KCNA · topic practice

Cloud Native Observability practice questions

Practise KCNA NAT and PAT questions covering address translation types, inside/outside interface roles, static vs dynamic vs PAT, and troubleshooting missing or incorrect translations.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
20 questionsDomain: Cloud Native Observability

What the exam tests

What to know about Cloud Native Observability

Cloud concepts questions usually test the service model (IaaS/PaaS/SaaS) and deployment model (public/private/hybrid/community) appropriate for a given scenario.

IaaS, PaaS and SaaS responsibilities and examples.

Public, private, hybrid and community cloud deployment models.

On-premises vs cloud trade-offs: cost, control, scalability.

How cloud connectivity options (VPN, Direct Connect, ExpressRoute) work.

Why learners struggle

Why Cloud Native Observability questions are commonly missed

NAT questions are missed when learners confuse the four address types (inside local, inside global, outside local, outside global) or misapply the interface direction. A translation rule can look correct but still fail if the ACL, interface, or direction is wrong.

  • ·Inside local vs inside global — inside local is the private source, inside global is the translated public address
  • ·PAT overloads — many sources share one public IP using unique port numbers
  • ·Interface direction — ip nat inside and ip nat outside must be on the correct interfaces
  • ·Static NAT vs dynamic NAT vs PAT — each serves a different use case
  • ·The NAT ACL identifies traffic to translate, not traffic to permit or deny
  • ·A missing translation can look like a routing problem if the interfaces are misconfigured

Watch out for

Common Cloud Native Observability exam traps

  • IaaS gives you infrastructure control; SaaS gives you only the application.
  • Hybrid cloud combines on-premises and public cloud — not two public clouds.
  • Cloud does not automatically mean cheaper or more secure.
  • Management responsibility shifts with each service model (IaaSPaaSSaaS).

Practice set

Cloud Native Observability questions

20 questions · select your answer, then reveal the explanation

Question 1mediummultiple choice
Read the full NAT/PAT explanation →

A DevOps team notices that a microservice is returning 503 errors intermittently. The service runs in Kubernetes and uses a liveness probe. The team wants to understand the root cause without restarting the pod. Which observability approach should they use first?

Question 2hardmultiple choice
Read the full NAT/PAT explanation →

A platform team is designing a monitoring strategy for a multi-tenant Kubernetes cluster. Each tenant runs workloads in separate namespaces. The team needs to ensure tenant isolation while providing aggregated cluster-wide dashboards. Which approach best meets these requirements?

Question 3easymultiple choice
Read the full NAT/PAT explanation →

A Kubernetes administrator is troubleshooting a pod that is stuck in CrashLoopBackOff. The pod's restart count is increasing. Which initial step should the administrator take to diagnose the issue?

Question 4mediummultiple choice
Read the full NAT/PAT explanation →

An organization uses Prometheus and Grafana for monitoring. They want to alert when the 99th percentile of request latency exceeds 500ms for more than 5 minutes. Which PromQL query should they use in the alert rule?

Question 5hardmulti select
Read the full NAT/PAT explanation →

Which TWO of the following are best practices for structuring log output in cloud-native applications to maximize observability?

Question 6mediummulti select
Read the full NAT/PAT explanation →

Which THREE of the following are valid use cases for distributed tracing in a microservices architecture?

Question 7hardmultiple choice
Read the full NAT/PAT explanation →

A company runs a Kubernetes cluster with 50 worker nodes, each hosting multiple microservices. They use Prometheus for metrics collection and Grafana for dashboards. Recently, the Prometheus server has been experiencing out-of-memory (OOM) kills during peak hours, causing gaps in metric collection. The cluster has a dedicated monitoring namespace. The team has already increased the Prometheus pod's memory limits to 8GB, but OOMs still occur. The metrics retention is set to 15 days. The cardinality of certain metrics (e.g., HTTP request labels with user IDs) is very high. The team needs to resolve the OOM issue without losing critical alerting capability for at least the last 7 days of data. Which action should they take first?

Question 8mediummultiple choice
Read the full NAT/PAT explanation →

A company deploys a microservice application on Kubernetes. They notice that one of the services is returning 5xx errors intermittently. Which observability tool should they use to correlate the errors with resource usage across all pods of that service?

Question 9hardmultiple choice
Read the full NAT/PAT explanation →

A platform team wants to implement observability for a Kubernetes cluster running 500+ microservices. They need to reduce the cost of storing logs while retaining the ability to search for specific error patterns. Which strategy best achieves this?

Question 10easymultiple choice
Read the full NAT/PAT explanation →

A developer wants to monitor the health of a Kubernetes deployment by checking if the number of ready replicas matches the desired replicas. Which metric from kube-state-metrics should they query?

Question 11mediummulti select
Read the full NAT/PAT explanation →

Which TWO of the following are best practices for implementing observability in a cloud-native environment?

Question 12hardmultiple choice
Read the full NAT/PAT explanation →

You are an SRE managing a Kubernetes cluster with 200 nodes and 10,000 pods. The cluster runs a critical payment processing application. Users report that transactions are occasionally failing with a 'timeout' error. You have Prometheus and Grafana set up for monitoring, and you use Fluentd with Elasticsearch for logging. You notice that during peak hours, the CPU usage of the payment service pods spikes to 90%, but memory usage remains stable. The pod restart count is low. You also see that the response time of the payment service increases significantly during these spikes. You need to identify the root cause and propose a fix. Which course of action is most appropriate?

Question 13mediummultiple choice
Read the full NAT/PAT explanation →

A company is running a microservices application on a Kubernetes cluster. They have noticed that one of the services, 'payment-api', is experiencing intermittent high latency. The team wants to identify the root cause without modifying the application code. Which approach should they take?

Question 14hardmulti select
Read the full NAT/PAT explanation →

Which TWO of the following are recommended practices for achieving observability in a Kubernetes cluster?

Question 15mediumdrag order
Read the full NAT/PAT explanation →

Drag and drop the steps to perform a backup of etcd in a Kubernetes cluster into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5
Question 16mediummatching
Read the full NAT/PAT explanation →

Match each Kubernetes security concept to its definition.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Identity for processes running in a pod

Role-based access control to authorize API requests

Specifies how groups of pods are allowed to communicate

Deprecated but formerly controlled security-sensitive pod settings

Stores sensitive data like passwords and tokens

Question 17mediummultiple choice
Read the full NAT/PAT explanation →

Which of the following is a core component of the three pillars of observability?

Question 18easymultiple choice
Read the full NAT/PAT explanation →

What is the primary purpose of Prometheus in cloud native observability?

Question 19mediummultiple choice
Read the full NAT/PAT explanation →

Which command retrieves logs from a specific container named 'sidecar' in a multi-container pod?

In OpenTelemetry, what is the purpose of the Collector component?

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused Cloud Native Observability sessions

Start a Cloud Native Observability only practice session

Every question in these sessions is drawn from the Cloud Native Observability domain — nothing else.

Related practice questions

Related KCNA topic practice pages

Move into related areas when this topic feels solid.

Frequently asked questions

What does the KCNA exam test about Cloud Native Observability?
Cloud concepts questions usually test the service model (IaaS/PaaS/SaaS) and deployment model (public/private/hybrid/community) appropriate for a given scenario.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just Cloud Native Observability questions in a focused session?
Yes — the session launcher on this page draws every question from the Cloud Native Observability domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other KCNA topics?
Use the topic links above to move to related areas, or go back to the KCNA question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the KCNA exam covers. They are not copied from any real exam or dump site.