[2024年11月]更新のHashiCorp Terraform-Associate-003試験練習テスト問題
更新された認定試験Terraform-Associate-003問題集で練習テスト問題
質問 # 55
Terraform variable names are saved in the state file.
- A. False
- B. True
正解:A
解説:
Explanation
Terraform variable names are not saved in the state file, only their values are. The state file only stores the attributes of the resources and data sources that are managed by Terraform, not the variables that are used to configure them.
質問 # 56
As a member of an operations team that uses infrastructure as code (lac) practices, you are tasked with making a change to an infrastructure stack running in a public cloud. Which pattern would follow laC best practices for making a change?
- A. Use the public cloud console to make the change after a database record has been approved
- B. Clone the repository containing your infrastructure code and then run the code
- C. Make the change programmatically via the public cloud CLI
- D. Make the change via the public cloud API endpoint
- E. Submit a pull request and wait for an approved merge of the proposed changes
正解:E
解説:
You do not need to use different Terraform commands depending on the cloud provider you use. Terraform commands are consistent across different providers, as they operate on the Terraform configuration files and state files, not on the provider APIs directly.
質問 # 57
You modified your Terraform configuration and run Terraform plan to review the changes. Simultaneously, your teammate manually modified the infrastructure component you are working on. Since you already ran terraform plan locally, the execution plan for terraform apply will be the same.
- A. False
- B. True
正解:A
解説:
The execution plan for terraform apply will not be the same as the one you ran locally with terraform plan, if your teammate manually modified the infrastructure component you are working on. This is because Terraform will refresh the state file before applying any changes, and will detect any differences between the state and the real resources.
質問 # 58
Which of the following is not a valid siring function in Terraform?
- A. slice
- B. Split
- C. choaf
- D. join
正解:C
解説:
Explanation
This is not a valid string function in Terraform. The other options are valid string functions that can manipulate strings in various ways2.
質問 # 59
You want to define a single input variable to capture configuration values for a server. The values must represent memory as a number, and the server name as a string.
Which variable type could you use for this input?
- A. Map
- B. List
- C. Terraform does not support complex input variables of different types
- D. Object
正解:D
解説:
This is the variable type that you could use for this input, as it can store multiple attributes of different types within a single value. The other options are either invalid or incorrect for this use case.
質問 # 60
When does Sentinel enforce policy logic during a Terraform Cloud run?
- A. Before the plan phase
- B. Before the apply phase
- C. After the apply phase
- D. During the plan phase
正解:B
解説:
Sentinel policies are checked after the plan stage of a Terraform run, but before it can be confirmed or the terraform apply is executed3. This allows you to enforce rules on your infrastructure before it is created or modified.
質問 # 61
terraform validate confirms that your infrastructure matches the Terraform state file.
- A. False
- B. True
正解:A
解説:
Explanation
terraform validate does not confirm that your infrastructure matches the Terraform state file. It only checks whether the configuration files in a directory are syntactically valid and internally consistent3. To confirm that your infrastructure matches the Terraform state file, you need to use terraform plan or terraform apply with the
-refresh-only option.
質問 # 62
Where in your Terraform configuration do you specify a state backend?
- A. The terraform block
- B. The data source block
- C. The provider block
- D. The resource block
正解:A
解説:
In Terraform, the backend configuration, which includes details about where and how state is stored, is specified within theterraformblock of your configuration. This block is the correct place to define the backend type and its configuration parameters, such as the location of the state file for a local backend or the bucket details for a remote backend like S3.References= This practice is outlined in Terraform's core documentation, which provides examples and guidelines on how to configure various aspects of Terraform's behavior, including state backends .
質問 # 63
If a DevOps team adopts AWS CloudFormation as their standardized method for provisioning public cloud resoruces, which of the following scenarios poses a challenge for this team?
- A. The organization decides to expand into Azure wishes to deploy new infrastructure
- B. The team is asked to build a reusable code based that can deploy resources into any AWS region
- C. The DevOps team is tasked with automating a manual, web console-based provisioning.
- D. The team is asked to manage a new application stack built on AWS-native services
正解:A
解説:
This is the scenario that poses a challenge for this team, if they adopt AWS CloudFormation as their standardized method for provisioning public cloud resources, as CloudFormation only supports AWS services and resources, and cannot be used to provision infrastructure on other cloud platforms such as Azure.
質問 # 64
When do changes invoked by terraform apply take effect?
- A. After Terraform has updated the state file
- B. Immediately
- C. Once the resource provider has fulfilled the request
- D. None of the above are correct
正解:C
解説:
Explanation
Changes invoked by terraform apply take effect once the resource provider has fulfilled the request, not after Terraform has updated the state file or immediately. The state file is only a reflection of the real resources, not a source of truth.
質問 # 65
Which of the following is not a valid source path for specifying a module?
- A. source - "hashicorp/consul/aws"
- B. source - "github.com/hashicorp/examplePref-ul.0.8M
- C. source - "./module"
- D. source = "./module?version=vl.6.0"
正解:D
解説:
Terraform modules are referenced by specifying a source location. This location can be a URL or a file path.
However, specifying query parameters such as?version=vl.6.0directly within the source path is not a valid or supported method for specifying a module version in Terraform. Instead, version constraints are specified using theversionargument within the module block, not as part of the source string.References= This clarification is based on Terraform's official documentation regarding module usage, which outlines the correct methods for specifying module sources and versions.
質問 # 66
Multiple team members are collaborating on infrastructure using Terraform and want to format the* Terraform code following standard Terraform-style convention.
How should they ensure the code satisfies conventions?
- A. Terraform automatically formats configuration on terraform apply
- B. Run terraform validate prior to executing terraform plan or terraform apply
- C. Use terraform fmt
- D. Replace all tabs with spaces
正解:C
解説:
The terraform fmt command is used to format Terraform configuration files to a canonical format and style. This ensures that all team members are using a consistent style, making the code easier to read and maintain. It automatically applies Terraform's standard formatting conventions to your configuration files, helping maintain consistency across the team's codebase.
Reference:
Terraform documentation on terraform fmt: Terraform Fmt
質問 # 67
When using a remote backend or terraform Cloud integration, where does Terraform save resource sate?
- A. In the remote backend or Terraform Cloud
- B. In memory
- C. On the disk
- D. In an environment variable
正解:A
解説:
This is where Terraform saves resource state when using a remote backend or Terraform Cloud integration, as it allows you to store and manage your state file in a remote location, such as a cloud storage service or Terraform Cloud's servers. This enables collaboration, security, and scalability for your Terraform infrastructure.
質問 # 68
You can develop a custom provider to manage its resources using Terraform.
- A. True
- B. False
正解:A
解説:
You can develop a custom provider to manage its resources using Terraform, as Terraform is an extensible tool that allows you to write your own plugins in Go language. You can also publish your custom provider to the Terraform Registry or use it privately.
質問 # 69
Why does this backend configuration not follow best practices?
- A. The backend configuration should contain multiple credentials so that more than one user can execute terraform plan and terraform apply
- B. An alias meta-argument should be included in backend blocks whenever possible
- C. You should use the local enhanced storage backend whenever possible
- D. You should not store credentials in Terraform configuration
正解:D
解説:
Explanation
This is a bad practice, as it exposes your credentials to anyone who can access your configuration files or state files. You should use environment variables, credential files, or other mechanisms to provide credentials to Terraform.
質問 # 70
A developer accidentally launched a VM (virtual machine) outside of the Terraform workflow and ended up with two servers with the same name. They don't know which VM Terraform manages but do have a list of all active VM IDs.
Which of the following methods could you use to discover which instance Terraform manages?
- A. Run terraform state list to find the names of all VMs, then run terraform state show for each of them to find which VM ID Terraform manages
- B. Update the code to include outputs for the ID of all VMs, then run terraform plan to view the outputs
- C. Use terraform refresh/code to find out which IDs are already part of state
- D. Run terraform taint/code on all the VMs to recreate them
正解:A
解説:
The terraform state list command lists all resources that are managed by Terraform in the current state file1. The terraform state show command shows the attributes of a single resource in the state file2. By using these two commands, you can compare the VM IDs in your list with the ones in the state file and identify which one is managed by Terraform.
質問 # 71
You're building a CI/CD (continuous integration/continuous delivery) pipeline and need to inject sensitive variables into your Terraform run. How can you do this safely?
- A. Copy the sensitive variables into your Terraform code
- B. Store the sensitive variables in a secure_varS.tf file
- C. Pass variables to Terraform with a -var flag
- D. Store the sensitive variables as plain text in a source code repository
正解:C
解説:
Explanation
This is a secure way to inject sensitive variables into your Terraform run, as they will not be stored in any file or source code repository. You can also use environment variables or variable files with encryption to pass sensitive variables to Terraform.
質問 # 72
What type of block is used to construct a collection of nested configuration blocks?
- A. Dynamic
- B. For_each
- C. repeated.
- D. Nesting
正解:A
解説:
Explanation
This is the type of block that is used to construct a collection of nested configuration blocks, by using a for_each argument to iterate over a collection value and generate a nested block for each element. For example, you can use a dynamic block to create multiple ingress rules for a security group resource.
質問 # 73
What does terraform import do?
- A. Imports all infrastructure from a given cloud provider
- B. Imports existing resources into the state file
- C. Imports clean copies of tainted resources
- D. Imports a new Terraform module
- E. None of the above
正解:B
解説:
The terraform import command is used to import existing infrastructure into your Terraform state. This command takes the existing resource and associates it with a resource defined in your Terraform configuration, updating the state file accordingly. It does not generate configuration for the resource, only the state.
質問 # 74
Your risk management organization requires that new AWS S3 buckets must be private and encrypted at rest.
How can Terraform Cloud automatically and proactively enforce this security control?
- A. Auditing cloud storage buckets with a vulnerability scanning tool
- B. By adding variables to each Terraform Cloud workspace to ensure these settings are always enabled
- C. With an S3 module with proper settings for buckets
- D. With a Sentinel policy, which runs before every apply
正解:D
解説:
Explanation
The best way to automatically and proactively enforce the security control that new AWS S3 buckets must be private and encrypted at rest is with a Sentinel policy, which runs before every apply. Sentinel is a policy as code framework that allows you to define and enforce logic-based policies for your infrastructure. Terraform Cloud supports Sentinel policies for all paid tiers, and can run them before any terraform plan or terraform apply operation. You can write a Sentinel policy that checks the configuration of the S3 buckets and ensures that they have the proper settings for privacy and encryption, and then assign the policy to your Terraform Cloud organization or workspace. This way, Terraform Cloud will prevent any changes that violate the policy from being applied. References = [Sentinel Policy Framework], [Manage Policies in Terraform Cloud], [Write and Test Sentinel Policies for Terraform]
質問 # 75
Where can Terraform not load a provider from?
- A. Official HashCrop Distribution on releases.hashcrop.com
- B. Source code
- C. Plugins directory
- D. Provider plugin chance
正解:B
解説:
This is where Terraform cannot load a provider from, as it requires a compiled binary file that implements the provider protocol. You can load a provider from a plugins directory, a provider plugin cache, or the official HashiCorp distribution on releases.hashicorp.com.
質問 # 76
......
HashiCorp Terraform-Associate-003 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
更新された検証済みのTerraform-Associate-003問題集と解答で合格保証もしくは全額返金:https://jp.fast2test.com/Terraform-Associate-003-premium-file.html
Terraform-Associate-003のPDF問題とテストエンジンには178問があります:https://drive.google.com/open?id=1GAFtQcMGQZV6Y457W5Nz35Qk9S-7lNXg