform plan generates an execution plan, detailing what changes will be made without applying them. Question 13. Which of the following statements about declarative configuration is true? A) The user specifies the exact steps to achieve the desired state B) The system determines how to reach the desired state based on a high‑level description C) It requires scripting in Bash for every change D) It is only supported by Ansible, not by Puppet
Question 16. Which Docker command is used to view the history of an image’s layers? A) docker inspect B) docker logs C) docker history D) docker diff Answer: C Explanation: docker history <image> displays each layer, its size, and the command that created it. Question 17. In Kubernetes, the object responsible for ensuring a desired number of pod replicas is: A) Service B) Deployment C) ConfigMap D) PersistentVolume Answer: B Explanation: Deployments manage replica sets, handling scaling and rolling updates. Question 18. A Kubernetes Service of type LoadBalancer is primarily used to: A) Expose a pod internally only B) Provide a stable IP address and external load balancing via the cloud provider C) Store configuration data as key‑value pairs D) Persist data across pod restarts
Answer: B Explanation: LoadBalancer services request a cloud provider’s external load balancer, exposing the application publicly. Question 19. Which of the following best describes a “Pod” in Kubernetes? A) A collection of nodes B) The smallest deployable unit that can contain one or more containers sharing network and storage C) A persistent storage volume D) A security policy object Answer: B Explanation: Pods encapsulate containers that share an IP address, port space, and volume mounts. Question 20. In a Kubernetes Deployment, the strategy: RollingUpdate field defines: A) How pods are scaled down to zero B) How new versions replace old ones without downtime C) The order of service discovery D) The method for secret management Answer: B Explanation: RollingUpdate performs a gradual replacement of pods, ensuring continuous availability. Question 21. Which tool is commonly used for static application security testing (SAST) in a CI pipeline?
Explanation: Vault securely stores and controls access to secrets, API keys, and can generate dynamic credentials. Question 24. An “error budget” in SRE is: A) The total number of bugs allowed per release B) The allowable amount of downtime or errors within a defined period, based on SLOs C) The budget allocated for purchasing new servers D) The time allocated for incident post‑mortems Answer: B Explanation: Error budgets quantify the permissible deviation from service level objectives, balancing reliability and feature velocity. Question 25. Which metric would most likely be used as a Service Level Indicator (SLI) for a web API? A. Number of deployed commits per day B. Average CPU utilization of the database server C. 99th‑percentile request latency D. Total lines of code in the repository Answer: C Explanation: SLIs measure user‑visible performance; request latency directly reflects API responsiveness. Question 26. Prometheus scrapes metrics from targets using which protocol? A) SSH
B) HTTP(S) GET on a /metrics endpoint C) FTP D) SNMP Answer: B Explanation: Prometheus pulls data by sending HTTP GET requests to the /metrics endpoint exposed by exporters. Question 27. In the ELK stack, Logstash primarily functions as: A) A search engine B) A data visualization tool C) A pipeline for ingesting, transforming, and forwarding logs D) A time‑series database Answer: C Explanation: Logstash collects logs, applies filters, and forwards them to Elasticsearch for indexing. Question 28. Which of the following is NOT a typical characteristic of immutable infrastructure? A) Servers are never patched in place B) Configuration drift is eliminated C) Changes are applied via in‑place updates D) New instances are provisioned for updates Answer: C
B) Traffic is switched from the old (blue) environment to the new (green) after validation, enabling instant rollback C) It requires manual scaling of the new environment after deployment D) It is incompatible with containerized workloads Answer: B Explanation: Blue‑Green deployment maintains two identical environments; traffic is switched to the new version after testing. Question 32. A “canary release” differs from a blue‑green deployment primarily in: A) Deploying to a small subset of users first to monitor impact before full rollout B) Using only immutable servers C) Requiring no monitoring tools D) Being limited to database schema changes Answer: A Explanation: Canary releases gradually expose a new version to a fraction of traffic, allowing early detection of issues. Question 33. Which of the following best defines “Infrastructure as Code” (IaC)? A) Manual configuration of servers via SSH B) Storing infrastructure definitions in version‑controlled source files and provisioning them automatically C) Using spreadsheets to track server inventory D) Outsourcing infrastructure management to a third‑party
Answer: B Explanation: IaC treats infrastructure definitions as code, enabling automation, versioning, and reproducibility. Question 34. In Kubernetes, a ConfigMap is used to: A) Store binary container images B) Provide configuration data to pods as environment variables or files C) Persist database data across pod restarts D) Manage TLS certificates Answer: B Explanation: ConfigMaps supply non‑sensitive configuration information to containers. Question 35. Which of the following is a key benefit of using a service mesh like Istio? A) Directly managing VM provisioning B) Providing fine‑grained traffic control, observability, and security between microservices without code changes C) Replacing Kubernetes as the orchestration platform D) Storing container images Answer: B Explanation: Service meshes inject sidecar proxies to handle traffic routing, telemetry, and security policies transparently. Question 36. In the context of CI pipelines, “artifact promotion” refers to: A) Deleting old build artifacts automatically
Answer: C Explanation: Vault Agent Injector can automatically inject secrets as files or environment variables into pods. Question 39. In the context of monitoring, a “heat map” visualizes: A) Network topology B) Resource usage across multiple dimensions, highlighting hotspots C) Code coverage percentages D) Version history of artifacts Answer: B Explanation: Heat maps display intensity of metrics (e.g., CPU, latency) across time or components, making anomalies obvious. Question 40. Which of the following is a primary purpose of a “service level objective” (SLO)? A) Define the maximum budget for a project B) Set a target reliability level that the service must meet C) List all microservices in an architecture D) Determine the programming language to use Answer: B Explanation: SLOs are quantitative reliability or performance targets derived from higher‑level SLAs. Question 41. The “principle of least privilege” in DevSecOps means:
A) Granting all users admin rights for convenience B) Providing users and services only the minimal permissions required to perform their tasks C) Disabling all network traffic by default D) Using the same credential across all environments Answer: B Explanation: Least privilege reduces the attack surface by limiting access rights. Question 42. Which of the following is an immutable data store commonly used for logs? A) MySQL B) PostgreSQL C) Elasticsearch D) SQLite Answer: C Explanation: Elasticsearch stores logs in an append‑only fashion, supporting immutable storage and fast search. Question 43. In Git, the command git rebase - i is primarily used for: A) Merging two unrelated repositories B) Interactively rewriting commit history (e.g., squashing, editing) C) Deleting remote branches D) Creating a new tag Answer: B
B) It uses Git as the single source of truth for both application and infrastructure configurations, applying changes automatically C) It only applies to front‑end development D) It eliminates the need for monitoring Answer: B Explanation: GitOps automates deployment by reconciling the desired state stored in Git with the actual cluster state. Question 47. The “CAP theorem” states that a distributed system can simultaneously provide at most two of the following three guarantees. Which is NOT one of those guarantees? A) Consistency B) Availability C) Partition tolerance D) Scalability Answer: D Explanation: The theorem includes Consistency, Availability, and Partition tolerance; scalability is not part of the three. Question 48. Which Kubernetes object is responsible for exposing a set of Pods as a network service with a stable DNS name? A) ConfigMap B) Service C) Ingress D) StatefulSet
Answer: B Explanation: A Service provides a stable IP/DNS and load‑balances traffic to the selected Pods. Question 49. In the context of container orchestration, “self‑healing” refers to: A) Automatic scaling of CPU resources B) The ability of the system to replace failed containers/pods automatically C) Encrypting container images at rest D) Automatically generating Dockerfiles Answer: B Explanation: Self‑healing mechanisms detect unhealthy pods and recreate them to maintain desired state. Question 50. Which of the following is a key difference between Ansible and Chef? A) Ansible uses a pull‑based model; Chef uses a push‑based model B) Ansible is agentless and uses YAML playbooks; Chef uses a Ruby‑based DSL and typically requires an agent (Chef client) C) Chef cannot manage cloud resources D) Ansible does not support idempotent operations Answer: B Explanation: Ansible operates over SSH without agents and defines tasks in YAML; Chef relies on a client‑server model with Ruby DSL. Question 51. The primary purpose of a “service mesh data plane” is to: A) Store persistent volumes