Terraform-Associate-003練習試験と学習ガイドは厳密検証された最新な145問題 [Q76-Q99]

Share

Terraform-Associate-003練習試験と学習ガイドは厳密検証されたFast2test最新な145問題

2024年最新のな厳密検証された合格させるTerraform-Associate-003学習ガイドベズトお試しセット

質問 # 76
Which provider authentication method prevents credentials from being stored in the state file?

  • A. None of the above
  • B. Specifying the login credentials in the provider block
  • C. Setting credentials as Terraform variables
  • D. Using environment variables

正解:A

解説:
Explanation
None of the above methods prevent credentials from being stored in the state file. Terraform stores the provider configuration in the state file, which may include sensitive information such as credentials. This is a potential security risk and should be avoided if possible. To prevent credentials from being stored in the state file, you can use one of the following methods:
Use environment variables to pass credentials to the provider. This way, the credentials are not part of the provider configuration and are not stored in the state file. However, this method may not work for some providers that require credentials to be set in the provider block.
Use dynamic credentials to authenticate with your cloud provider. This way, Terraform Cloud or Enterprise will request temporary credentials from your cloud provider for each run and use them to provision your resources. The credentials are not stored in the state file and are revoked after the run is completed. This method is supported for AWS, Google Cloud Platform, Azure, and Vault. References : [Sensitive Values in State] : Authenticate providers with dynamic credentials


質問 # 77
A provider configuration block is required in every Terraform configuration.
Example:

  • A. True
  • B. False

正解:B

解説:
Explanation
A provider configuration block is not required in every Terraform configuration. A provider configuration block can be omitted if its contents would otherwise be empty. Terraform assumes an empty default configuration for any provider that is not explicitly configured. However, some providers may require some configuration arguments (such as endpoint URLs or cloud regions) before they can be used. A provider's documentation should list which configuration arguments it expects. For providers distributed on the Terraform Registry, versioned documentation is available on each provider's page, via the "Documentation" link in the provider's header1. References = [Provider Configuration]1


質問 # 78
How is terraform import run?

  • A. As a part of terraform init
  • B. As a part of terraform refresh
  • C. By an explicit call
  • D. All of the above
  • E. As a part of terraform plan

正解:C

解説:
The terraform import command is not part of any other Terraform workflow. It must be explicitly invoked by the user with the appropriate arguments, such as the resource address and the ID of the existing infrastructure to import. Reference = [Importing Infrastructure]


質問 # 79
Which are forbidden actions when the terraform state file is locked? Choose three correct answers.

  • A. Terraform state list
  • B. Terraform destroy
  • C. Terraform validate
  • D. Terraform apply
  • E. Terraform validate
  • F. Terraform for

正解:B、C、D

解説:
The terraform state file is locked when a Terraform operation that could write state is in progress. This prevents concurrent state operations that could corrupt the state. The forbidden actions when the state file is locked are those that could write state, such as terraform apply, terraform destroy, terraform refresh, terraform taint, terraform untaint, terraform import, and terraform state *. The terraform validate command is also forbidden, because it requires an initialized working directory with the state file. The allowed actions when the state file is locked are those that only read state, such as terraform plan, terraform show, terraform output, and terraform console. Reference = [State Locking] and [Command: validate]


質問 # 80
Any user can publish modules to the public Terraform Module Registry.

  • A. False
  • B. True

正解:B

解説:
The Terraform Registry allows any user to publish and share modules. Published modules support versioning, automatically generate documentation, allow browsing version histories, show examples and READMEs, and more. Public modules are managed via Git and GitHub, and publishing a module takes only a few minutes. Once a module is published, releasing a new version of a module is as simple as pushing a properly formed Git tag1.
Reference = The information can be verified from the Terraform Registry documentation on Publishing Modules provided by HashiCorp Developer1.


質問 # 81
A developer accidentally launched a VM (virtual machine) outside of the Terraform workflow and ended up with two servers with the same name. They don't know which VM Terraform manages but do have a list of all active VM IDs.
Which of the following methods could you use to discover which instance Terraform manages?

  • A. Run terraform state list to find the names of all VMs, then run terraform state show for each of them to find which VM ID Terraform manages
  • B. Update the code to include outputs for the ID of all VMs, then run terraform plan to view the outputs
  • C. Run terraform taint/code on all the VMs to recreate them
  • D. Use terraform refresh/code to find out which IDs are already part of state

正解:A

解説:
Explanation
The terraform state list command lists all resources that are managed by Terraform in the current state file1. The terraform state show command shows the attributes of a single resource in the state file2. By using these two commands, you can compare the VM IDs in your list with the ones in the state file and identify which one is managed by Terraform.


質問 # 82
Your security team scanned some Terraform workspaces and found secrets stored in plaintext in state files.
How can you protect that data?

  • A. Store the state in an encrypted backend
  • B. Delete the state file every time you run Terraform
  • C. Always store your secrets in a secrets.tfvars file
  • D. Edit your state file to scrub out the sensitive data

正解:A

解説:
Explanation
This is a secure way to protect sensitive data in the state file, as it will be encrypted at rest and in transit2. The other options are not recommended, as they could lead to data loss, errors, or security breaches.


質問 # 83
Terraform providers are part of the Terraform core binary.

  • A. True
  • B. False

正解:B

解説:
Explanation
Terraform providers are not part of the Terraform core binary. Providers are distributed separately from Terraform itself and have their own release cadence and version numbers. Providers are plugins that Terraform uses to interact with various APIs, such as cloud providers, SaaS providers, and other services. You can find and install providers from the Terraform Registry, which hosts providers for most major infrastructure platforms. You can also load providers from a local mirror or cache, or develop your own custom providers.
To use a provider in your Terraform configuration, you need to declare it in the provider requirements block and optionally configure its settings in the provider block. References = : Providers - Configuration Language | Terraform : Terraform Registry - Providers Overview | Terraform


質問 # 84
You ate making changes to existing Terraform code to add some new infrastructure. When is the best time to run terraform validate?

  • A. Before you run terraform plan so you can validate your code syntax
  • B. After you run terraform apply so you can validate your infrastructure
  • C. Before you run terraform apply so you can validate your provider credentials
  • D. After you run terraform plan so you can validate that your state file is consistent with your infrastructure

正解:A

解説:
Explanation
This is the best time to run terraform validate, as it will check your code for syntax errors, typos, and missing arguments before you attempt to create a plan. The other options are either incorrect or unnecessary.


質問 # 85
If you update the version constraint in your Terraform configuration, Terraform will update your lock file the next time you run terraform Init.

  • A. False
  • B. True

正解:B

解説:
Explanation
If you update the version constraint in your Terraform configuration, Terraform will update your lock file the next time you run terraform init3. This will ensure that you use the same provider versions across different machines and runs.


質問 # 86
How does Terraform determine dependencies between resources?

  • A. Terraform requires all dependencies between resources to be specified using the depends_on parameter
  • B. Terraform requires resources in a configuration to be listed m the order they will be created to determine dependencies
  • C. Terraform automatically builds a resource graph based on resources provisioners, special meta-parameters, and the stale file (if present}
  • D. Terraform requires resource dependencies to be defined as modules and sourced in order

正解:C

解説:
This is how Terraform determines dependencies between resources, by using the references between them in the configuration files and other factors that affect the order of operations.


質問 # 87
Which of these ate secure options for storing secrets for connecting to a Terraform remote backend? Choose two correct answers.

  • A. Defined in a connection configuration outside of Terraform
  • B. Inside the backend block within the Terraform configuration
  • C. Defined in Environment variables
  • D. A variable file

正解:A、C

解説:
Environment variables and connection configurations outside of Terraform are secure options for storing secrets for connecting to a Terraform remote backend. Environment variables can be used to set values for input variables that contain secrets, such as backend access keys or tokens. Terraform will read environment variables that start with TF_VAR_ and match the name of an input variable. For example, if you have an input variable called backend_token, you can set its value with the environment variable TF_VAR_backend_token1. Connection configurations outside of Terraform are files or scripts that provide credentials or other information for Terraform to connect to a remote backend. For example, you can use a credentials file for the S3 backend2, or a shell script for the HTTP backend3. These files or scripts are not part of the Terraform configuration and can be stored securely in a separate location. The other options are not secure for storing secrets. A variable file is a file that contains values for input variables. Variable files are usually stored in the same directory as the Terraform configuration or in a version control system. This exposes the secrets to anyone who can access the files or the repository. You should not store secrets in variable files1. Inside the backend block within the Terraform configuration is where you specify the type and settings of the remote backend. The backend block is part of the Terraform configuration and is usually stored in a version control system. This exposes the secrets to anyone who can access the configuration or the repository. You should not store secrets in the backend block4. Reference = [Terraform Input Variables]1, [Backend Type: s3]2, [Backend Type: http]3, [Backend Configuration]4


質問 # 88
You can configure Terraform to log to a file using the TF_LOG environment variable.

  • A. False
  • B. True

正解:B

解説:
You can configure Terraform to log to a file using the TF_LOG environment variable. This variable can be set to one of the log levels: TRACE, DEBUG, INFO, WARN or ERROR. You can also use the TF_LOG_PATH environment variable to specify a custom log file location. Reference = : Debugging Terraform


質問 # 89
Which are examples of infrastructure as code? Choose two correct answers.

  • A. Versioned configuration files
  • B. Change management database records
  • C. Doctor files
  • D. Cloned virtual machine images

正解:A

解説:
These are examples of infrastructure as code (IaC), which is a practice of managing and provisioning infrastructure through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools.


質問 # 90
Terraform can only manage resource dependencies if you set them explicitly with the depends_on argument.

  • A. True
  • B. False

正解:B

解説:
Terraform can manage resource dependencies implicitly or explicitly. Implicit dependencies are created when a resource references another resource or data source in its arguments. Terraform can infer the dependency from the reference and create or destroy the resources in the correct order. Explicit dependencies are created when you use the depends_on argument to specify that a resource depends on another resource or module. This is useful when Terraform cannot infer the dependency from the configuration or when you need to create a dependency for some reason outside of Terraform's scope. Reference = : Create resource dependencies : Terraform Resource Dependencies Explained


質問 # 91
How could you reference an attribute from the vsphere_datacenter data source for use with the datacenter_id argument within the vsphere_folder resource in the following configuration?

  • A. Data.vsphere_datacenter.DC.id
  • B. Data.vsphere_datacenter,dc
  • C. Vsphere_datacenter.dc.id
  • D. Data,dc,id

正解:A

解説:
Explanation
The correct way to reference an attribute from the vsphere_datacenter data source for use with the datacenter_id argument within the vsphere_folder resource in the following configuration is data.vsphere_datacenter.dc.id. This follows the syntax for accessing data source attributes, which is data.TYPE.NAME.ATTRIBUTE. In this case, the data source type is vsphere_datacenter, the data source name is dc, and the attribute we want to access is id. The other options are incorrect because they either use the wrong syntax, the wrong punctuation, or the wrong case. References = [Data Source: vsphere_datacenter],
[Data Source: vsphere_folder], [Expressions: Data Source References]


質問 # 92
Which of the following is not a benefit of adopting infrastructure as code?

  • A. A Graphical User Interface
  • B. Automation
  • C. Reusability of code
  • D. Versioning

正解:A

解説:
Infrastructure as Code (IaC) provides several benefits, including the ability to version control infrastructure, reuse code, and automate infrastructure management. However, IaC is typically associated with declarative configuration files and does not inherently provide a graphical user interface (GUI). A GUI is a feature that may be provided by specific tools or platforms built on top of IaC principles but is not a direct benefit of IaC itself1.
Reference = The benefits of IaC can be verified from the official HashiCorp documentation on "What is Infrastructure as Code with Terraform?" provided by HashiCorp Developer1.


質問 # 93
You have provisioned some virtual machines (VMs) on Google Cloud Platform (GCP) using the gcloud command line tool. However, you are standardizing with Terraform and want to manage these VMs using Terraform instead. What are the two things you must do to achieve this? Choose two correct answers.

  • A. Use the terraform import command for the existing VMs
  • B. Provision new VMs using Terraform with the same VM names
  • C. Run the terraform Import-gcp command
  • D. Write Terraform configuration for the existing VMs

正解:A、D

解説:
Explanation
To import existing resources into Terraform, you need to do two things1:
Write a resource configuration block for each resource, matching the type and name used in your state file.
Run terraform import for each resource, specifying its address and ID. There is no such command as terraform Import-gcp, and provisioning new VMs with the same names will not import them into Terraform.


質問 # 94
You ate making changes to existing Terraform code to add some new infrastructure. When is the best time to run terraform validate?

  • A. Before you run terraform plan so you can validate your code syntax
  • B. After you run terraform apply so you can validate your infrastructure
  • C. Before you run terraform apply so you can validate your provider credentials
  • D. After you run terraform plan so you can validate that your state file is consistent with your infrastructure

正解:A

解説:
This is the best time to run terraform validate, as it will check your code for syntax errors, typos, and missing arguments before you attempt to create a plan. The other options are either incorrect or unnecessary.


質問 # 95
You must use different Terraform commands depending on the cloud provider you use.

  • A. True
  • B. False

正解:B

解説:
You do not need to use different Terraform commands depending on the cloud provider you use. Terraform commands are consistent across different providers, as they operate on the Terraform configuration files and state files, not on the provider APIs directly.


質問 # 96
When does Sentinel enforce policy logic during a Terraform Cloud run?

  • A. Before the plan phase
  • B. Before the apply phase
  • C. After the apply phase
  • D. During the plan phase

正解:B

解説:
Explanation
Sentinel policies are checked after the plan stage of a Terraform run, but before it can be confirmed or the terraform apply is executed3. This allows you to enforce rules on your infrastructure before it is created or modified.


質問 # 97
Terraform providers are always installed from the Internet.

  • A. True
  • B. False

正解:B

解説:
Terraform providers are not always installed from the Internet. There are other ways to install provider plugins, such as from a local mirror or cache, from a local filesystem directory, or from a network filesystem. These methods can be useful for offline or air-gapped environments, or for customizing the installation process. You can configure the provider installation methods using the provider_installation block in the CLI configuration file.


質問 # 98
You add a new provider to your configuration and immediately run terraform apply in the CD using the local backend. Why does the apply fail?

  • A. Terraform requires you to manually run terraform plan first
  • B. Terraform needs you to format your code according to best practices first
  • C. The Terraform CD needs you to log into Terraform Cloud first
  • D. Terraform needs to install the necessary plugins first

正解:D

解説:
The reason why the apply fails after adding a new provider to the configuration and immediately running terraform apply in the CD using the local backend is because Terraform needs to install the necessary plugins first. Terraform providers are plugins that Terraform uses to interact with various cloud services and other APIs. Each provider has a source address that determines where to download it from. When Terraform encounters a new provider in the configuration, it needs to run terraform init first to install the provider plugins in a local directory. Without the plugins, Terraform cannot communicate with the provider and perform the desired actions. Reference = [Provider Requirements], [Provider Installation]


質問 # 99
......


HashiCorp Terraform-Associate-003 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • モジュールの入力と出力を操作する
  • 構成におけるバックエンド ブロックとクラウドの統合について説明する
トピック 2
  • リモート状態のバックエンド オプションを区別する
  • コレクション型と構造型の使用を理解する
トピック 3
  • 構成の読み取り、生成、および変更
  • バックエンドおよびクラウド統合認証方法の処理
トピック 4
  • Terraform Cloud がコラボレーションとガバナンスを実現する方法について説明する
  • 安全なシークレット インジェクションのベスト プラクティスについて説明する
トピック 5
  • Terraform 状態を使用して Terraform 状態を表示する
  • 構成に書式設定とスタイル調整を適用する
トピック 6
  • Infrastructure as Code (IaC) の概念を理解する
  • Terraform の実行計画を生成してレビューする

 

究極のガイドはTerraform-Associate-003最新時間限定今すぐダウンロード!:https://jp.fast2test.com/Terraform-Associate-003-premium-file.html

2024年最新のな厳密検証された合格できるTerraform-Associate-003試験にはリアル問題と解答:https://drive.google.com/open?id=1GAFtQcMGQZV6Y457W5Nz35Qk9S-7lNXg


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어