CCNA Cloud Native Architecture Questions

20 of 170 questions · Page 3/3 · Cloud Native Architecture · Answers revealed

151
MCQmedium

The exhibit shows a Deployment manifest for a frontend service. After deployment, the pods are running but the service reports that no endpoints are available. What is the most likely cause?

A.The readiness probe periodSeconds is too short, causing the probe to overload the container.
B.The readiness probe is checking /ready which is not returning a 200 OK response.
C.The container image nginx:1.21 does not have the /healthz endpoint.
D.The liveness probe is failing, causing the pod to be restarted.
AnswerB

If the readiness probe fails, the pod is not considered ready and is removed from service endpoints.

Why this answer

The service reports no endpoints because the readiness probe is failing. A readiness probe determines whether a pod should receive traffic; if it does not return a 200 OK on the configured path (/ready), the pod is removed from the service’s endpoint list. Since the pods are running (liveness probe passes), the most likely cause is that the /ready endpoint is not serving a successful response.

Exam trap

CNCF often tests the distinction between readiness and liveness probes: candidates confuse a failing liveness probe (which restarts pods) with a failing readiness probe (which removes traffic but keeps the pod running).

How to eliminate wrong answers

Option A is wrong because a short periodSeconds does not cause the probe to overload the container; it merely increases the frequency of checks, and the symptom would be high CPU usage, not missing endpoints. Option C is wrong because the readiness probe is checking /ready, not /healthz; the absence of /healthz is irrelevant unless that path is configured. Option D is wrong because a failing liveness probe would restart the pod, but the pods are running, so the liveness probe is passing.

152
MCQmedium

Which component of an API gateway pattern is responsible for routing requests to the appropriate microservice based on the request path?

A.API Gateway
B.Load balancer
C.Service registry
D.Sidecar proxy
AnswerA

The API gateway routes, enforces policies, and aggregates responses.

Why this answer

The API gateway acts as a reverse proxy and routes requests to the correct backend service.

153
Multi-Selectmedium

Which TWO of the following are principles of the 12-factor app methodology? (Choose two.)

Select 2 answers
A.Perform manual deployment to avoid automation errors
B.Maximize robustness through stateful sessions
C.Ensure fast startup and graceful shutdown (disposability)
D.Build monolithic applications for simplicity
E.Store configuration in environment variables
AnswersC, E

This is the 'Disposability' factor.

Why this answer

The 12-factor app includes 'Config' (store config in environment variables) and 'Disposability' (start fast and shut down gracefully). 'Monolithic architecture' is not a principle; 12-factor encourages microservices. 'Stateful sessions' are discouraged; apps should be stateless. 'Manual deployment' is not a principle; CI/CD is recommended.

154
MCQhard

Which of the following is a key difference between a service mesh and an API gateway?

A.Service mesh is only used in multi-cloud environments, while API gateway is for single-cloud
B.Service mesh manages east-west traffic between services, while API gateway manages north-south traffic from external clients
C.Service mesh provides authentication and authorization, while API gateway does not
D.Service mesh handles north-south traffic, while API gateway handles east-west traffic
AnswerB

This correctly describes the primary traffic direction each handles.

Why this answer

Service mesh focuses on internal service-to-service communication within the cluster, while API gateway handles external traffic entering the cluster (north-south traffic). Both can perform traffic management, but their scopes differ.

155
MCQmedium

A developer wants to deploy a function that reacts to image upload events in a cloud storage bucket. The function should scale to zero when idle. Which architecture best fits this use case?

A.Use a long-running virtual machine to process events
B.Deploy a container on Kubernetes with HorizontalPodAutoscaler set to minReplicas 0
C.Implement a serverless function using a FaaS platform like AWS Lambda
D.Use a Kubernetes Job triggered by a CronJob
AnswerC

FaaS platforms are event-driven and automatically scale to zero when idle.

Why this answer

FaaS (Function-as-a-Service) platforms like AWS Lambda are event-driven and can scale to zero when idle, making them ideal for sporadic event-triggered workloads.

156
MCQeasy

Which of the following is a benefit of using a service mesh?

A.It eliminates the need for Kubernetes
B.It provides persistent storage for stateful applications
C.It provides observability and traffic management
D.It reduces the number of microservices needed
AnswerC

These are primary benefits.

Why this answer

A service mesh provides observability, traffic management, and security (mTLS) without changing application code. It does not reduce the number of microservices, replace Kubernetes, or provide storage.

157
MCQhard

Which of the following best describes the GitOps pattern?

A.Imperative commands applied to the cluster and tracked in Git
B.Using Git as a backup for Kubernetes manifests
C.Using Git hooks to trigger CI/CD pipelines
D.Declarative configuration stored in Git, with automated deployment via a controller
AnswerD

GitOps relies on a Git repository and an operator like ArgoCD.

Why this answer

Option D is correct because GitOps is a pattern where the entire system's desired state is declared in a Git repository, and an automated controller (such as Argo CD or Flux) continuously reconciles the live cluster state with that declarative configuration. This ensures that Git is the single source of truth, and any drift from the declared state is automatically corrected without manual intervention.

Exam trap

CNCF often tests the misconception that GitOps is simply about storing YAML files in Git or using Git as a trigger for CI/CD, when the defining characteristic is the automated reconciliation loop that enforces the desired state from Git.

How to eliminate wrong answers

Option A is wrong because GitOps relies on declarative configuration, not imperative commands; imperative commands (like kubectl run) are applied directly and are not idempotent or easily reconciled, violating the core GitOps principle of desired state stored in Git. Option B is wrong because Git is not used merely as a backup; it is the single source of truth for the desired state, and the controller actively enforces that state, not just stores copies. Option C is wrong because Git hooks are external triggers for CI/CD pipelines, but GitOps uses a pull-based model where the controller inside the cluster watches the Git repository for changes, not a push-based pipeline triggered by hooks.

158
Multi-Selecteasy

Which TWO of the following are benefits of using a multi-cloud strategy? (Select TWO.)

Select 2 answers
A.Reduced network latency
B.Improved resilience and disaster recovery
C.Avoiding vendor lock-in
D.Simplified compliance
E.Increased vendor lock-in
AnswersB, C

If one cloud fails, workloads can run on another.

Why this answer

Option B is correct because a multi-cloud strategy distributes workloads across multiple cloud providers, so if one provider experiences an outage, applications can failover to another provider, improving overall resilience and disaster recovery. Option C is correct because using multiple cloud providers prevents dependency on a single vendor's proprietary services, avoiding vendor lock-in and giving you leverage for pricing and feature negotiations.

Exam trap

The trap here is that candidates confuse multi-cloud with hybrid cloud, assuming multi-cloud automatically improves latency or simplifies compliance, when in fact multi-cloud often increases complexity in both areas.

159
MCQeasy

Which tool is used to manage infrastructure as code and can provision resources across multiple cloud providers?

A.Helm
B.Terraform
C.Ansible
D.AWS CloudFormation
AnswerB

Terraform supports multiple providers.

Why this answer

Terraform is the correct tool because it is an open-source infrastructure as code (IaC) software tool by HashiCorp that uses declarative configuration files (HCL) to provision and manage resources across multiple cloud providers (AWS, Azure, GCP, etc.) via provider plugins. Unlike single-cloud tools, Terraform's provider architecture allows it to manage heterogeneous environments consistently, making it the standard multi-cloud IaC solution.

Exam trap

CNCF often tests the distinction between configuration management tools (Ansible) and infrastructure provisioning tools (Terraform), leading candidates to pick Ansible because they associate 'automation' with infrastructure, but Ansible lacks native multi-cloud resource lifecycle management and state tracking.

How to eliminate wrong answers

Option A is wrong because Helm is a package manager for Kubernetes that deploys and manages applications on Kubernetes clusters using charts, not a tool for provisioning infrastructure across multiple cloud providers. Option C is wrong because Ansible is primarily a configuration management and automation tool that uses procedural playbooks (YAML) and agentless SSH/PowerShell connections, but it is not designed as a declarative IaC tool for multi-cloud resource provisioning; it focuses on state enforcement on existing servers rather than resource lifecycle management. Option D is wrong because AWS CloudFormation is a native AWS service that provisions resources only within the AWS ecosystem using JSON/YAML templates, and it cannot manage resources across other cloud providers like Azure or GCP.

160
MCQmedium

A company is adopting a multi-cloud strategy to avoid vendor lock-in. Which pattern BEST supports deploying applications across different cloud providers with minimal changes?

A.Use a hybrid cloud approach with a single cloud for all workloads
B.Deploy applications using Kubernetes on each cloud
C.Use each cloud provider's native services directly
D.Write application code that checks the cloud provider and adapts
AnswerB

Kubernetes provides a portable platform that abstracts underlying infrastructure differences.

Why this answer

Using Kubernetes as a consistent abstraction layer allows applications to run across different cloud providers with minimal modifications since it uses a common API and container orchestration. Cloud-specific APIs would lock you in, and hybrid cloud typically refers to mixing public and private cloud, not necessarily multi-cloud.

161
MCQhard

A team wants to deploy a workload that must run on every node in a Kubernetes cluster, including new nodes added later. Which resource type should they use?

A.Deployment
B.Job
C.DaemonSet
D.StatefulSet
AnswerC

DaemonSet runs a pod on every node in the cluster.

Why this answer

A DaemonSet ensures that a copy of the pod runs on every node, and automatically runs on new nodes when they are added.

162
MCQhard

A team is building a serverless application using Knative. They want the application to scale to zero when idle. Which Knative resource type should they use?

A.Knative Serving
B.Knative Trigger
C.Knative Build
D.Knative Eventing
AnswerA

Serving provides scale-to-zero capability.

Why this answer

Knative Serving manages serverless workloads and supports automatic scaling to zero when no requests are incoming.

163
MCQeasy

Which of the following is a primary goal of the Cloud Native Computing Foundation (CNCF)?

A.To develop the Kubernetes container orchestration platform
B.To host proprietary cloud-native solutions
C.To foster and sustain the cloud-native ecosystem of open source projects
D.To provide commercial support for Kubernetes
AnswerC

This aligns with CNCF's mission statement.

Why this answer

The CNCF's mission is to make cloud-native computing ubiquitous by fostering and sustaining an ecosystem of open source projects. Options A and B are incorrect because CNCF does not provide commercial support or host proprietary solutions. Option D describes a specific project goal, not the foundation's overarching purpose.

164
Multi-Selectmedium

Which TWO of the following are core principles of cloud native architecture? (Choose two.)

Select 2 answers
A.Manual infrastructure provisioning
B.Monolithic application design
C.Tight coupling between services
D.Containerization
E.Microservices
AnswersD, E

Containers provide lightweight, consistent environments.

Why this answer

Containerization (Option D) is a core principle of cloud native architecture because it packages applications and their dependencies into isolated, lightweight containers, enabling consistent deployment across environments and efficient resource utilization. This aligns with the cloud native goal of portability and scalability, as containers can be orchestrated by platforms like Kubernetes to manage dynamic workloads.

Exam trap

CNCF often tests the misconception that cloud native architecture requires a specific technology like Kubernetes or Docker, but the core principles are about architectural patterns (e.g., microservices, containerization) rather than any single tool, so candidates may incorrectly select options that describe operational practices (like manual provisioning) instead of architectural principles.

165
MCQmedium

Which component in a service mesh is responsible for collecting telemetry data and enforcing traffic policies?

A.Control plane
B.Sidecar proxy (data plane)
C.Certificate authority
D.Service mesh ingress gateway
AnswerB

The sidecar proxy is part of the data plane and performs these functions.

Why this answer

The sidecar proxy (often Envoy) intercepts all traffic and collects metrics, traces, and logs, and also enforces traffic management rules.

166
MCQeasy

Which of the following is a core principle of cloud native architecture as defined by the CNCF?

A.Monolithic design
B.Microservices
C.Single point of failure
D.Manual scaling
AnswerB

Why this answer

Microservices are one of the key architectural principles of cloud native applications.

167
MCQmedium

Which of the following best describes the 12-factor app methodology's approach to configuration?

A.Configuration is hardcoded in the application code
B.Configuration is stored in environment variables
C.Configuration is stored in a database and accessed at runtime
D.Configuration is managed by a configuration server
AnswerB

12-factor apps store config in environment variables for ease of change across deployments.

Why this answer

The 12-factor app methodology states that configuration should be stored in environment variables to separate config from code.

168
Multi-Selecteasy

Which THREE of the following are benefits of using a service mesh in a cloud native architecture?

Select 3 answers
A.Management of application state across services
B.Traffic management capabilities like canary deployments
C.Reduction of container image sizes
D.Improved security through mutual TLS encryption
E.Enhanced observability with metrics and tracing
AnswersB, D, E

Service mesh enables advanced traffic routing and canary releases.

Why this answer

Options A, B, and C are correct. Service mesh provides observability (e.g., metrics, tracing), traffic management (e.g., routing, load balancing), and security (e.g., mTLS). Option D (reducing container image size) is not a benefit of service mesh.

Option E (managing application state) is not a service mesh function; state management is handled by other tools.

169
Multi-Selectmedium

Which TWO of the following are common characteristics of serverless computing? (Choose two.)

Select 2 answers
A.Auto-scaling to zero when idle
B.Event-driven execution
C.Manual scaling based on predicted load
D.Always-on dedicated servers
E.Long-running stateful processes
AnswersA, B

Idle functions consume no resources.

Why this answer

Event-driven execution and auto-scaling to zero are key serverless characteristics.

170
MCQeasy

Which of the following best describes the purpose of the CNCF (Cloud Native Computing Foundation)?

A.To host and foster open source cloud native projects and promote cloud native technologies
B.To standardize cloud APIs across all public cloud providers
C.To provide certification programs and best practices for cloud native computing
D.To develop and maintain a single cloud native technology stack
AnswerA

The CNCF is a vendor-neutral home for many cloud native projects, fostering their growth and adoption.

Why this answer

The CNCF is a vendor-neutral foundation that hosts and fosters cloud native projects like Kubernetes, Prometheus, and Envoy, promoting cloud native technologies and practices.

← PreviousPage 3 of 3 · 170 questions total

Ready to test yourself?

Try a timed practice session using only Cloud Native Architecture questions.