Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Implement advanced Ansible automation practice sets

EX294 Implement advanced Ansible automation • Complete Question Bank

EX294 Implement advanced Ansible automation — All Questions With Answers

Complete EX294 Implement advanced Ansible automation question bank — all 0 questions with answers and detailed explanations.

94
Questions
Free
No signup
Certifications/EX294/Practice Test/Implement advanced Ansible automation/All Questions
Question 1mediummultiple choice
Read the full Ansible explanation →

An Ansible playbook fails intermittently when deploying web servers. The error message indicates that a required package is not available in the repository. Which approach would best ensure that the required packages are consistently available before the playbook runs?

Question 2easymultiple choice
Read the full Ansible explanation →

An administrator wants to reuse a set of tasks that configure a firewall across multiple playbooks. Which Ansible feature should be used to achieve this?

Question 3hardmultiple choice
Read the full Ansible explanation →

A playbook uses the 'include_tasks' module to dynamically include tasks based on a variable. The playbook runs successfully on some hosts but fails on others with a 'template error' message. What is the most likely cause?

Question 4easymultiple choice
Read the full Ansible explanation →

An Ansible playbook is designed to run on a group of database servers. The administrator wants to ensure that a task runs only on the primary database server, which is defined in the inventory with a variable 'primary: true'. Which conditional should be used?

Question 5mediummultiple choice
Read the full Ansible explanation →

A playbook uses the 'block' and 'rescue' keywords to handle errors. The block contains three tasks. The first task fails. What happens next?

Question 6hardmultiple choice
Read the full Ansible explanation →

An administrator needs to securely pass a database password to a playbook without exposing it in logs or the command line. Which approach is the most secure?

Question 7easymultiple choice
Read the full Ansible explanation →

A system administrator wants to run a playbook on all hosts in the 'webservers' group, but only if the host is currently online. Which approach should be used?

Question 8mediummultiple choice
Read the full Ansible explanation →

An Ansible playbook includes a role that defines default variables in 'defaults/main.yml' and role variables in 'vars/main.yml'. A playbook sets the same variable in the play's 'vars' section. Which variable value takes precedence?

Question 9mediummulti select
Read the full Ansible explanation →

Which TWO statements about Ansible collections are correct?

Question 10hardmulti select
Read the full Ansible explanation →

Which THREE of the following are valid uses of the 'ansible.builtin.include_role' module?

Question 11easymulti select
Read the full Ansible explanation →

Which TWO of the following are advantages of using 'ansible-pull' over 'ansible-playbook'?

Question 12hardmultiple choice
Read the full Ansible explanation →

You are managing a large infrastructure of 500 Linux servers. The servers are divided into groups: 'web', 'app', and 'db'. Each group has specific configuration requirements. You have developed a set of Ansible roles to manage these configurations. Recently, you noticed that when you run the playbook against all servers, the 'web' role is applied to 'app' servers due to a variable misconfiguration. The playbook uses include_role with a variable that determines which role to apply. The variable is defined in group_vars/all.yml as 'server_role: web'. However, each group should have its own role: 'web' for web servers, 'app' for app servers, 'db' for db servers. The playbook includes the role based on '{{ server_role }}'. What is the best course of action to fix this issue without modifying the playbook structure?

Question 13mediummultiple choice
Read the full Ansible explanation →

You have an Ansible playbook that uses the 'lineinfile' module to manage the /etc/ssh/sshd_config file. The playbook runs without errors, but after execution, the SSH service becomes unreachable on some hosts. Investigation reveals that the file contains duplicate lines for 'Port 22' and 'PermitRootLogin no'. The playbook uses the following task:

- name: Ensure SSH settings ansible.builtin.lineinfile: path: /etc/ssh/sshd_config regexp: "^{{ item.key }}" line: "{{ item.key }} {{ item.value }}" loop: - { key: 'Port', value: '22' } - { key: 'PermitRootLogin', value: 'no' }

The playbook is run multiple times. What is the most likely cause of the duplicate lines?

Question 14mediummultiple choice
Read the full Ansible explanation →

An Ansible automation team is designing a playbook to manage network devices. They need to ensure that the playbook can handle transient network failures by retrying failed tasks a specific number of times with a delay between retries. Which approach should they use?

Question 15hardmultiple choice
Read the full Ansible explanation →

An Ansible playbook that deploys a web application includes a task that uses the `uri` module to call an external API. The task occasionally fails due to API rate limiting. Which combination of keywords should be added to the task to automatically retry up to 5 times with a 30-second delay between attempts, and only fail if all retries are exhausted?

Question 16easymultiple choice
Read the full Ansible explanation →

A systems administrator needs to run a playbook that applies configuration changes to a set of servers. They want to ensure that if any task fails on a host, the playbook continues with the next host without aborting the entire play. Which play-level keyword should they use?

Question 17hardmultiple choice
Read the full Ansible explanation →

An Ansible automation engineer is developing a role that manages a microservice. The role needs to include conditional tasks based on whether a variable `microservice_version` is defined. If defined, it should use that version; otherwise, it should default to `latest`. Which of the following is the most efficient and idiomatic way to implement this default value within the role?

Question 18mediummulti select
Read the full Ansible explanation →

Which TWO statements about Ansible roles are correct? (Select exactly 2)

Question 19hardmultiple choice
Read the full Ansible explanation →

Your team is responsible for managing a fleet of 200 RHEL 8 servers using Ansible Tower. You have been asked to implement a secure automation workflow that meets the following requirements:

1. All playbooks must be stored in a private Git repository hosted on an internal GitLab server. 2. Credentials to access the Git repository must be stored securely in Ansible Tower. 3. The automation must run on a schedule every night at 2:00 AM. 4. If a playbook run fails, the team must be notified via email. 5. The playbooks require SSH private keys to connect to the managed hosts; these keys must be stored securely. 6. A development team needs to be able to launch the same job template manually, but they must not be able to modify the job template or view the credentials.

You have created a Machine Credential for SSH and a Source Control Credential for Git. You have also created a Job Template that references the project, inventory, and credentials. What is the correct sequence of steps to satisfy all requirements?

Question 20mediummultiple choice
Read the full Ansible explanation →

An engineer runs the playbook as shown. What is the expected result?

Network Topology
start-at-task 'configure firewall'stepRefer to the exhibit.PLAY [Production servers] *******************************TASK [Gathering Facts] *********************************************************ok: [prod01]TASK [configure firewall] ******************************************************Perform task? (y/n/c): ychanged: [prod01]TASK [enable service] **********************************************************Perform task? (y/n/c): nTASK [start service] ***********************************************************Perform task? (y/n/c): cPLAY RECAP *********************************************************************prod01ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Question 21hardmulti select
Read the full Ansible explanation →

An Ansible Automation Platform administrator is reviewing a job template that runs a playbook against a large inventory. To improve performance without sacrificing accuracy, which TWO strategies should be implemented? (Choose two.)

Question 22easymultiple choice
Read the full Ansible explanation →

A large enterprise manages its infrastructure with Ansible Automation Platform. The operations team reports that job runs are taking longer than expected, especially for playbooks that include role dependencies. After investigation, they notice that the control node has high CPU and memory usage during job execution. The inventory contains 500 hosts, and the playbooks use several roles that include dynamic includes (include_tasks) based on conditional variables. The team wants to reduce the load on the control node without changing the playbook logic or reducing functionality. Which action should the team take?

Question 23mediumdrag order
Read the full Ansible explanation →

Drag and drop the steps to configure a network bond (bond0) using nmcli in the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5
Question 24mediummatching
Read the full Ansible explanation →

Match each Ansible fact variable to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Fully qualified domain name

OS family (e.g., RedHat)

Total memory in MB

Number of CPU cores

Default IPv4 interface info

Question 25easymultiple choice
Read the full Ansible explanation →

A team wants to ensure that a sensitive variable, such as a database password, is not printed when ansible-playbook runs with -v (verbose). What is the best method to achieve this?

Question 26mediummultiple choice
Read the full Ansible explanation →

An Ansible playbook runs tasks on a group of web servers. During a rolling update, the playbook should ensure that no more than 2 servers are taken out of service at the same time. Which play keyword should be used?

Question 27hardmultiple choice
Read the full Ansible explanation →

A playbook uses the 'include_tasks' module to load platform-specific tasks. The playbook fails intermittently with 'Could not find or access file' error on some runs but works on others. Which of the following is the most likely cause?

Question 28easymultiple choice
Read the full Ansible explanation →

An administrator wants to reuse a set of tasks across multiple playbooks. Which Ansible approach is most appropriate?

Question 29mediummultiple choice
Read the full Ansible explanation →

A playbook uses 'vars_prompt' to ask for a confirmation before proceeding with destructive changes. However, when the playbook is run from a CI/CD pipeline, it hangs indefinitely. What is the best way to handle this?

Question 30easymultiple choice
Read the full Ansible explanation →

A playbook uses the 'block' feature to group tasks and includes a 'rescue' section. If a task inside the block fails, what happens?

Question 31mediummultiple choice
Read the full Ansible explanation →

An Ansible role has multiple dependencies defined in meta/main.yml. One of the dependent roles should be executed before the role's own tasks, but only if a certain condition is met. How can this be implemented?

Question 32hardmultiple choice
Read the full Ansible explanation →

A playbook uses 'delegate_to: localhost' for a task that modifies a local file. The playbook runs against multiple servers. The administrator notices that the local file is overwritten by each parallel execution, causing corruption. Which strategy should be used to prevent this?

Question 33hardmultiple choice
Read the full Ansible explanation →

An Ansible playbook uses 'async' and 'poll' to run a long-running task. The task returns a changed status and the playbook continues. However, the remote server reports that the task failed after the playbook finished. What is the most likely reason?

Question 34easymulti select
Read the full Ansible explanation →

An administrator wants to ensure that Ansible facts gathered from a host are consistent across multiple playbook runs. Which two actions can help achieve this? (Choose two.)

Question 35mediummulti select
Read the full Ansible explanation →

Which three of the following are valid methods to pass variables to an Ansible playbook at runtime? (Choose three.)

Question 36hardmulti select
Read the full Ansible explanation →

An Ansible playbook repeatedly uses the same pattern: check if a service is running, if not start it, and then verify it's running. Which three Ansible features can be used to reduce code duplication? (Choose three.)

Question 37easymultiple choice
Read the full Ansible explanation →

Refer to the exhibit. What is the purpose of the 'failed_when' condition?

Exhibit

- name: Check if package is installed
  command: rpm -q httpd
  register: result
  failed_when: result.rc != 0 and 'not installed' not in result.stderr
  changed_when: false
Question 38mediummultiple choice
Read the full Ansible explanation →

Refer to the exhibit. Which of the following is the most likely cause of this error?

Exhibit

TASK [Gathering Facts] *********************************************************
fatal: [server1]: FAILED! => {"msg": "Missing sudo password"}
Question 39hardmultiple choice
Read the full Ansible explanation →

Refer to the exhibit. A playbook targeting the 'webservers' group uses '{{ http_port }}'. What will be the value of 'http_port' on 'web2'?

Exhibit

[webservers]
web1 ansible_host=192.168.1.10 http_port=80
web2 ansible_host=192.168.1.11 http_port=8080

[webservers:vars]
http_port=80
Question 40easymultiple choice
Read the full Ansible explanation →

A developer reports that a role's behavior is not as expected. They set a variable in the playbook's vars section, but the role still uses the value from its vars/main.yml. Which of the following explains this issue?

Question 41mediummultiple choice
Read the full Ansible explanation →

An Ansible playbook uses async and poll to run a long-running task. The task reports 'async task did not complete within the requested time'. Which of the following is the most likely cause?

Question 42hardmultiple choice
Read the full Ansible explanation →

An Ansible playbook uses a rolling update strategy with serial: 1. After the first host is updated, the playbook stops and shows 'PLAY RECAP' with only one host. What is the most likely reason?

Question 43easymultiple choice
Read the full Ansible explanation →

An Ansible playbook contains many tasks. An administrator wants to run only a subset of tasks by passing '--tags ' at the command line. Which of the following must be added to the tasks?

Question 44mediummultiple choice
Read the full Ansible explanation →

A role contains a handler. The playbook includes the role and also defines a task that notifies the same handler. When the playbook runs, the handler executes only once. Which of the following best explains this behavior?

Question 45hardmultiple choice
Read the full Ansible explanation →

An Ansible playbook uses the 'constructed' inventory plugin with 'keyed_groups' to create groups based on 'ansible_distribution'. Despite correct configuration, hosts are not assigned to the expected groups. What is the most likely cause?

Question 46easymultiple choice
Read the full Ansible explanation →

An Ansible playbook uses a 'block' to group multiple tasks and includes a 'rescue' section. If a task inside the block fails, what will happen?

Question 47mediummultiple choice
Read the full Ansible explanation →

An Ansible playbook sets a variable with a dictionary value in the play's vars and also in group_vars/all. When the play runs, the dictionary in group_vars completely replaces the one in play vars. What is the most likely reason?

Question 48hardmultiple choice
Read the full Ansible explanation →

An Ansible playbook uses delegation to run a task on localhost while targeting remote hosts. The task fails with 'connection refused' for the remote host. What is the most likely cause?

Question 49mediummulti select
Read the full Ansible explanation →

Which TWO of the following are valid methods to include external variable files into an Ansible playbook?

Question 50mediummulti select
Read the full Ansible explanation →

Which THREE of the following are valid attributes of the ansible.builtin.service module?

Question 51hardmulti select
Read the full Ansible explanation →

Which TWO of the following are correct about Ansible Vault?

Question 52mediummultiple choice
Read the full Ansible explanation →

Refer to the exhibit. The playbook fails with this error. What is the most likely cause?

Exhibit

fatal: [web1]: FAILED! => {\n    "msg": "the field 'args' has an invalid value, which appears to include a variable that is undefined. The error was: 'ansible_os_family' is undefined"\n}
Question 53easymultiple choice
Read the full Ansible explanation →

Refer to the exhibit. An administrator wants to view the decrypted value of 'db_password' without modifying the file. Which command should be used?

Exhibit

db_password: !vault |\n  $ANSIBLE_VAULT;1.1;AES256\n  65633239636661303062643934383034656661653332313234363166666562356362336638613235\n  3631326331383333616565613737353565386336303231660a666538613337343366346639666337\n  65303334376432343533393338333335393763363034646161333966373730336163386639636335\n  3332376365323932610a323639303336316338616336366232333338353731333434613266306336\n  3766
Question 54hardmultiple choice
Read the full Ansible explanation →

Refer to the exhibit. An Ansible playbook targeting 'production' hosts fails with 'deploy_user is undefined'. What is the most likely cause?

Exhibit

[webservers]\nweb1\n\n[databases]\ndb1\n\n[production:children]\nwebservers\ndatabases\n\n[production:vars]\nansible_user=admin\n
Question 55easymultiple choice
Read the full Ansible explanation →

An Ansible playbook uses the lineinfile module to ensure a specific line is present in a configuration file. However, after running the playbook multiple times, the line is duplicated each time. Which option best explains this behavior?

Question 56easymultiple choice
Read the full Ansible explanation →

An automation engineer wants to run a playbook only on hosts that belong to both the 'webservers' group and the 'production' group. Which inventory grouping method achieves this?

Question 57easymultiple choice
Read the full Ansible explanation →

A playbook uses the copy module to deploy a configuration file. The file should be templated with variables, but the engineer mistakenly uses the 'src' parameter with a static file instead of 'content' or a template module. What is the most likely outcome?

Question 58mediummultiple choice
Read the full Ansible explanation →

An organization uses separate network hops that require different SSH usernames for different inventory groups. Which Ansible configuration approach ensures each group uses the correct SSH user without duplicating playbooks?

Question 59mediummultiple choice
Read the full Ansible explanation →

An Ansible role has tasks that need to run in a specific order, and some tasks must use a different shell interpreter. Which feature allows the role to control task execution order and environment settings?

Question 60mediummultiple choice
Read the full Ansible explanation →

A playbook uses a loop over a list of packages to ensure they are installed. However, the playbook runs slowly because each package is processed individually. Which optimization technique should be used to improve performance?

Question 61hardmultiple choice
Read the full Ansible explanation →

A system administrator uses the ansible-vault encrypt_string command to encrypt a sensitive variable. The variable is included in a playbook via a vars_prompt. When the playbook runs, the vault password is provided, but the playbook fails with 'Vault password is required for decryption' for the prompted variable. What is the most likely cause?

Question 62hardmultiple choice
Read the full Ansible explanation →

An Ansible Tower/AWX job template uses a custom inventory script that dynamically queries an API. The script returns JSON including groups and hosts. Recently, the API started returning HTTP 500 errors intermittently, causing inventory sync failures. Which Ansible approach can make the inventory source more resilient?

Question 63hardmultiple choice
Read the full Ansible explanation →

A playbook uses the 'win_chocolatey' module to install software on Windows hosts. The playbook is idempotent for most packages, but one package consistently fails with 'The package is already installed' error despite being reinstalled each run. Which approach ensures true idempotency?

Question 64easymulti select
Read the full Ansible explanation →

Which TWO statements about Ansible roles are correct?

Question 65mediummulti select
Read the full Ansible explanation →

Which TWO conditions are necessary for the 'local_action' directive to work as intended?

Question 66hardmulti select
Read the full Ansible explanation →

Which THREE factors are essential for achieving idempotent behavior in Ansible plays?

Question 67easymultiple choice
Read the full Ansible explanation →

Given the inventory above, which user will Ansible use when connecting to 'web2'?

Exhibit

Refer to the exhibit.

[webservers]
web1 ansible_host=10.1.1.1
web2 ansible_host=10.1.1.2

[webservers:vars]
ansible_user=deploy
ansible_port=2222

[dbservers]
db1 ansible_host=10.2.2.1

[dbservers:vars]
ansible_user=dbadmin
Question 68mediummultiple choice
Read the full Ansible explanation →

The playbook above fails with 'template source file not found' for the copy task. Which change should be made to fix it?

Exhibit

Refer to the exhibit.

- name: Deploy app
  hosts: app_servers
  gather_facts: no
  tasks:
    - name: Copy config
      copy:
        src: /templates/app.conf.j2
        dest: /etc/app.conf
        backup: yes
    - name: Ensure service is running
      service:
        name: app
        state: started
Question 69hardmultiple choice
Read the full Ansible explanation →

Given the command and error above, what is the most likely cause of the failure?

Network Topology
ansible-playbook site.yml -i productionvault-id vault@promptcheckdiffRefer to the exhibit.
Question 70easymultiple choice
Read the full Ansible explanation →

An administrator needs to securely store a database password used across multiple roles in a shared repository. Which approach is recommended?

Question 71mediummultiple choice
Read the full Ansible explanation →

A playbook uses import_playbook to include other playbooks. The main playbook is run with --check mode. Which statement is true?

Question 72hardmultiple choice
Read the full Ansible explanation →

A company uses dynamic inventory from a cloud provider. The playbook needs to run tasks only on instances with a specific tag. The ansible_ec2_tags variable is not available. What is the most efficient method to filter hosts?

Question 73easymultiple choice
Read the full Ansible explanation →

An organization has a set of common tasks used in many playbooks. The tasks are updated frequently. What is the most maintainable way to share them?

Question 74mediummultiple choice
Read the full Ansible explanation →

A playbook uses serial: 2 and sets any_errors_fatal: true. The first batch of 2 hosts both fail. What happens?

Question 75hardmultiple choice
Read the full Ansible explanation →

A playbook uses an Ansible collection that includes a custom module. The module's documentation is missing. What is the best way to locate the module's source code?

Question 76easymultiple choice
Read the full Ansible explanation →

An administrator wants to run a playbook with a different user for a specific host. Which variable should be set?

Question 77mediummultiple choice
Read the full Ansible explanation →

A playbook uses the 'block' and 'rescue' keywords. If a task in the block fails, but the rescue tasks also fail, what happens?

Question 78easymulti select
Read the full Ansible explanation →

Which two statements about Ansible roles are correct? (Select exactly 2.)

Question 79mediummulti select
Read the full Ansible explanation →

Which three methods can be used to pass variables to an Ansible playbook? (Select exactly 3.)

Question 80hardmulti select
Read the full Ansible explanation →

Which two statements about ansible-vault are true? (Select exactly 2.)

Question 81mediummultiple choice
Read the full Ansible explanation →

Refer to the exhibit. An Ansible playbook contains the following block structure. If the task inside the block fails, which of the following describes the execution order of the rescue and always sections?

Exhibit

Refer to the exhibit.
---
- name: example block
  block:
    - name: risky task
      command: /bin/false
  rescue:
    - name: rescue task
      debug:
        msg: "Rescued"
  always:
    - name: always task
      debug:
        msg: "Always runs"
Question 82hardmultiple choice
Read the full Ansible explanation →

A company has a large infrastructure with over 1000 servers. They run a playbook that configures NTP on all servers. The playbook takes over 30 minutes due to sequential execution. The team wants to reduce execution time. Which approach should they take?

Question 83mediummultiple choice
Read the full Ansible explanation →

A new technician runs a playbook that uses the yum module to install packages. The playbook fails with 'No package matching' for a custom package. The package is available on a third-party repository. Which step should the technician take?

Question 84easymultiple choice
Read the full Ansible explanation →

An administrator needs to apply a set of firewall rules to multiple servers. They have created a playbook that uses the firewalld module. When running the playbook, they receive 'ERROR! module not found: firewalld'. The control node has the module available locally. What is the most likely cause?

Question 85easymulti select
Read the full Ansible explanation →

A playbook must execute cleanup tasks after a block of tasks, both on success and failure. Which two of the following should be used within the block to achieve this?

Question 86mediummultiple choice
Read the full Ansible explanation →

An organization uses Ansible to manage an AWS EC2 environment. The Ansible control node runs on a Linux server, and the team uses a dynamic inventory script (ec2.py) to automatically populate hosts. Recently, they need to run a playbook only against EC2 instances that have a specific tag, 'Environment', set to 'production'. The team has placed the ec2.ini configuration file in the same directory as the inventory script. However, when they run the playbook with '-i ec2.py', the playbook runs against all instances instead of only production ones. The team verifies that the tag exists on the correct instances and that the environment variable AWS_PROFILE is set correctly. Which action should resolve the issue?

Question 87mediummultiple choice
Read the full Ansible explanation →

A DevOps team is developing a collection of Ansible roles to standardize web server deployments. One role, 'webserver-base', configures the firewall and installs common packages. Another role, 'webserver-app', depends on 'webserver-base' and adds application-specific configurations. The team wants to ensure that when 'webserver-app' is applied to a host, 'webserver-base' is automatically applied first. They currently have a 'meta/main.yml' file in 'webserver-app' that lists 'webserver-base' as a dependency. However, when they run a playbook that includes 'webserver-app' in a role list, they notice that 'webserver-base' runs after 'webserver-app' sometimes, causing configuration conflicts. They verify that the dependency is correctly defined and that no other roles are involved. What change should they make to ensure 'webserver-base' always runs before 'webserver-app'?

Question 88hardmultiple choice
Read the full Ansible explanation →

An organization uses Ansible Tower to manage automation across different teams. One team has a job template that uses a custom Python virtual environment located at '/opt/custom_venv' to run a playbook that uses the 'docker_container' module from the 'community.docker' collection. The playbook runs successfully from the command line when using the '--ask-become-pass' option and the virtual environment activated. However, when the team runs the same playbook via the Ansible Tower job template, it fails with an error indicating that the 'docker_container' module is not found. The job template is configured to use the custom virtual environment under the 'CUSTOM VIRTUAL ENVIRONMENT' setting. The team confirms that the virtual environment has the collection installed (verified by running 'ansible-galaxy collection list' inside the venv). What is the most likely cause of the failure?

Question 89hardmultiple choice
Read the full Ansible explanation →

A company uses Ansible Vault to encrypt sensitive data in playbooks. They have multiple environments (dev, test, prod) and use a separate vault password file for each environment. The passwords are stored in files named 'vault-pass-dev', 'vault-pass-test', and 'vault-pass-prod'. To run a playbook against the test environment, they use the command 'ansible-playbook site.yml -i test -e @test-vars.yml --vault-id test@vault-pass-test'. This runs successfully from the command line. However, when they define the same vault-id in an Ansible Tower credential and attempt to run the job, the job fails with 'ERROR! Decryption failed (no vault secrets would be found that could decrypt the vault encrypted file)' for a vault-encrypted variable file that was encrypted with a different vault ID (e.g., 'dev'). The team expects that Tower would use the provided vault credential to decrypt all vault-encrypted files. Which change should be made to ensure correct decryption in Tower?

Question 90hardmultiple choice
Read the full Ansible explanation →

Refer to the exhibit. When running the playbook with the limit set to 'webservers', why does the playbook fail on web2?

Network Topology
# ansible-inventory -i inventory.inilist"all": {"hosts": ["web1", "web2"],"vars": {"ansible_user": "admin"},"webservers": {"hosts": ["web1"],"http_port": 80PLAY [Configure webservers] ***************************************************TASK [Gathering Facts] *********************************************************
Question 91hardmultiple choice
Read the full Ansible explanation →

Refer to the exhibit. After the playbook run fails on the 'Verify config' task, what happens to the 'restart service' handler?

Exhibit

# cat tasks/main.yml
- name: Create config
  template:
    src: config.j2
    dest: /etc/config.cfg
  notify: restart service

- name: Verify config
  command: /usr/local/bin/validate /etc/config.cfg
  changed_when: false

# cat handlers/main.yml
- name: restart service
  service:
    name: myapp
    state: restarted

# ansible-playbook site.yml
PLAY [all] *********************************************************************
TASK [Create config] ***********************************************************
changed: [host1]
TASK [Verify config] ***********************************************************
fatal: [host1]: FAILED! => {"changed": false, "msg": "Validation failed", "rc": 1}
Question 92hardmultiple choice
Read the full Ansible explanation →

Refer to the exhibit. The playbook copies all .conf files from the control node to host1. If the playbook runs again on the same host without any changes, which task status is expected?

Exhibit

# ansible-doc -t lookup fileglob
> FILEGLOB    (/usr/lib/python3.9/site-packages/ansible/plugins/lookup/fileglob.py)

# cat lookup_usage.yml
- name: Copy config files
  copy:
    src: "{{ item }}"
    dest: /etc/app/
  with_fileglob:
    - "/tmp/configs/*.conf"

# ls /tmp/configs/
server1.conf  server2.conf  server3.conf  server4.conf

# ansible-playbook lookup_usage.yml -l host1
TASK [Copy config files] *******************************************************
ok: [host1] => (item=/tmp/configs/server1.conf)
ok: [host1] => (item=/tmp/configs/server2.conf)
ok: [host1] => (item=/tmp/configs/server3.conf)
ok: [host1] => (item=/tmp/configs/server4.conf)
Question 93hardmultiple choice
Read the full Ansible explanation →

Refer to the exhibit. The playbook fails because the httpd package is not found. Which is the most likely cause?

Network Topology
# ansible-playbook playbooks/deploy.ymlsyntax-check# cat ansible.cfg[defaults]host_key_checking = Falseinventory = inventory.ini# cat roles/webserver/tasks/main.yml- name: Install httpdyum:name: httpdstate: present- name: Start httpdservice:state: startedenabled: yes# cat playbooks/deploy.yml- hosts: webserversroles:- webserverplaybook: playbooks/deploy.ymlPLAY [webservers] **************************************************************TASK [Gathering Facts] *********************************************************ok: [web1]
Question 94hardmultiple choice
Read the full Ansible explanation →

Refer to the exhibit. The playbook fails with an error about the package list. What is the issue?

Exhibit

# cat vars.yml
---
packages:
  - httpd
  - mariadb-server
  - php

# cat playbook.yml
- hosts: all
  vars_files:
    - vars.yml
  tasks:
    - name: Install packages
      yum:
        name: "{{ packages }}"
        state: present
      become: yes

# ansible-playbook playbook.yml

PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [server1]
TASK [Install packages] ********************************************************
fatal: [server1]: FAILED! => {"changed": false, "msg": "This module requires a list of package names or a comma-separated string.", "results": []}

Practice tests

Scored 10-question sessions with instant feedback and explanations.

EX294 Practice Test 1 — 10 Questions→EX294 Practice Test 2 — 10 Questions→EX294 Practice Test 3 — 10 Questions→EX294 Practice Test 4 — 10 Questions→EX294 Practice Test 5 — 10 Questions→EX294 Practice Exam 1 — 20 Questions→EX294 Practice Exam 2 — 20 Questions→EX294 Practice Exam 3 — 20 Questions→EX294 Practice Exam 4 — 20 Questions→Free EX294 Practice Test 1 — 30 Questions→Free EX294 Practice Test 2 — 30 Questions→Free EX294 Practice Test 3 — 30 Questions→EX294 Practice Questions 1 — 50 Questions→EX294 Practice Questions 2 — 50 Questions→EX294 Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Deploy Ansible Automation PlatformManage inventories and credentialsManage task execution and rolesCoordinate rolling updatesTransform data with filters and pluginsCreate content collections and execution environmentsImplement advanced Ansible automationManage automation security and operations

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Implement advanced Ansible automation setsAll Implement advanced Ansible automation questionsEX294 Practice Hub