HashiCorp Certified: Terraform Associate Practice Exam 2020 – Exam 1 (Q31-Q56)

80

HashiCorp Certified: Terraform Associate Practice Exam 2020 – Exam 1 (Q31-Q56)Cuongquach.com | Bộ đề ôn thi chứng chỉ HashiCorp Certified: Terraform Associate , Bộ đề số 1 với những câu hỏi trọng tâm trong năm 2020 và 2021 về kiến thức sử dụng công cụ Terraform quản lý hạ tầng dịch vụ. Bộ đề số 1, bao gồm 56 câu hỏi chia ra làm nhiều bài viết, bạn đang ở bài viết bao gồm câu hỏi 31 đến câu hỏi 56 của bộ đề 1.

Có thể bạn quan tâm phần 1:
HashiCorp Certified: Terraform Associate Practice Exam 2020 – Exam 1 (Q1-Q30)

Nếu bạn cảm thấy câu trả lời của các câu hỏi có sự không chính xác hoặc băn khoăn về đáp án, thì đừng ngại bình luận ở dưới.

[note note_color=”#FFFF66″ text_color=”#333333″ radius=”3″]HashiCorp Certified: Terraform Associate Test Exam, questionnaire number 1 focus on knowledge of using Terraform to manage infrastructure. Questionare Exam 1, consists of 56 questions divided into multiple articles, you are in the post including questions 31 to 56 of the Questionare Exam 1[/note]

terraform-associate-exam-01-part-2

Terraform Associate Practice Exam 2020 – Exam 1 – Question 31 to 56

[label type=”important”]Question 31[/label]

You want to use terraform import to start managing infrastructure that was not originally provisioned through infrastructure as code. Before you can import the resource’s current state, what must you do in order to prepare to manage these resources using Terraform?

A. run terraform refresh to ensure that the state file has the latest information for existing resources.
B. shut down or stop using the resources being imported so no changes are inadvertently missed
C. modify the Terraform state file to add the new resources
D. update the configuration file to include the new resources

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]D[/spoiler]


[label type=”important”]Question 32[/label]

HashiCorp offers multiple versions of Terraform, including Terraform open-source, Terraform Cloud, and Terraform Enterprise. Which of the following Terraform features are only available in the Enterprise edition? (select two)

A. Clustering
B. Audit logs
C. Locally hosted installation
D. Private Network Connectivity
E. SAML/SSO
F. Private Module Registry

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]C, D[/spoiler]


[label type=”important”]Question 33[/label]

In order to make a Terraform configuration file dynamic and/or reusable, static values should be converted to use what?

A. regular expression
B. input variables
C. module
D. output value

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]B[/spoiler]


[label type=”important”]Question 34[/label]

When using parent/child modules to deploy infrastructure, how would you export a value from one module to import into another module.

For example, a module dynamically deploys an application instance or virtual machine, and you need the IP address in another module to configure a related DNS record in order to reach the newly deployed application.

A. configure the pertinent provider’s configuration with a list of possible IP addresses to use
B. export the value using terraform export and input the value using terraform input
C. preconfigure the IP address as a parameter in the DNS module
D. configure an output value in the application module in order to use that value for the DNS module

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]D[/spoiler]


[label type=”important”]Question 35[/label]

True or False? Provisioners should only be used as a last resort

A. False
B. True

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]B[/spoiler]


[label type=”important”]Question 36[/label]

What Terraform command can be used to inspect the current state file? Example:

A. terraform show
B. terraform state
C. terraform inspect
D. terraform read

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]A[/spoiler]


[label type=”important”]Question 37[/label]

What is the best and easiest way for Terraform to read and write secrets from HashiCorp Vault?

A. API access using the AppRole auth method
B. Vault provider
C. integration with a tool like Jenkins
D. CLI access from the same machine running Terraform

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]B[/spoiler]


[label type=”important”]Question 38[/label]

You have been given requirements to create a security group for a new application. Since your organization standardizes on Terraform, you want to add this new security group with the fewest number of lines of code. What feature could you use to iterate over a list of required tcp ports to add to the new security group?

A. dynamic backend
B. dynamic block
C. splat expression
D. terraform import

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]B[/spoiler]


[label type=”important”]Question 39[/label]

Select the feature below that best completes the sentence:

The following list represents the different types of __________ available in Terraform.

max
min
join
replace
list
length
range
A. named values
B. data sources
C. backends
D. functions

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]D[/spoiler]


[label type=”important”]Question 40[/label]

Terry is using a module to deploy some EC2 instances on AWS for a new project. He is viewing the code that is calling the module for deployment, which is shown below. Where is the value of the security group originating?

module "ec2_instances" {
  source  = "terraform-aws-modules/ec2-instance/aws"
  version = "2.12.0"
 
  name           = "my-ec2-cluster"
  instance_count = 2
 
  ami                    = "ami-0c5204531f799e0c6"
  instance_type          = "t2.micro"
  vpc_security_group_ids = [module.vpc.default_security_group_id]
  subnet_id              = module.vpc.public_subnets[0]
 
  tags = {
    Terraform   = "true"
    Environment = "dev"
  }
}
A. from a variable likely declared in a .tfvars file being passed to another module
B. the output of another module
C. an environment variable being using during a `terraform apply`
D. the Terraform public module registry

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]B[/spoiler]


[label type=”important”]Question 41[/label]

What is the purpose of using the local-exec provisioner? (select two)

A. to execute one or more commands on the machine running Terraform
B. to invoke a local executable
C. ensures that the resource is only executed in the local infrastructure where Terraform is deployed
D. executes a command on the resource to invoke an update to the Terraform state

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]A, B[/spoiler]


[label type=”important”]Question 42[/label]

By default, where does Terraform store its state file?

A. current working directory
B. Amazon s3 bucket
C. shared directory
D. remotely using Terraform Cloud

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]A[/spoiler]


[label type=”important”]Question 43[/label]

Using multi-cloud and provider-agnostic tools provides which of the following benefits? (select two)

A. can be used across major cloud providers and VM hypervisors
B. slower provisioning speed allows the operations team to catch mistakes before they are applied
C. operations teams only need to learn and manage a single tool to manage infrastructure, regardless of where the infrastructure is deployed
D. increased risk due to all infrastructure relying on a single tool for management

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]A, C[/spoiler]


[label type=”important”]Question 44[/label]

Which of the following connection types are supported by the remote-exec provisioner? (select two)

A. ssh
B. winrm
C. smb
D. rdp

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]A, B[/spoiler]


[label type=”important”]Question 45[/label]

Your organization has moved to AWS and has manually deployed infrastructure using the console. Recently, a decision has been made to standardize on Terraform for all deployments moving forward.

What can you do to ensure that all existing is managed by Terraform moving forward without interruption to existing services?

A. submit a ticket to AWS and ask them to export the state of all existing resources and use terraform import to import them into the state file
B. resources that are manually deployed in the AWS console cannot be imported by Terraform
C. using terraform import , import the existing infrastructure into your Terraform state
D. delete the existing resources and recreate them using new a Terraform configuration so Terraform can manage them moving forward

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]C[/spoiler]


[label type=”important”]Question 46[/label]

Why is it a good idea to declare the required version of a provider in a Terraform configuration file?

terraform {
    required_provideres {
	aws = "~> 1.0"
    }
}
A. to ensure that the provider version matches the version of Terraform you are using
B. to match the version number of your application being deployed via Terraform
C. to remove older versions of the provider
D. providers are released on a separate schedule from Terraform itself; therefore a newer version could introduce breaking changes

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]D[/spoiler]


[label type=”important”]Question 47[/label]

Which of the following Terraform files should be ignored by Git when committing code to a repo? (select two)

A. variables.tf
B. terraform.tfstate
C. terraform.tfvars
D. output.tf

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]B, C[/spoiler]


[label type=”important”]Question 48[/label]

Terraform-specific settings and behaviors are declared in which configuration block type?

A. provider
B. terraform
C. data
D. resource

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]B[/spoiler]


[label type=”important”]Question 49[/label]

After running into issues with Terraform, you need to enable verbose logging to assist with troubleshooting the error. Which of the following values provides the MOST verbose logging?

A. DEBUG
B. WARN
C. TRACE
D. INFO
E. ERROR

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]C[/spoiler]


[label type=”important”]Question 50[/label]

In regards to Terraform state file, select all the statements below which are correct: (select four)

A. the state file is always encrypted at rest
B. storing state remotely can provide better security
C. the Terraform state can contain sensitive data, therefore the state file should be protected from unauthorized access
D. when using local state, the state file is stored in plain-text
E. Terraform Cloud always encrypts state at rest
F. using the mask feature, you can instruct Terraform to mask sensitive data in the state file

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]B, C, D, E[/spoiler]


[label type=”important”]Question 51[/label]

Given the Terraform configuration below, in which order will the resources be created?

resource "aws_instance" "web_server" {
    ami = "i-abdce12345"
    instance_type = "t2.micro"
}
 
resource "aws_eip" "web_server_ip" { 
    vpc = true 
    instance = aws_instance.web_server.id 
}
A. no resources will be created
B. aws_eip will be created first, aws_instance will be created second
C. aws_instance will be created first, aws_eip will be created second
D. resources will be created simultaneously

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]C[/spoiler]


[label type=”important”]Question 52[/label]

What Terraform feature is shown in the example below?

resource "aws_security_group" "example" {
  name = "sg-app-web-01"
 
  dynamic "ingress" {
    for_each = var.service_ports
    content {
      from_port = ingress.value
      to_port   = ingress.value
      protocol  = "tcp"
    }
  }
}
A. data source
B. conditional expression
C. local values
D. dynamic block

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]D[/spoiler]


[label type=”important”]Question 53[/label]

True or False? You can migrate the Terraform backend but only if there are no resources currently being managed.

A. True
B. False

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]B[/spoiler]


[label type=”important”]Question 54[/label]

Which of the following best describes a Terraform provider ?

A. a container for multiple resources that are used together
B. describes an infrastructure object, such as a virtual network, compute instance, or other components
C. a plugin that Terraform uses to translate the API interactions with the service or provider
D. serves as a parameter for a Terraform module that allows a module to be customized

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]C[/spoiler]


[label type=”important”]Question 55[/label]

What is a downside to using a Terraform provider, such as the Vault provider, to interact with sensitive data, such as reading secrets from Vault?

A. Terraform and Vault must be running on the same version
B. secrets are persisted to the state file and plans
C. Terraform and Vault must be running on the same physical host
D. Terraform requires a unique auth method to work with Vault

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]B[/spoiler]


[label type=”important”]Question 56[/label]

Select the answer below that completes the following statement:

Terraform Cloud can be managed from the CLI but requires __________?

A. an API token
B. authentication using MFA
C. a TOTP token
D. a username and password

[spoiler title=”Answer” open=”no” style=”fancy” icon=”chevron” anchor_in_url=”no”]A[/spoiler]

Nguồn: https://cuongquach.com/

Previous articleHashiCorp Certified: Terraform Associate Practice Exam 2020 – Exam 1 (Q1-Q30)
Next articleHashiCorp Certified: Terraform Associate Practice Exam 2020 – Exam 2 (Q1-Q30)
Bạn đang theo dõi website "https://cuongquach.com/" nơi lưu trữ những kiến thức tổng hợp và chia sẻ cá nhân về Quản Trị Hệ Thống Dịch Vụ & Mạng, được xây dựng lại dưới nền tảng kinh nghiệm của bản thân mình, Quách Chí Cường. Hy vọng bạn sẽ thích nơi này !

LEAVE A REPLY

Please enter your comment!
Please enter your name here