Practice KCNA Cloud Native Application Delivery questions with full explanations on every answer.
Start practicing
Cloud Native Application Delivery — choose a session length
Free · No account required
Click any question to see the full explanation and answer options, or start a focused practice session above.
A startup wants to minimize downtime during application updates in Kubernetes. Which deployment strategy should they use?
2A DevOps engineer notices that after a Helm upgrade, the new pods are crash looping with 'ImagePullBackOff'. What is the most likely cause?
3A team wants to implement GitOps for their Kubernetes workloads using Argo CD. They have multiple environments (dev, staging, prod) in separate clusters. What is the best practice for structuring the Git repository?
4A user reports that a ConfigMap update is not reflected in running pods. Which action should be taken to ensure pods receive the updated configuration?
5Which TWO of the following are benefits of using Helm for application delivery?
6Which THREE of the following practices are essential for a secure cloud native CI/CD pipeline?
7Refer to the exhibit. The deployment myapp is updated from image myapp:1.0 to myapp:2.0. During the rollout, what is the maximum number of pods that will be unavailable at any given time?
8Your organization runs a microservices application on a Kubernetes cluster with 5 worker nodes (each with 4 vCPU, 16GB RAM). The application consists of 20 microservices, each deployed as a Deployment with 3 replicas. Recently, after a new microservice 'inventory' was deployed with resource requests of 2 CPU and 4GB memory per pod, the cluster started experiencing pod scheduling failures. Many existing pods are in 'Pending' state with events indicating 'Insufficient cpu' or 'Insufficient memory'. The cluster has cluster autoscaling enabled (node pool ranging from 3 to 10 nodes), but new nodes are not being added quickly enough, and the existing nodes are heavily utilized. You need to resolve the scheduling failures while ensuring the inventory service can scale. Which course of action should you take?
9A team is deploying a new microservice that processes sensitive user data. They want to ensure that secrets such as database passwords are not exposed in the container image or environment variables. Which approach should they use?
10A company is adopting a GitOps workflow for their Kubernetes deployments. They want to ensure that the cluster state always matches the desired state defined in a Git repository. Which tool is specifically designed for this purpose?
11A microservice application is experiencing high latency during traffic spikes. The team identifies that the database connection pool is exhausted. They want to implement a pattern that helps decouple the microservice from direct database connections and smooth out traffic bursts. Which design pattern should they apply?
12Which TWO statements are true about Kubernetes Deployments?
13A financial services company runs a critical trading application on Kubernetes. The application is deployed as a Deployment with 3 replicas. Each pod exposes metrics on port 8080 and uses a ConfigMap to load configuration. Recently, after a configuration change via a ConfigMap update, two of the three pods started crashing with an out-of-memory (OOM) error, while the third pod continues to run fine. The team verified that the ConfigMap was updated correctly and that the application code did not change. The pods have resource limits set: memory limit of 512Mi and request of 256Mi. The application's memory usage before the change was around 200Mi. The new configuration increases the in-memory cache size. The team suspects the issue is related to the configuration change. What is the best course of action?
14A team is deploying a microservice application on Kubernetes. They want to ensure that during rolling updates, the new version of the service receives traffic only after the readiness probe succeeds. However, they observe that the old pods are terminated before the new pods are ready, causing a brief downtime. Which configuration change should they make to the Deployment to prevent this?
15A DevOps team uses Helm to manage Kubernetes applications. They want to ensure that sensitive data (e.g., database passwords) is not stored in plaintext in the Helm chart or in the cluster's ConfigMaps/Secrets. Which TWO practices should they adopt? (Choose two.)
16Refer to the exhibit. The deployment above is created, but the pods are not receiving traffic from the associated Service. The Service selector matches 'app: web'. The Service endpoints list is empty. What is the most likely cause?
17Drag and drop the steps to create a Kubernetes deployment using kubectl into the correct order.
18Drag and drop the steps to troubleshoot a Pod stuck in CrashLoopBackOff into the correct order.
19Drag and drop the steps to create a ConfigMap from a file in Kubernetes into the correct order.
20Drag and drop the steps to scale a Kubernetes Deployment horizontally into the correct order.
21Match each Kubernetes resource to its primary purpose.
22Match each CNCF project to its primary function.
23Match each Kubernetes networking concept to its description.
24Match each Kubernetes storage concept to its description.
25A development team wants to implement GitOps for their Kubernetes deployments using ArgoCD. Which ArgoCD component is responsible for monitoring the Git repository for changes and syncing the desired state to the cluster?
26What is the primary purpose of a container registry in the CI/CD pipeline?
27A team uses Helm to manage a complex application. They want to perform a release upgrade but keep a record of the previous release so they can roll back if needed. Which Helm command should they use?
28In Flux, which controller is responsible for reconciling the desired state defined in a Git repository to the cluster?
29A team wants to implement a canary deployment strategy for their Kubernetes application. Which tool is specifically designed for progressive delivery and can be used to automate canary rollouts?
30Which DORA metric measures the percentage of deployments that cause a failure in production?
31An organization uses Flux with Kustomize to manage their Kubernetes applications. They want to automatically update their deployment when a new container image is pushed to the registry. Which Flux component should they use?
32In Kustomize, what is the purpose of an overlay?
33A CI/CD pipeline includes image scanning. What is the primary security benefit of scanning container images in the CI phase?
34What is the primary advantage of using Helm to package a Kubernetes application?
35A team uses ArgoCD with a Git repository that contains Helm charts. They want ArgoCD to automatically sync when a new image tag is pushed to the container registry. Which approach should they use?
36In a CI/CD pipeline, what is the difference between continuous delivery and continuous deployment?
37Which TWO of the following are capabilities of ArgoCD? (Choose two.)
38Which THREE of the following are features of Helm that facilitate release management? (Choose three.)
39Which TWO of the following are deployment patterns that can be used to update applications with minimal downtime? (Choose two.)
40What is the primary purpose of a continuous integration (CI) pipeline in cloud native application delivery?
41In GitOps with ArgoCD, what happens when the desired state in Git differs from the live state in the cluster?
42A team uses Flux with the Source Controller and Kustomize Controller. They update a YAML file in Git to change a Deployment's replica count. What describes the synchronization flow?
43What is Helm's role in Kubernetes?
44During a canary deployment using Argo Rollouts, how does the tool determine the success of the canary before promoting it?
45A developer runs 'helm upgrade --install myapp ./mychart' and sees the release status is 'failed'. What is the most likely cause?
46When using Kustomize, how do you apply a common label to all resources in the base?
47Which deployment strategy updates pods incrementally, replacing old pods with new ones while ensuring availability?
48A container image is being pushed to a private registry. What is the correct workflow?
49In a CI pipeline, image scanning is integrated to detect vulnerabilities. What is the best practice when a critical vulnerability is found in a base image?
50Which DORA metric measures how quickly code changes are deployed to production?
51What is the purpose of values.yaml in a Helm chart?
52Which TWO statements are true about ArgoCD's health status?
53Which THREE are common features of progressive delivery?
54Which TWO actions can improve the DORA metric 'Mean Time to Recovery (MTTR)'?
55What is the primary purpose of a container registry in a CI/CD pipeline?
56In GitOps with ArgoCD, what does 'self-healing' refer to?
57Which Helm command is used to upgrade a release to a newer version of a chart?
58A DevOps team wants to adopt a deployment pattern where a new version of an application is gradually rolled out to a small subset of users before full deployment. Which progressive delivery technique should they use?
59In Kustomize, what is the purpose of an overlay?
60Which DORA metric measures the percentage of deployments that cause a failure in production?
61In Flux CD, which component is responsible for reconciling the cluster state with the source of truth defined in a Git repository?
62An application deployment in Kubernetes uses a Deployment object. During a rolling update, the new ReplicaSet fails to become healthy. What is the default behavior of the Deployment controller?
63Which tool can be used to implement feature flags in a Kubernetes-native progressive delivery setup?
64A CI pipeline scans container images for vulnerabilities. The scan report shows a critical vulnerability in a base image layer. What is the most efficient way to remediate this issue?
65A Kubernetes Deployment is configured with 'strategy.type: RollingUpdate'. The team wants to ensure that during an update, no more than 25% of pods are unavailable at any time. Which specification should be added?
66In a GitOps workflow, a team uses ArgoCD. A developer manually changes a Deployment's replica count in the cluster via kubectl. ArgoCD has self-healing enabled. What will happen?
67Which TWO of the following are benefits of using Helm for managing Kubernetes applications?
68Which THREE of the following are key capabilities of progressive delivery tools like Argo Rollouts?
69Which TWO statements about GitOps are correct?
70What is the primary purpose of continuous integration (CI) in a cloud-native application delivery pipeline?
71A DevOps team wants to implement GitOps for their Kubernetes cluster. Which tool is specifically designed for Kubernetes GitOps and can automatically sync the cluster state with a Git repository?
72In a Helm chart, which file is used to define default configuration values that can be overridden by users during installation?
73A team is using Kustomize to manage configurations for different environments. They want to create a variant of a base deployment that uses a different number of replicas. Which Kustomize feature should they use?
74Which deployment strategy is characterized by gradually shifting traffic from an old version to a new version of an application, often requiring a service mesh or ingress controller to manage traffic splitting?
75A team uses Argo Rollouts for progressive delivery. They configure a canary rollout with a traffic split of 20% to the new version. After verification, the rollout automatically increases traffic to 100%. Which Argo Rollout manifest field controls this gradual traffic increase?
76What is the purpose of container image scanning in a CI/CD pipeline?
77According to DORA metrics, which metric measures the percentage of deployments that fail in production?
78A team uses Flux to manage GitOps. Which Flux component is responsible for reconciling the cluster state with the desired state defined in a Git repository?
79Which command is used to rollback a Helm release to a previous revision?
80In a blue-green deployment strategy, at any given time, only one environment (blue or green) is active. What is the primary advantage of this approach?
81A team wants to use feature flags to control the rollout of a new feature in a Kubernetes-deployed microservice. Which tool is specifically designed for managing feature flags in cloud-native applications?
82Which TWO statements are true about Kustomize? (Choose 2)
83Which THREE are examples of DORA metrics used to measure DevOps performance? (Choose 3)
84Which TWO components are part of the core Flux GitOps toolkit? (Choose 2)
85What is the primary purpose of a container registry in a CI/CD pipeline?
86A team uses Helm to manage their Kubernetes applications. They need to upgrade a release and want to reuse the values from the previous release while overriding a specific value. Which helm command should they use?
87A Kubernetes cluster runs a critical application that must be updated with zero downtime. The team wants to gradually shift traffic from the old version to the new version over a period of time. Which deployment pattern is MOST appropriate?
88In the context of DORA metrics, which metric measures how often an organization successfully releases to production?
89Which TWO of the following are characteristics of Kustomize?
90Which TWO of the following are features of ArgoCD that support GitOps principles?
91Which THREE of the following are DORA metrics?
92Which THREE of the following are core components of Flux?
93Which TWO of the following are benefits of implementing progressive delivery techniques (e.g., canary releases)?
94Which THREE of the following are important security practices in a container image CI/CD pipeline?
The Cloud Native Application Delivery domain covers the key concepts tested in this area of the KCNA exam blueprint published by CNCF. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all KCNA domains — no account required.
The Courseiva KCNA question bank contains 94 questions in the Cloud Native Application Delivery domain. Click any question to see the full explanation and answer breakdown.
Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.
Yes — the session launcher on this page draws questions exclusively from the Cloud Native Application Delivery domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.
Save your results, see per-domain analytics, and get readiness scores — free, for every certification.
Sign Up FreeFree forever · Every certification included