HashiCorp Certified: Terraform Associate Practice Exam 2020 – Exam 1 (Q31-Q56) – Cuongquach.com | Bộ đề ôn thi chứng chỉ HashiCorp Certified: Terraform Associate , Bộ đề số 1 với những câu hỏi trọng tâm trong năm 2020 và 2021 về kiến thức sử dụng công cụ Terraform quản lý hạ tầng dịch vụ. Bộ đề số 1, bao gồm 56 câu hỏi chia ra làm nhiều bài viết, bạn đang ở bài viết bao gồm câu hỏi 31 đến câu hỏi 56 của bộ đề 1.
Có thể bạn quan tâm phần 1:
– HashiCorp Certified: Terraform Associate Practice Exam 2020 – Exam 1 (Q1-Q30)
Nếu bạn cảm thấy câu trả lời của các câu hỏi có sự không chính xác hoặc băn khoăn về đáp án, thì đừng ngại bình luận ở dưới.
[note note_color=”#FFFF66″ text_color=”#333333″ radius=”3″]HashiCorp Certified: Terraform Associate Test Exam, questionnaire number 1 focus on knowledge of using Terraform to manage infrastructure. Questionare Exam 1, consists of 56 questions divided into multiple articles, you are in the post including questions 31 to 56 of the Questionare Exam 1[/note]
Terraform Associate Practice Exam 2020 – Exam 1 – Question 31 to 56
Question 31
You want to use terraform import to start managing infrastructure that was not originally provisioned through infrastructure as code. Before you can import the resource’s current state, what must you do in order to prepare to manage these resources using Terraform?
| A. | run terraform refresh to ensure that the state file has the latest information for existing resources. |
| B. | shut down or stop using the resources being imported so no changes are inadvertently missed |
| C. | modify the Terraform state file to add the new resources |
| D. | update the configuration file to include the new resources |
Question 32
HashiCorp offers multiple versions of Terraform, including Terraform open-source, Terraform Cloud, and Terraform Enterprise. Which of the following Terraform features are only available in the Enterprise edition? (select two)
| A. | Clustering |
| B. | Audit logs |
| C. | Locally hosted installation |
| D. | Private Network Connectivity |
| E. | SAML/SSO |
| F. | Private Module Registry |
Question 33
In order to make a Terraform configuration file dynamic and/or reusable, static values should be converted to use what?
| A. | regular expression |
| B. | input variables |
| C. | module |
| D. | output value |
Question 34
When using parent/child modules to deploy infrastructure, how would you export a value from one module to import into another module.
For example, a module dynamically deploys an application instance or virtual machine, and you need the IP address in another module to configure a related DNS record in order to reach the newly deployed application.
| A. | configure the pertinent provider’s configuration with a list of possible IP addresses to use |
| B. | export the value using terraform export and input the value using terraform input |
| C. | preconfigure the IP address as a parameter in the DNS module |
| D. | configure an output value in the application module in order to use that value for the DNS module |
Question 35
True or False? Provisioners should only be used as a last resort
| A. | False |
| B. | True |
Question 36
What Terraform command can be used to inspect the current state file? Example:
| A. | terraform show |
| B. | terraform state |
| C. | terraform inspect |
| D. | terraform read |
Question 37
What is the best and easiest way for Terraform to read and write secrets from HashiCorp Vault?
| A. | API access using the AppRole auth method |
| B. | Vault provider |
| C. | integration with a tool like Jenkins |
| D. | CLI access from the same machine running Terraform |
Question 38
You have been given requirements to create a security group for a new application. Since your organization standardizes on Terraform, you want to add this new security group with the fewest number of lines of code. What feature could you use to iterate over a list of required tcp ports to add to the new security group?
| A. | dynamic backend |
| B. | dynamic block |
| C. | splat expression |
| D. | terraform import |
Question 39
Select the feature below that best completes the sentence:
The following list represents the different types of __________ available in Terraform.
max min join replace list length range
| A. | named values |
| B. | data sources |
| C. | backends |
| D. | functions |
Question 40
Terry is using a module to deploy some EC2 instances on AWS for a new project. He is viewing the code that is calling the module for deployment, which is shown below. Where is the value of the security group originating?
module "ec2_instances" {
source = "terraform-aws-modules/ec2-instance/aws"
version = "2.12.0"
name = "my-ec2-cluster"
instance_count = 2
ami = "ami-0c5204531f799e0c6"
instance_type = "t2.micro"
vpc_security_group_ids = [module.vpc.default_security_group_id]
subnet_id = module.vpc.public_subnets[0]
tags = {
Terraform = "true"
Environment = "dev"
}
}
| A. | from a variable likely declared in a .tfvars file being passed to another module |
| B. | the output of another module |
| C. | an environment variable being using during a `terraform apply` |
| D. | the Terraform public module registry |
Question 41
What is the purpose of using the local-exec provisioner? (select two)
| A. | to execute one or more commands on the machine running Terraform |
| B. | to invoke a local executable |
| C. | ensures that the resource is only executed in the local infrastructure where Terraform is deployed |
| D. | executes a command on the resource to invoke an update to the Terraform state |
Question 42
By default, where does Terraform store its state file?
| A. | current working directory |
| B. | Amazon s3 bucket |
| C. | shared directory |
| D. | remotely using Terraform Cloud |
Question 43
Using multi-cloud and provider-agnostic tools provides which of the following benefits? (select two)
| A. | can be used across major cloud providers and VM hypervisors |
| B. | slower provisioning speed allows the operations team to catch mistakes before they are applied |
| C. | operations teams only need to learn and manage a single tool to manage infrastructure, regardless of where the infrastructure is deployed |
| D. | increased risk due to all infrastructure relying on a single tool for management |
Question 44
Which of the following connection types are supported by the remote-exec provisioner? (select two)
| A. | ssh |
| B. | winrm |
| C. | smb |
| D. | rdp |
Question 45
Your organization has moved to AWS and has manually deployed infrastructure using the console. Recently, a decision has been made to standardize on Terraform for all deployments moving forward.
What can you do to ensure that all existing is managed by Terraform moving forward without interruption to existing services?
| A. | submit a ticket to AWS and ask them to export the state of all existing resources and use terraform import to import them into the state file |
| B. | resources that are manually deployed in the AWS console cannot be imported by Terraform |
| C. | using terraform import , import the existing infrastructure into your Terraform state |
| D. | delete the existing resources and recreate them using new a Terraform configuration so Terraform can manage them moving forward |
Question 46
Why is it a good idea to declare the required version of a provider in a Terraform configuration file?
terraform {
required_provideres {
aws = "~> 1.0"
}
}
| A. | to ensure that the provider version matches the version of Terraform you are using |
| B. | to match the version number of your application being deployed via Terraform |
| C. | to remove older versions of the provider |
| D. | providers are released on a separate schedule from Terraform itself; therefore a newer version could introduce breaking changes |
Question 47
Which of the following Terraform files should be ignored by Git when committing code to a repo? (select two)
| A. | variables.tf |
| B. | terraform.tfstate |
| C. | terraform.tfvars |
| D. | output.tf |
Question 48
Terraform-specific settings and behaviors are declared in which configuration block type?
| A. | provider |
| B. | terraform |
| C. | data |
| D. | resource |
Question 49
After running into issues with Terraform, you need to enable verbose logging to assist with troubleshooting the error. Which of the following values provides the MOST verbose logging?
| A. | DEBUG |
| B. | WARN |
| C. | TRACE |
| D. | INFO |
| E. | ERROR |
Question 50
In regards to Terraform state file, select all the statements below which are correct: (select four)
| A. | the state file is always encrypted at rest |
| B. | storing state remotely can provide better security |
| C. | the Terraform state can contain sensitive data, therefore the state file should be protected from unauthorized access |
| D. | when using local state, the state file is stored in plain-text |
| E. | Terraform Cloud always encrypts state at rest |
| F. | using the mask feature, you can instruct Terraform to mask sensitive data in the state file |
Question 51
Given the Terraform configuration below, in which order will the resources be created?
resource "aws_instance" "web_server" {
ami = "i-abdce12345"
instance_type = "t2.micro"
}
resource "aws_eip" "web_server_ip" {
vpc = true
instance = aws_instance.web_server.id
}
| A. | no resources will be created |
| B. | aws_eip will be created first, aws_instance will be created second |
| C. | aws_instance will be created first, aws_eip will be created second |
| D. | resources will be created simultaneously |
Question 52
What Terraform feature is shown in the example below?
resource "aws_security_group" "example" {
name = "sg-app-web-01"
dynamic "ingress" {
for_each = var.service_ports
content {
from_port = ingress.value
to_port = ingress.value
protocol = "tcp"
}
}
}
| A. | data source |
| B. | conditional expression |
| C. | local values |
| D. | dynamic block |
Question 53
True or False? You can migrate the Terraform backend but only if there are no resources currently being managed.
| A. | True |
| B. | False |
Question 54
Which of the following best describes a Terraform provider ?
| A. | a container for multiple resources that are used together |
| B. | describes an infrastructure object, such as a virtual network, compute instance, or other components |
| C. | a plugin that Terraform uses to translate the API interactions with the service or provider |
| D. | serves as a parameter for a Terraform module that allows a module to be customized |
Question 55
What is a downside to using a Terraform provider, such as the Vault provider, to interact with sensitive data, such as reading secrets from Vault?
| A. | Terraform and Vault must be running on the same version |
| B. | secrets are persisted to the state file and plans |
| C. | Terraform and Vault must be running on the same physical host |
| D. | Terraform requires a unique auth method to work with Vault |
Question 56
Select the answer below that completes the following statement:
Terraform Cloud can be managed from the CLI but requires __________?
| A. | an API token |
| B. | authentication using MFA |
| C. | a TOTP token |
| D. | a username and password |
Nguồn: https://cuongquach.com/
