Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertifications200-901TopicsApplication Deployment and Security
Free · No Signup RequiredCisco · 200-901

200-901 Application Deployment and Security Practice Questions

20+ practice questions focused on Application Deployment and Security — one of the most tested topics on the Cisco DevNet Associate 200-901 exam. Each question includes a detailed explanation so you learn why the right answer is correct.

Start Application Deployment and Security Practice

Exam Domains

Software Development and DesignUnderstanding and Using APIsCisco Platforms and DevelopmentApplication Deployment and SecurityInfrastructure and AutomationNetwork FundamentalsAll domains →

Study Tools

Practice TestMock ExamFlashcardsAll Topics

Sample Application Deployment and Security Questions

Practice all 20+ →
1.

A developer wants to ensure that a Docker container running a web application can only accept incoming traffic on port 443. Which Docker run option should be used?

A.docker run --port 443 myapp
B.docker run --net host myapp
C.docker run -p 443:443 myapp
D.docker run --expose 443 myapp

Explanation: Option C is correct because the `-p 443:443` flag publishes container port 443 to the host port 443, mapping incoming traffic on the host's port 443 to the container's port 443. This ensures the web application inside the container only accepts incoming traffic on port 443, as the host firewall and Docker's port mapping restrict access to that specific port.

2.

During a security audit, an engineer discovers that a CI/CD pipeline is storing API keys in plain text in environment variables. Which best practice should be implemented to mitigate this risk?

A.Store secrets in a .env file and add it to the repository with restricted access.
B.Encrypt the environment variables using a tool like openssl and store the key elsewhere.
C.Use a dedicated secrets management service like HashiCorp Vault or AWS Secrets Manager and retrieve secrets at runtime.
D.Remove the API keys from the pipeline and require manual entry each time a build runs.

Explanation: Option C is correct because dedicated secrets management services like HashiCorp Vault or AWS Secrets Manager provide secure storage, access control, and audit logging for sensitive data. They allow the CI/CD pipeline to retrieve API keys at runtime via authenticated API calls, ensuring secrets are never stored in plain text in environment variables or configuration files. This approach aligns with the principle of least privilege and eliminates the risk of exposure through source code or build logs.

3.

A network engineer is troubleshooting a Kubernetes deployment where pods are failing to start with the error 'CrashLoopBackOff'. The pod log shows 'bind: address already in use'. The deployment runs multiple replicas of a container that listens on port 8080. What is the most likely cause?

A.The container is attempting to bind to a privileged port without the necessary capabilities.
B.The deployment has hostPort: 8080 specified, causing port conflict when multiple replicas are scheduled on the same node.
C.The service is using NodePort and the node port is already in use.
D.Multiple containers in the same pod are trying to bind to the same port.

Explanation: The 'bind: address already in use' error indicates that the container's process cannot bind to port 8080 because it is already occupied. When `hostPort: 8080` is specified in the pod spec, Kubernetes instructs the container runtime to map the container port to the same port on the node's network namespace. If multiple replicas of the deployment are scheduled on the same node, each pod attempts to bind to port 8080 on the host, causing a conflict and the CrashLoopBackOff state. This is a common misconfiguration when using hostPort without ensuring that replicas are spread across different nodes.

4.

A developer needs to ensure that microservice A can securely communicate with microservice B over HTTPS within a Kubernetes cluster. What is the simplest approach?

A.Use a Kubernetes Ingress resource with TLS termination for microservice B.
B.Expose microservice B via a LoadBalancer Service and use HTTPS from microservice A.
C.Connect directly using the pod IP of microservice B over HTTP.
D.Create a Kubernetes Service of type ClusterIP for microservice B and configure microservice A to use HTTPS with the service DNS name.

Explanation: Option D is correct because using a ClusterIP Service for microservice B provides a stable DNS name within the cluster, allowing microservice A to communicate over HTTPS without exposing the service externally. This approach leverages Kubernetes' internal service discovery and can be paired with a service mesh or mutual TLS (mTLS) for secure communication, meeting the requirement for simplicity and security.

5.

An engineer is designing a CI/CD pipeline for a Python application. The pipeline should automatically run unit tests, build a Docker image, push it to a private registry, and deploy to a Kubernetes cluster. Which sequence of stages is correct?

A.Build -> Test -> Push -> Deploy
B.Test -> Push -> Deploy
C.Test -> Deploy -> Build -> Push
D.Test -> Build -> Push -> Deploy

Explanation: Option D is correct because a CI/CD pipeline for a Python application must first run unit tests to validate code quality, then build the Docker image from the tested code, push the image to a private registry, and finally deploy to Kubernetes. This sequence ensures that only tested and built artifacts are deployed, preventing deployment of broken or untested code.

+15 more Application Deployment and Security questions available

Practice all Application Deployment and Security questions

How to master Application Deployment and Security for 200-901

1. Baseline your knowledge

Start with 10 questions to gauge your current understanding of Application Deployment and Security. This tells you whether you need a concept refresher or just practice.

2. Review every explanation

For each question — right or wrong — read the full explanation. Understanding why an answer is correct is more valuable than knowing the answer itself.

3. Focus on exam traps

Application Deployment and Security questions on the 200-901 frequently use trap wording. Look for subtle differences in answers that test your precision, not just general knowledge.

4. Reach 80% consistently

Do repeated sessions until you score 80%+ three times in a row. Then move to mixed-mode practice to test cross-topic recall under realistic conditions.

Frequently asked questions

How many 200-901 Application Deployment and Security questions are on the real exam?

The exact number varies per candidate. Application Deployment and Security is tested as part of the Cisco DevNet Associate 200-901 blueprint. Practicing with targeted Application Deployment and Security questions ensures you can handle any format or difficulty that appears.

Are these 200-901 Application Deployment and Security practice questions free?

Yes. Courseiva provides free 200-901 practice questions across all exam topics and domains. The platform includes topic-based practice, mock exams, missed-question review, bookmarked questions, and readiness tracking — no account required.

Is Application Deployment and Security one of the harder 200-901 topics?

Difficulty is subjective, but Application Deployment and Security is a high-priority exam concept tested in multiple ways — direct recall, scenario analysis, and command-output interpretation. Consistent practice is the best way to build confidence.

Ready to practice?

Launch a full Application Deployment and Security practice session with instant scoring and detailed explanations.

Start Application Deployment and Security Practice →

Topic Info

Topic

Application Deployment and Security

Exam

200-901

Questions available

20+