Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Free Resources

Difficulty IndexLearn — Free ChaptersIT GlossaryFree Tools & LabsStudy GuidesCareer RoadmapsBrowse by VendorCisco Command ReferenceCCNA Scenarios

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertifications200-901DomainsApplication Deployment and Security
200-901Free — No Signup

Application Deployment and Security

Practice 200-901 Application Deployment and Security questions with full explanations on every answer.

99questions

Start practicing

Application Deployment and Security — choose a session length

10 questions~10 min20 questions~20 min30 questions~30 min50 questions~50 min

Free · No account required

200-901 Domains

Software Development and DesignUnderstanding and Using APIsApplication Deployment and SecurityCisco Platforms and DevelopmentNetwork FundamentalsInfrastructure and Automation

Practice Application Deployment and Security questions

10Q20Q30Q50Q

All 200-901 Application Deployment and Security questions (99)

Start session

Click any question to see the full explanation and answer options, or start a focused practice session above.

1

A developer creates a Dockerfile for a Python web application. Which instruction should be used to copy the application source code into the container image?

2

A Docker container needs to be started in detached mode with port mapping from host port 8080 to container port 80. Which command accomplishes this?

3

In a docker-compose.yaml file, which key is used to define the container image to be built from a Dockerfile in the current directory?

4

A company deploys a microservice using Kubernetes. The service must be accessible externally via a stable IP address and load-balanced across pods. Which Service type should be used?

5

A CI/CD pipeline has a stage that runs security vulnerability scans on dependencies. Which tool is specifically designed to scan Python packages for known vulnerabilities?

6

A developer is writing a Dockerfile for a Node.js application. They want to set a build-time variable for the application version that can be changed without modifying the Dockerfile. Which instruction should be used?

7

A Kubernetes pod needs to read configuration data such as database hostname, which is non-sensitive and may change across environments. Which resource should be used to store this data and inject it into the pod?

8

A developer needs to apply a Kubernetes deployment manifest from a file named 'deployment.yaml'. Which kubectl command should be used?

9

In a Docker bridge network, two containers can communicate with each other using which identifier by default?

10

A developer needs to view the logs of a running Docker container with ID 'abc123'. Which command should be used?

11

A Kubernetes Deployment is configured with rolling update strategy. A new version of the image is pushed, and the deployment is updated. During the rollout, the new pods are failing health checks. Which command can be used to pause the rollout and prevent further updates?

12

A CI/CD pipeline using GitHub Actions needs to build a Docker image and push it to Docker Hub. Which event trigger should be used to run the workflow only when code is pushed to the main branch?

13

A developer is implementing secure coding practices to prevent SQL injection. Which approach is most effective when building a SQL query with user input?

14

In a Docker Compose file with multiple services, one service depends on another to be healthy before starting. Which key should be used to express this dependency and ensure the dependent service is started first?

15

A Kubernetes pod needs to run a database that requires persistent storage. Which volume type should be used to store data that persists beyond the pod lifecycle?

16

Which TWO actions are best practices for managing secrets in a CI/CD pipeline?

17

Which TWO Docker network drivers allow a container to communicate with the host's network stack directly?

18

Which THREE options are valid methods to expose a Kubernetes service to external traffic?

19

A developer creates a Dockerfile with the following content: FROM python:3.9-slim, COPY app.py /app/, RUN pip install flask, EXPOSE 5000, CMD ["python", "/app/app.py"]. When building the image with 'docker build -t myapp .', what is the purpose of the EXPOSE instruction?

20

A CI/CD pipeline for a microservice application includes stages: code commit, build Docker image, push to registry, deploy to staging, run integration tests, and deploy to production. The team wants to ensure that if integration tests fail, the pipeline stops and does not proceed to production. Which CI/CD concept is used to enforce this behavior?

21

In a Kubernetes deployment, a developer needs to expose a set of pods internally within the cluster on a stable IP address. The pods are stateless and serve HTTP traffic. Which Service type should be used?

22

A developer runs the command: docker run -d -p 8080:80 --name web nginx. Which of the following best describes what happens?

23

A team uses GitHub Actions for CI/CD. Their workflow includes a job that builds a Docker image and pushes it to a private registry. The job needs to authenticate to the registry using secrets stored in GitHub. Which approach is most secure for passing credentials?

24

A developer writes a web application that accepts user input and displays it on a page. To prevent cross-site scripting (XSS), what is the most effective defense?

25

In a Docker Compose file, a service 'web' depends on 'db'. The 'db' service uses a volume to persist data. Which compose key ensures that the database starts before the web service?

26

A Kubernetes Deployment has replicas: 3. The team updates the container image to a new version. The rollout gets stuck because the new pod fails readiness probes. Which kubectl command will display the rollout status and help diagnose the issue?

27

A developer needs to share a Docker image with a colleague. They decide to push the image to a registry. Which Docker command pushes an image to a registry?

28

A Kubernetes environment has multiple teams sharing the same cluster. One team wants to deploy applications without interfering with other teams' resources. Which Kubernetes resource should be used to isolate the team's resources?

29

A developer has a Docker container running a database. They need to inspect the database logs to debug a connection issue. Which command will show the logs in real-time?

30

A CI/CD pipeline for a Python project should run unit tests and check for known vulnerabilities in dependencies. Which tool can be integrated into the pipeline to perform dependency scanning?

31

A developer is deploying a containerized application with Docker Compose. The application requires environment variables for database credentials that should not be hardcoded in the docker-compose.yml file. Which two methods securely provide these credentials? (Choose two.)

32

A Kubernetes cluster has a deployment named 'frontend' that needs to be updated to a new image version. The update should be performed with zero downtime. Which three kubectl commands or approaches can achieve this? (Choose three.)

33

A developer is writing a CI/CD pipeline using Jenkins Declarative Pipeline. They want to ensure that sensitive credentials (e.g., API keys) are never exposed in console logs. Which two security practices should be implemented? (Choose two.)

34

You are writing a Dockerfile. Which instruction should you use to set the working directory for subsequent RUN, CMD, ENTRYPOINT, COPY, and ADD instructions?

35

A developer runs 'docker run -d -p 8080:80 --name web nginx:alpine'. The container fails to start. Which command is the most appropriate to investigate the issue?

36

In a Kubernetes cluster, you need to expose a set of pods running a web application to external traffic on a specific port. Which Service type should you use to provide a stable external IP address?

37

A CI/CD pipeline includes stages for code commit, build, unit test, integration test, staging deploy, and production deploy. Which change would best prevent a faulty build from reaching production?

38

You are writing a Dockerfile for a Python application. Which instruction should you use to install the dependencies from a requirements.txt file?

39

A developer needs to share a Docker image built from a Dockerfile with team members. Which command correctly builds the image and tags it as 'myapp:v1'?

40

A Kubernetes Deployment manages a set of identical pods. You update the container image to a new version. The rollout gets stuck. Which kubectl command should you use to view the rollout status and determine the cause?

41

In a Docker Compose file, you want to ensure that the 'web' service starts only after the 'db' service is healthy. Which key should you use under the 'web' service?

42

A developer wants to run a container in the background with port mapping and a named volume. Which command accomplishes this?

43

A web application is vulnerable to SQL injection. Which secure coding practice should the developer implement in the code to prevent this?

44

In a Kubernetes cluster, you need to store non-sensitive configuration data (e.g., database hostname) that can be consumed by pods as environment variables. Which resource should you use?

45

A developer needs to ensure that environment variables containing database credentials are not hardcoded in the application code. Which approach is most secure for managing secrets in a CI/CD pipeline?

46

Which TWO commands are used to view information about Docker containers? (Select two.)

47

Which THREE are valid Kubernetes Service types? (Select three.)

48

Which TWO practices help prevent sensitive data exposure in a CI/CD pipeline? (Select two.)

49

A developer is creating a Dockerfile for a Python Flask application. The application runs on port 5000. Which directive should be used to document that the container listens on this port?

50

A team uses a Jenkins declarative pipeline to deploy a microservice. The pipeline includes stages: Checkout, Build Docker Image, Run Unit Tests, Push to Registry, Deploy to Staging, and Deploy to Production. Which stage should run immediately after 'Build Docker Image' to ensure code quality before the image is pushed?

51

A Kubernetes deployment is configured with replicas: 3. During a rolling update, the deployment strategy is set to RollingUpdate with maxSurge: 1 and maxUnavailable: 0. What is the maximum number of pods that will be running during the update?

52

A developer is writing a web application and needs to prevent SQL injection attacks. Which coding practice is most effective?

53

In Docker, which command is used to build an image from a Dockerfile and tag it as 'myapp:v1'?

54

A DevOps engineer runs a container using 'docker run -d -p 8080:80 nginx'. The host firewall blocks incoming traffic on port 8080 from external networks but allows from the local host. Which command would allow the engineer to test the container's web server from the same machine?

55

A Kubernetes cluster runs a microservice that needs to read configuration values from a ConfigMap and sensitive database credentials from a Secret. The pod manifest references both resources. How should the Secret be mounted to avoid exposing sensitive data in logs or environment variables?

56

In a Docker Compose file, which key is used to define the dependency order between services?

57

A developer commits code to a GitHub repository and wants automated tests to run, followed by building a Docker image and pushing it to Docker Hub only if tests pass. Which CI/CD tool can be configured using a YAML file placed in the .github/workflows directory?

58

A developer uses Kubernetes and wants to expose a deployment named 'web-app' externally via a cloud load balancer. Which Service type should be used?

59

A developer is writing a Dockerfile for a Node.js application. The application uses environment variables for configuration. Which Dockerfile instruction should be used to set a default value for the NODE_ENV variable?

60

Which Docker networking mode provides the most isolation by not connecting the container to any network?

61

A CI/CD pipeline uses GitLab CI. The pipeline must build a Docker image and then run security scans on the image before pushing. Which GitLab CI keyword allows defining a sequence of jobs that must run in order?

62

A developer wants to ensure that a containerized application restarts automatically if it exits with a non-zero code. The application is run using Docker. Which flag should be used?

63

A Kubernetes pod runs two containers that need to share a filesystem. Which volume type should be used to enable file sharing between the containers within the same pod?

64

A developer is building a web application and wants to implement security best practices. Which TWO actions should be taken? (Choose two.)

65

A developer is using Docker Compose to run a multi-service application. Which THREE keys are valid top-level keys in a docker-compose.yml file? (Choose three.)

66

A Kubernetes administrator wants to use kubectl to troubleshoot a pod named 'my-pod' that is not starting. Which TWO commands are useful? (Choose two.)

67

A developer wants to create a Docker image that runs a Python application. Which instruction should be placed at the end of the Dockerfile to specify the command that runs when the container starts?

68

A Docker container running a web application needs to be accessible on the host's port 8080. The application inside the container listens on port 80. Which docker run command achieves this?

69

In a Kubernetes cluster, a developer needs to ensure that a set of pods can be accessed by other pods using a stable IP address and DNS name, even if pods are recreated. Which resource should be created?

70

A CI/CD pipeline is configured to build a Docker image, run unit tests, and push the image to a registry. To ensure that only successfully tested images are pushed, which stage order is correct?

71

A developer needs to store a database password securely in a Kubernetes cluster. Which resource should be used?

72

Which Docker network driver allows a container to share the host's network stack, giving it direct access to host interfaces?

73

A developer is writing a web application and wants to prevent SQL injection attacks. Which coding practice should be followed when constructing SQL queries?

74

In a Jenkins declarative pipeline, a stage named 'Deploy to Production' should only run after manual approval. Which directive should be used to achieve this?

75

A developer runs 'docker-compose up -d' for a multi-service application. What does the '-d' flag do?

76

A Kubernetes pod contains two containers that need to share a local filesystem. Which volume type should be used to enable this?

77

A developer notices that after a new deployment, the application is not receiving traffic. The Service selector does not match the pod labels. Which kubectl command can be used to inspect the Service's selector?

78

Which Docker command is used to view the logs of a running container in real-time?

79

In a Dockerfile, which instruction is used to set an environment variable that will be available at runtime?

80

A developer wants to perform a rolling update of a Kubernetes Deployment. Which command will update the image and initiate the rollout?

81

A CI/CD pipeline uses GitHub Actions. The workflow should trigger only when a pull request is opened against the 'main' branch. Which 'on' trigger configuration is correct?

82

Which TWO practices help prevent hardcoded credentials in application code? (Choose TWO.)

83

Which THREE steps are essential in a typical CI/CD pipeline for a containerized application? (Choose THREE.)

84

Which TWO Kubernetes resources are used to provide configuration data to pods? (Choose TWO.)

85

A developer creates a Dockerfile for a Python web application. Which instruction should be used to define the working directory inside the container for subsequent commands?

86

A team is deploying a microservice that must scale independently. The service uses environment variables for configuration. Which Kubernetes resource should be used to store non-sensitive configuration data separate from the container image?

87

A developer wants to run a Docker container in detached mode, mapping host port 8080 to container port 80, and mounting a host directory for persistent data. Which command accomplishes this?

88

In a CI/CD pipeline using Jenkins, which stage is typically executed immediately after the build stage to ensure code quality before deployment?

89

A Kubernetes pod has two containers: a main application and a sidecar proxy. They need to communicate via localhost. Which pod networking model allows this?

90

A developer needs to enforce HTTPS for a web application. Which security measure should be implemented in the application or reverse proxy?

91

A docker-compose.yml defines a web service with environment variables. Which key in the service definition should be used to set environment variables?

92

A company uses GitHub Actions for CI/CD. They want to automatically scan dependencies for known vulnerabilities on every push. Which action should be added to the workflow?

93

A Kubernetes Deployment is updated with a new image tag, but the rollout fails. Which kubectl command should be used to view the rollout status and troubleshoot?

94

A developer needs to prevent SQL injection in a web application. Which coding practice should be used when constructing database queries?

95

Which Docker command is used to view the logs of a running container in real-time?

96

A Kubernetes Service must expose a pod running a database to other pods in the same cluster, but not externally. Which Service type should be used?

97

A developer is writing a Dockerfile for a Node.js application. Which TWO instructions are commonly used to define the command that runs when the container starts?

98

A CI/CD pipeline includes stages for security scanning. Which TWO tools or services are specifically designed for dependency vulnerability scanning?

99

A company is adopting DevSecOps practices. Which THREE practices should be implemented to secure application deployment?

Practice all 99 Application Deployment and Security questions

Other 200-901 exam domains

Software Development and DesignUnderstanding and Using APIsCisco Platforms and DevelopmentNetwork FundamentalsInfrastructure and Automation

Frequently asked questions

What does the Application Deployment and Security domain cover on the 200-901 exam?

The Application Deployment and Security domain covers the key concepts tested in this area of the 200-901 exam blueprint published by Cisco. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all 200-901 domains — no account required.

How many Application Deployment and Security questions are in the 200-901 question bank?

The Courseiva 200-901 question bank contains 99 questions in the Application Deployment and Security domain. Click any question to see the full explanation and answer breakdown.

What is the best way to practice Application Deployment and Security for 200-901?

Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.

Can I practice only Application Deployment and Security questions for 200-901?

Yes — the session launcher on this page draws questions exclusively from the Application Deployment and Security domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.

Free forever · No credit card required

Track your 200-901 domain progress

Save your results, see per-domain analytics, and get readiness scores — free, for every certification.

Sign Up Free

Free forever · Every certification included

Practice Session

10 questions20 questions30 questions50 questions

Study Resources

All DomainsPractice TestMock ExamFlashcardsStudy Guide