最新の無料Terraform-Associate-003効率的問題集をダウンロード2025年02月14日更新された195問がある
HashiCorp Terraform-Associate-003試験練習テスト解答
HashiCorp Terraform-Associate-003 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
質問 # 113
Infrastructure as Code (laC) can be stored in a version control system along with application code.
- A. False
- B. True
正解:B
解説:
Infrastructure as Code (IaC) can indeed be stored in a version control system along with application code. This practice is a fundamental principle of modern infrastructure management, allowing teams to apply software development practices like versioning, peer review, and CI/CD to infrastructure management. Storing IaC configurations in version control facilitates collaboration, history tracking, and change management.References= While this concept is a foundational aspect of IaC and is widely accepted in the industry, direct references from the HashiCorp Terraform Associate (003) study materials were not found in the provided files. However, this practice is encouraged in Terraform's best practices and various HashiCorp learning resources.
質問 # 114
When do you need to explicitly execute Terraform in refresh-only mode?
- A. None of the above.
- B. Before every terraform plan.
- C. Before every terraform apply.
- D. Before every terraform import.
正解:D
解説:
Purpose of Refresh-Only Mode: Running Terraform in refresh-only mode updates Terraform's state file with the current state of resources in your infrastructure without making changes to the resources themselves.
Context of Terraform Import: When using terraform import, you're adding existing resources to the state file, and running Terraform in refresh-only mode before this operation can ensure that any initial configuration syncs precisely with the actual state.
For more on refresh-only mode in relation to terraform import, refer to Terraform's import documentation.
質問 # 115
Which option cannot be used to keep secrets out of Terraform configuration files?
- A. A Terraform provider
- B. A -var flag
- C. secure string
- D. Environment variables
正解:C
解説:
A secure string is not a valid option to keep secrets out of Terraform configuration files. A secure string is a feature of AWS Systems Manager Parameter Store that allows you to store sensitive data encrypted with a KMS key. However, Terraform does not support secure strings natively and requires a custom data source to retrieve them. The other options are valid ways to keep secrets out of Terraform configuration files. A Terraform provider can expose secrets as data sources that can be referenced in the configuration.
Environment variables can be used to set values for input variables that contain secrets. A -var flag can be used to pass values for input variables that contain secrets from the command line or a file. References =
[AWS Systems Manager Parameter Store], [Terraform AWS Provider Issue #55], [Terraform Providers],
[Terraform Input Variables]
質問 # 116
What does Terraform not reference when running a terraform apply -refresh-only ?
- A. Terraform resource definitions in configuration files
- B. State file
- C. Credentials
- D. Cloud provider
正解:A
解説:
Explanation
When running a terraform apply -refresh-only, Terraform does not reference the configuration files, but only the state file, credentials, and cloud provider. The purpose of this command is to update the state file with the current status of the real resources, without making any changes to them1.
質問 # 117
If a module declares a variable with a default, that variable must also be defined within the module.
- A. True
- B. False
正解:B
解説:
A module can declare a variable with a default value without requiring the caller to define it. This allows the module to provide a sensible default behavior that can be customized by the caller if needed. References =
[Module Variables]
質問 # 118
Which of these are benefits of using Sentinel with HCP Terraform/Terraform Cloud? (Pick the 3 correct responses)
- A. You can enforce a list of approved AWS AMIs.
- B. Policy-as-code can enforce security best practices.
- C. You can check out and check in cloud access keys.
- D. Sentinel Policies can be written in HashiCorp Configuration Language (HCL).
正解:A、B、C
解説:
Sentinel is a policy-as-code framework that integrates with Terraform Cloud to enforce security, compliance, and governance rules. You can enforce rules such as approved AMIs and ensure security best practices. Policies are written in the Sentinel language, not HCL.
References:
Sentinel Policies
質問 # 119
You should run terraform fnt to rewrite all Terraform configurations within the current working directory to conform to Terraform-style conventions.
- A. False
- B. True
正解:B
解説:
You should run terraform fmt to rewrite all Terraform configurations within the current working directory to conform to Terraform-style conventions. This command applies a subset of the Terraform language style conventions, along with other minor adjustments for readability. It is recommended to use this command to ensure consistency of style across different Terraform codebases. The command is optional, opinionated, and has no customization options, but it can help you and your team understand the code more quickly and easily.
References = : Command: fmt : Using Terraform fmt Command to Format Your Terraform Code
質問 # 120
_______backends support state locking.
- A. All
- B. Only local
- C. No
- D. Some
正解:D
解説:
Explanation
Some backends support state locking, which prevents other users from modifying the state file while a Terraform operation is in progress. This prevents conflicts and data loss. Not all backends support this feature, and you can check the documentation for each backend type to see if it does.
質問 # 121
You've used Terraform to deploy a virtual machine and a database. You want to replace this virtual machine instance with an identical one without affecting the database. What is the best way to achieve this using Terraform?
- A. Use the terraform state rm command to remove the VM from state file
- B. Delete the Terraform VM resources from your Terraform code then run terraform plan and terraform apply
- C. Use the terraform apply command targeting the VM resources only
- D. Use the terraform taint command targeting the VMs then run terraform plan and terraform apply
正解:D
解説:
Explanation
The terraform taint command marks a resource as tainted, which means it will be destroyed and recreated on the next apply. This way, you can replace the VM instance without affecting the database or other resources. References = [Terraform Taint]
質問 # 122
What feature stops multiple users from operating on the Terraform state at the same time?
- A. Version control
- B. Remote backends
- C. State locking
- D. Provider constraints
正解:C
解説:
Explanation
State locking prevents other users from modifying the state file while a Terraform operation is in progress. This prevents conflicts and data loss1.
質問 # 123
You are writing a child Terraform module that provisions an AWS instance. You want to reference the IP address returned by the child module in the root configuration. You name the instance resource "main'.
Which of these is the correct way to define the output value?
- A.

- B.

- C.

- D.

正解:A
質問 # 124
You used Terraform to create an ephemeral development environment in the cloud and are now ready to destroy all the infrastructure described by your Terraform configuration. To be safe, you would like to first see all the infrastructure that Terraform will delete.
Which command should you use to show all the resources that will be deleted? (Pick the 2 correct responses)
- A. Run terraform destroy. This will output all the resources that will be deleted before prompting for approval.
- B. Run terraform state rm *.
- C. Run terraform show -destroy.
正解:A、C
解説:
Running terraform destroy will show all resources that will be deleted before prompting for approval. You can also run terraform plan -destroy to simulate the destruction without actually applying it, which is useful for reviewing the planned changes.
References:
Terraform Destroy
質問 # 125
A terraform apply can not _________ infrastructure.
- A. destroy
- B. change
- C. provision
- D. import
正解:D
解説:
The terraform import command is used to import existing infrastructure into Terraform's state. This allows Terraform to manage and destroy the imported infrastructure as part of the configuration. The terraform import command does not modify the configuration, so the imported resources must be manually added to the configuration after the import. Reference = [Importing Infrastructure]
質問 # 126
Which provider authentication method prevents credentials from being stored in the state file?
- A. Using environment variables
- B. Specifying the login credentials in the provider block
- C. Setting credentials as Terraform variables
- D. None of the above
正解:D
解説:
None of the above methods prevent credentials from being stored in the state file. Terraform stores the provider configuration in the state file, which may include sensitive information such as credentials. This is a potential security risk and should be avoided if possible. To prevent credentials from being stored in the state file, you can use one of the following methods:
* Use environment variables to pass credentials to the provider. This way, the credentials are not part of the provider configuration and are not stored in the state file. However, this method may not work for some providers that require credentials to be set in the provider block.
* Use dynamic credentials to authenticate with your cloud provider. This way, Terraform Cloud or Enterprise will request temporary credentials from your cloud provider for each run and use them to provision your resources. The credentials are not stored in the statefile and are revoked after the run is completed. This method is supported for AWS, Google Cloud Platform, Azure, and Vault. References =
1: [Sensitive Values in State] : Authenticate providers with dynamic credentials
質問 # 127
What is a key benefit of the Terraform state file?
- A. A state file is a source of truth for resources provisioned with a public cloud console
- B. A state file can schedule recurring infrastructure tasks
- C. A state file is a source of truth for resources provisioned with Terraform
- D. A state file is the desired state expressed by the Terraform code files
正解:C
解説:
Explanation
This is a key benefit of the Terraform state file, as it stores and tracks the metadata and attributes of the resources that are managed by Terraform, and allows Terraform to compare the current state with the desired state expressed by your configuration files.
質問 # 128
You are working on some new application features and you want to spin up a copy of your production deployment to perform some quick tests. In order to avoid having to configure a new state backend, what open source Terraform feature would allow you create multiple states but still be associated with your current code?
- A. Terraform workspaces
- B. Terraform local values
- C. Terraform modules
- D. Terraform data sources
- E. None of the above
正解:A
解説:
Terraform workspaces allow you to create multiple states but still be associated with your current code. Workspaces are like "environments" (e.g. staging, production) for the same configuration. You can use workspaces to spin up a copy of your production deployment for testing purposes without having to configure a new state backend. Terraform data sources, local values, and modules are not features that allow you to create multiple states.
References = Workspaces and How to Use Terraform Workspaces
質問 # 129
......
最新の検証済みTerraform-Associate-003問題集と解答合格保証もしくは全額返金です:https://jp.fast2test.com/Terraform-Associate-003-premium-file.html
最新の認証試験Terraform-Associate-003問題集練習テスト解答はこちら:https://drive.google.com/open?id=1GAFtQcMGQZV6Y457W5Nz35Qk9S-7lNXg