CNPA Practice Questions

A.  

TravisCI

B.  

Argo CD

C.  

CircleCI

D.  

Jenkins

A.  

It will delete the Deployment and require you to re-create it with 5 replicas.

B.  

It will create new Pods to meet the new replica count of 5.

C.  

It will wait for an admin to manually add two more Pod definitions.

D.  

It will restart the existing Pods before adding any new Pods.

A.  

It enables self-service infrastructure provisioning while supporting app-specific requirements and organizational standards.

B.  

It isolates application environments completely to maximize security and avoid shared resources.

C.  

It enforces one infrastructure setup for all applications to reduce management complexity.

D.  

It centralizes all deployments in one environment to improve control and visibility.

A.  

CI/CD pipeline

B.  

Service mesh

C.  

Service bus

D.  

Observability pipeline

A.  

Kubernetes Scheduler

B.  

Kubernetes Dashboard

C.  

Kubernetes API Server

D.  

Kubernetes Controller

A.  

It enables easier service discovery through a consistent interface.

B.  

It increases the time taken to provision services.

C.  

It allows the team to bypass security protocols.

D.  

It requires the development team to manage provisioning details themselves.

A.  

Operators are only for deploying applications, while Helm charts manage application resources.

B.  

Helm charts use Custom Resource Definitions while Operators use static manifests.

C.  

Operators handle ongoing management of custom resources while Helm charts focus on packaging and deployment.

D.  

Both Operators and Helm charts are the same, just different names used in the community.

A.  

Declarative IaC focuses on the “what” rather than the “how,” simplifying the management of infrastructure.

B.  

Declarative IaC is less suitable for dynamic environments compared to imperative Ia

C.  

C.  

Declarative IaC allows for more granular control over resource provisioning.

D.  

Declarative IaC requires more coding effort compared to imperative Ia

C.  

A.  

SBOM generation and security scanning are particularly valuable for application software. While platform software may have different security considerations, these practices are highly beneficial within CI/CD pipelines for applications.

B.  

CI/CD pipelines should integrate SBOM generation and security scanning as automated steps within the build and test phases to ensure early detection of vulnerabilities and maintain a clear inventory of components.

C.  

CI/CD pipelines are designed to accelerate the delivery of platform software, and adding SBOM generation and security scanning would slow down the process, so these activities are better suited for periodic audits conducted outside of the pipeline.

D.  

CI/CD pipelines are primarily for automating deployments; SBOM generation and security scanning are separate, manual processes performed after deployment.

A.  

RBAC does not support namespace isolation and applies globally across the cluster.

B.  

RBAC allows users to have unrestricted roles and access to all resources in the cluster.

C.  

RBAC is only applicable to Pods and does not extend to other Kubernetes resources.

D.  

RBAC uses roles and role bindings to grant permissions to users for specific resources and actions.