Basic DevOps Essentials for Developer - Theory Exam#

No.	Training Unit	Lecture	Training content	Question	Level	Mark	Answer	Answer Option A	Answer Option B	Answer Option C	Answer Option D	Explanation
1	Unit 1: Containerization with Docker	Lec1	Containers vs VMs	What is the main advantage of containers over virtual machines in terms of resource usage?	Easy	1	A	Containers are lightweight and share the host OS kernel	Containers provide stronger isolation	Containers include a complete guest OS	Containers use hardware virtualization	Containers share the host OS kernel, consuming megabytes instead of gigabytes of memory, making them much more lightweight than VMs.
2	Unit 1: Containerization with Docker	Lec1	Container Startup	How fast do containers typically start compared to virtual machines?	Easy	1	B	Minutes	Seconds or less	Hours	Same as virtual machines	Containers start in seconds or less because they don’t need to boot a complete OS, while VMs take minutes to start.
3	Unit 1: Containerization with Docker	Lec1	Docker Concepts	Which Docker concept represents a read-only template for creating containers?	Easy	1	C	Container	Registry	Image	Dockerfile	A Docker image is a read-only template containing instructions for creating containers. It’s like a snapshot or blueprint.
4	Unit 1: Containerization with Docker	Lec1	Docker Layers	Which Dockerfile instructions create new layers in an image?	Medium	2	D	Only ENV and EXPOSE	Only WORKDIR and LABEL	Only CMD and ENTRYPOINT	RUN, COPY, and ADD	Each RUN, COPY, and ADD instruction creates a new layer. Layers are cached and reused to speed up builds.
5	Unit 1: Containerization with Docker	Lec1	Docker Commands	Which command displays all containers, including stopped ones?	Easy	1	B	docker ps	docker ps -a	docker list	docker containers –all	The `docker ps -a` flag shows all containers including stopped ones, while `docker ps` only shows running containers.
6	Unit 1: Containerization with Docker	Lec1	Port Mapping	In `docker run -p 3000:8080 myapp`, which port is exposed on the host?	Medium	2	A	3000	8080	Both 3000 and 8080	Neither	The syntax is `-p HOST:CONTAINER`. Port 3000 on the host maps to port 8080 in the container.
7	Unit 1: Containerization with Docker	Lec1	Volumes	What is the primary purpose of Docker volumes?	Easy	1	C	Increase container CPU	Share network between containers	Persist data beyond container lifecycle	Speed up container builds	Volumes persist data beyond the container lifecycle. Without volumes, data is lost when containers are removed.
8	Unit 1: Containerization with Docker	Lec1	Dockerfile Caching	Why should dependency files (like pyproject.toml) be copied before application code in a Dockerfile?	Medium	2	B	To reduce image size	To maximize layer caching efficiency	To improve runtime performance	To enhance security	Docker caches layers and reuses them if unchanged. Copying dependencies first means they only rebuild when dependencies change, not on every code change.
9	Unit 1: Containerization with Docker	Lec1	Layer Optimization	What is the best practice for multiple apt-get install commands in a Dockerfile?	Medium	2	A	Combine them in a single RUN instruction	Use separate RUN instructions for each package	Put them in a shell script	Use the INSTALL instruction	Combining commands in a single RUN minimizes layers and image size. Each RUN creates a new layer.
10	Unit 1: Containerization with Docker	Lec1	Base Images	Which Python base image is recommended for production deployments?	Medium	2	B	python:3.13	python:3.13-slim	python:3.13-alpine	python:3.13-full	The `-slim` variants balance size (~150MB) and compatibility. Alpine can cause pip compile issues with some packages.
11	Unit 1: Containerization with Docker	Lec1	Multi-stage Builds	What is the primary benefit of multi-stage Docker builds?	Medium	2	A	Smaller final images by excluding build tools	Faster build times	Simpler Dockerfile syntax	Better caching	Multi-stage builds separate build and runtime stages, copying only necessary artifacts to the final image, dramatically reducing size.
12	Unit 1: Containerization with Docker	Lec1	Multi-stage Syntax	How do you copy files from a build stage named “builder” in a multi-stage Dockerfile?	Medium	2	D	COPY builder:/src /dest	COPY –stage=builder /src /dest	COPY [builder]/src /dest	COPY –from=builder /src /dest	The `COPY --from=builder` syntax copies files from a named stage to the current stage in multi-stage builds.
13	Unit 1: Containerization with Docker	Lec1	Security	Why is running containers as non-root users a security best practice?	Medium	2	B	It improves container performance	It limits damage if a vulnerability is exploited	It reduces image size	It enables better caching	Running as root is risky. If an attacker exploits a vulnerability, they gain root access to the container and potentially the host.
14	Unit 1: Containerization with Docker	Lec1	Secrets Management	Where should sensitive data like API keys be stored when using Docker?	Easy	1	D	In the Dockerfile ENV instruction	Hardcoded in the application	In the Docker image layers	Injected at runtime via environment variables or secrets	Secrets should never be in Dockerfiles or images. Use runtime injection via environment variables or Docker/Kubernetes secrets.
15	Unit 2: CI/CD and Deployment	Lec2	CI Fundamentals	What does Continuous Integration (CI) primarily focus on?	Easy	1	A	Frequently merging code with automated builds and tests	Manual code reviews	Weekly deployments	Infrastructure provisioning	CI focuses on frequently merging code changes into a shared repository with automated builds and tests to catch issues early.
16	Unit 2: CI/CD and Deployment	Lec2	CD Concepts	What distinguishes Continuous Deployment from Continuous Delivery?	Medium	2	C	Continuous Deployment is slower	Continuous Deployment requires more testing	Continuous Deployment has no manual approval before production	Continuous Deployment only works with containers	Continuous Delivery requires manual approval before production, while Continuous Deployment automatically deploys every passing change.
17	Unit 2: CI/CD and Deployment	Lec2	GitHub Actions	What is a “workflow” in GitHub Actions?	Easy	1	D	A single shell command	A type of unit test	A GitHub repository setting	An automated process defined in a YAML file	A workflow is an automated process defined in YAML files in `.github/workflows/`, triggered by repository events.
18	Unit 2: CI/CD and Deployment	Lec2	GitHub Actions	Where must GitHub Actions workflow files be stored?	Easy	1	A	.github/workflows/	.actions/	workflows/	.ci/pipelines/	GitHub Actions workflow files must be in the `.github/workflows/` directory with `.yml` or `.yaml` extension.
19	Unit 2: CI/CD and Deployment	Lec2	Job Dependencies	What does the `needs` keyword do in GitHub Actions?	Medium	2	B	Specifies required environment variables	Defines dependencies between jobs	Lists required secrets	Declares required permissions	The `needs` keyword ensures a job waits for specified jobs to complete before running, creating job dependencies.
20	Unit 2: CI/CD and Deployment	Lec2	Workflow Triggers	Which trigger allows manual workflow execution from the GitHub UI?	Medium	2	D	push	pull_request	schedule	workflow_dispatch	The `workflow_dispatch` trigger enables manual workflow execution from the GitHub Actions UI with optional input parameters.
21	Unit 2: CI/CD and Deployment	Lec2	Schedule Trigger	What syntax does the `schedule` trigger use in GitHub Actions?	Medium	2	C	Time intervals (e.g., “every 30 minutes”)	ISO 8601 format	Cron syntax	Natural language	The `schedule` trigger uses cron syntax, e.g., `cron: '0 0 * * *'` for daily execution at midnight.
22	Unit 2: CI/CD and Deployment	Lec2	Matrix Builds	What is the purpose of matrix builds in CI/CD?	Medium	2	A	Test across multiple configurations simultaneously	Build multiple unrelated applications	Create multiple Docker images	Deploy to multiple environments sequentially	Matrix builds run tests across multiple configurations (OS, language versions) in parallel, ensuring compatibility.
23	Unit 2: CI/CD and Deployment	Lec2	Secrets	How should secrets be accessed in GitHub Actions workflows?	Easy	1	B	Hardcoded in workflow files	Using secrets.SECRET_NAME expression syntax	Stored in .env files in the repository	Passed as command line arguments	Secrets should be stored in GitHub’s encrypted secrets and accessed using the secrets expression syntax in workflow files.
24	Unit 2: CI/CD and Deployment	Lec2	Caching	Why is dependency caching important in CI/CD pipelines?	Easy	1	C	To improve security	To simplify configuration	To speed up builds by avoiding repeated downloads	To enable parallel execution	Caching dependencies avoids re-downloading on every build, significantly reducing pipeline execution time.
25	Unit 2: CI/CD and Deployment	Lec2	Test Pyramid	According to the test pyramid, which tests should comprise the largest portion?	Medium	2	A	Unit tests (~70%)	Integration tests (~70%)	E2E tests (~70%)	Manual tests (~70%)	The test pyramid recommends ~70% unit tests (fast, cheap), ~20% integration tests, and ~10% E2E tests (slow, expensive).
26	Unit 2: CI/CD and Deployment	Lec2	GitLab CI	In GitLab CI, what keyword defines supporting services like databases?	Medium	2	B	dependencies	services	containers	resources	GitLab CI uses `services` to define supporting containers (like PostgreSQL, Redis) that run alongside test jobs.
27	Unit 2: CI/CD and Deployment	Lec2	Blue-Green Deployment	What is a key advantage of Blue-Green deployment?	Medium	2	D	Reduced infrastructure costs	Faster build times	Less code complexity	Zero-downtime with instant rollback capability	Blue-Green maintains two identical environments, enabling instant traffic switching and immediate rollback if issues occur.
28	Unit 2: CI/CD and Deployment	Lec2	Canary Deployment	What characterizes a Canary deployment strategy?	Medium	2	C	Deploying to all servers at once	Maintaining two identical environments	Gradual rollout to a subset of users with monitoring	Deploying only during off-peak hours	Canary deploys to a small percentage first, monitors for issues, then gradually increases traffic before full rollout.
29	Unit 2: CI/CD and Deployment	Lec2	GitOps	What is the core principle of GitOps?	Medium	2	A	Git is the single source of truth for infrastructure and application state	Using only GitHub for CI/CD	All code must be peer-reviewed	Automated testing is mandatory	GitOps uses Git as the single source of truth, with tools like ArgoCD automatically reconciling cluster state with Git.
30	Unit 2: CI/CD and Deployment	Lec2	Pipeline Security	Why should GitHub Actions be pinned to specific SHA hashes?	Hard	3	C	To improve execution speed	To enable better caching	To prevent supply chain attacks from compromised actions	To reduce storage costs	Pinning to SHA hashes ensures you use known-good versions, preventing attacks if an action is later compromised.
31	Unit 3: SonarQube	Lec3	Introduction	What type of code analysis does SonarQube perform?	Easy	1	B	Dynamic analysis (runtime)	Static analysis (without execution)	Performance profiling	Memory leak detection	SonarQube performs static analysis, examining code without executing it to detect bugs, code smells, and security vulnerabilities.
32	Unit 3: SonarQube	Lec3	Language Support	Approximately how many programming languages does SonarQube support?	Easy	1	C	10+	20+	30+	50+	SonarQube supports static analysis for over 30 programming languages including Python, Java, JavaScript, TypeScript, Go, and more.
33	Unit 3: SonarQube	Lec3	2026.1 Features	What is the MCP Server integration in SonarQube 2026.1 used for?	Medium	2	A	Connecting AI coding assistants to SonarQube	Managing container platforms	Multi-cloud provisioning	Memory cache pooling	MCP Server allows AI assistants like Claude and Cursor to connect directly to SonarQube for real-time quality verification.
34	Unit 3: SonarQube	Lec3	Edition Features	Which SonarQube edition is required for Branch Analysis and PR decoration?	Easy	1	B	Community Edition	Developer Edition and above	Enterprise Edition only	Data Center Edition only	Branch Analysis and PR decoration are available in Developer Edition and above, not in Community Edition.
35	Unit 3: SonarQube	Lec3	Architecture	Which SonarQube component processes analysis reports submitted by scanners?	Medium	2	D	Web Server	Database	Elasticsearch	Compute Engine	The Compute Engine processes analysis reports submitted by scanners and updates the database with findings.
36	Unit 3: SonarQube	Lec3	Quality Metrics	What are the four main metrics in SonarQube’s quality gates?	Medium	2	C	Speed, Size, Cost, Time	Bugs, Errors, Warnings, Info	Bugs, Vulnerabilities, Code Smells, Coverage	Lines, Files, Functions, Classes	The four pillars are Bugs (reliability), Vulnerabilities (security), Code Smells (maintainability), and Coverage (test coverage).
37	Unit 3: SonarQube	Lec3	Quality Gates	What is the recommended minimum test coverage for new code in the default Sonar Way quality gate?	Medium	2	B	60%	80%	90%	100%	The default Sonar Way quality gate recommends at least 80% test coverage on new code.
38	Unit 3: SonarQube	Lec3	Code Smells	What does a “Code Smell” indicate in SonarQube?	Easy	1	D	A security vulnerability	A runtime crash	A compilation error	A maintainability issue	Code Smells are maintainability issues like high complexity, duplication, or poor structure that make code harder to maintain.
39	Unit 3: SonarQube	Lec3	CI Integration	What does the `sonar.qualitygate.wait=true` setting do in CI pipelines?	Medium	2	B	Skips quality gate checking	Makes the pipeline wait and fail if quality gate fails	Sends email notifications	Enables caching of results	This setting makes the CI pipeline wait for analysis completion and fail the build if the quality gate is not passed.
40	Unit 3: SonarQube	Lec3	Git Integration	Why is `fetch-depth: 0` important when checking out code for SonarQube analysis?	Medium	2	C	To reduce checkout time	To save disk space	To provide full git history for accurate blame information	To enable branch switching	Full git history (fetch-depth: 0) is required for accurate blame information, helping identify who introduced issues.