CompTIA Cloud+ (CV0-004) · Domain 6 · 10% of exam

DevOps Fundamentals

Drill 20 practice questions focused entirely on DevOps Fundamentals for the CompTIA CV0-004 exam. Tap an answer for instant feedback and a full explanation — no sign-up, always free.

Verified answer20 questions
Question 1 of 20

A DevOps team wants to reduce deployment risk for a high-traffic web service. They release a new version to only 5% of production traffic, monitor error rates and latency, and gradually increase the percentage to 100% if metrics remain healthy. If problems appear, they roll back the small exposed portion. Which deployment strategy is this team using?

Reviewed for accuracy · Report an issue
Question 2 of 20

A DevOps team builds an application artifact in their CI pipeline, deploys it to a staging environment for QA testing, and then rebuilds the artifact from the same source branch before deploying to production. QA-approved builds occasionally behave differently in production. Which change to the pipeline BEST resolves this inconsistency?

Reviewed for accuracy · Report an issue
Question 3 of 20

A development team practicing continuous delivery is struggling with long-lived feature branches that cause painful merge conflicts and delay integration by weeks. Leadership wants developers to integrate their code into the main line at least daily while still being able to hide incomplete functionality from end users in production. Which combination of practices best achieves this goal?

Reviewed for accuracy · Report an issue
Question 4 of 20

A cloud engineering team has a CI/CD pipeline that automatically builds, tests, and deploys code to production whenever a merge to the main branch occurs. After a recent incident where an untested schema change reached production, leadership requires that changes to the production environment receive human sign-off while keeping all lower-environment deployments fully automated. Which change to the pipeline BEST satisfies this requirement?

Reviewed for accuracy · Report an issue
Question 5 of 20

A DevOps team's CI/CD pipeline runs sequentially: it compiles code, then runs unit tests, then runs a set of independent integration test suites (database, API, and messaging), and finally packages the artifact. Total pipeline time has grown to 45 minutes, and developers complain about slow feedback. Analysis shows the three integration test suites do not depend on one another and collectively account for 25 minutes of runtime. Which change would MOST effectively reduce total pipeline duration without sacrificing test coverage?

Reviewed for accuracy · Report an issue
Question 6 of 20

A development team currently runs security scans only after code is deployed to a staging environment, which frequently discovers vulnerabilities late and forces costly rework. The security team wants to catch coding flaws such as SQL injection and insecure functions as early as possible in the CI/CD pipeline, ideally before the application is even built. Which practice should the team implement to best achieve this goal?

Reviewed for accuracy · Report an issue
Question 7 of 20

A DevOps team's CI/CD pipeline runs the following stages in order: build, unit tests, container image scan, integration tests, and deploy to staging. Developers complain that they wait more than 30 minutes for feedback on syntax and logic errors because the slower integration tests run before failures in simpler checks surface. Which change to the pipeline best improves the speed of feedback for the most common defects while preserving overall quality gates?

Reviewed for accuracy · Report an issue
Question 8 of 20

A DevOps team pushes a new application version through their CI/CD pipeline to production. Minutes after deployment completes, monitoring shows a spike in HTTP 500 errors caused by a defect that passed automated tests. The team needs the fastest, most reliable way to restore service while they investigate. Which capability should the pipeline provide to meet this need?

Reviewed for accuracy · Report an issue
Question 9 of 20

A cloud operations team manages 300 Linux servers across multiple environments. Over time, engineers have manually applied hotfixes, causing inconsistent package versions and service configurations. The team wants a solution that continuously enforces a defined desired state, automatically correcting any manual changes on the servers without requiring the servers to be rebuilt. Which approach best meets this requirement?

Reviewed for accuracy · Report an issue
Question 10 of 20

A DevSecOps team already runs static code analysis and dependency scanning early in their CI/CD pipeline. However, a recent penetration test found authentication bypass and session-handling flaws that only manifest when the application is actually running. Which additional automated testing stage should the team add to catch these runtime vulnerabilities before production release?

Reviewed for accuracy · Report an issue
Question 11 of 20

A development team ships a microservice that heavily relies on open-source third-party libraries pulled from public package repositories during the build. Security wants the CI/CD pipeline to automatically flag known vulnerabilities (CVEs) and license risks in these external dependencies before the artifact is promoted. Which tool type should be integrated into the pipeline to meet this requirement?

Reviewed for accuracy · Report an issue
Question 12 of 20

A platform team wants to manage their Kubernetes cluster configuration so that the desired state is stored declaratively in a Git repository, and an automated agent continuously compares the live cluster state against the repository, automatically correcting any manual changes made directly to the cluster. Which approach BEST meets these requirements?

Reviewed for accuracy · Report an issue
Question 13 of 20

A cloud engineering team stores all infrastructure definitions in a Git repository. Recently, a single engineer pushed a change directly to the main branch that inadvertently opened a security group to the public internet, and the change was applied before anyone noticed. The team wants to prevent unreviewed infrastructure changes from reaching the main branch while preserving an auditable history of who approved each change. Which practice should the team implement?

Reviewed for accuracy · Report an issue
Question 14 of 20

A cloud engineer maintains production infrastructure using an infrastructure-as-code tool. Before merging a large refactor of network modules, the team wants to see exactly which resources will be created, modified, or destroyed—without making any actual changes to the live environment. Which step should the engineer run to obtain this preview?

Reviewed for accuracy · Report an issue
Question 15 of 20

A DevOps team of five engineers manages cloud infrastructure using an IaC tool. Currently each engineer stores the deployment state file locally on their workstation. The team has experienced repeated resource conflicts, accidental duplicate provisioning, and one incident where an engineer's laptop failure caused the loss of the only copy of the production state. Which change should the team implement to resolve these collaboration and reliability problems?

Reviewed for accuracy · Report an issue
Question 16 of 20

A DevSecOps team wants to catch insecure infrastructure configurations, such as publicly exposed storage buckets and overly permissive security group rules, BEFORE any resources are provisioned in the cloud. The team already scans container images and runs unit tests in the pipeline. Which addition to the CI/CD pipeline BEST meets this requirement?

Reviewed for accuracy · Report an issue
Question 17 of 20

A cloud engineering team enforces that every resource deployed via their Terraform pipeline must include a 'cost-center' and 'data-classification' tag. Recently, several untagged resources reached production despite peer code reviews. The team wants an automated, non-bypassable control that rejects non-compliant infrastructure definitions before they are provisioned, without relying on human reviewers. Which approach best meets this requirement?

Reviewed for accuracy · Report an issue
Question 18 of 20

A cloud engineering team wants to define infrastructure so they simply describe the target end state (number of instances, network configuration, and load balancer settings), and the tool automatically determines the steps needed to reach that state during each run. They do not want to write explicit step-by-step provisioning commands. Which IaC approach best meets this requirement?

Reviewed for accuracy · Report an issue
Question 19 of 20

A DevOps engineer runs an Infrastructure as Code template three times against the same environment. The first run creates 12 resources. On the second and third runs, the engineer expects the tool to report that no changes are needed and to make no modifications, since the desired state already matches the actual state. Which property of the IaC tooling ensures that repeated executions of the same configuration produce the same end state without duplicating resources?

Reviewed for accuracy · Report an issue
Question 20 of 20

A cloud engineering team maintains a large repository of infrastructure-as-code templates authored by multiple contributors. Reviewers repeatedly reject pull requests over inconsistent indentation, variable naming, and deprecated syntax, slowing down merges. The team wants to automatically enforce coding standards and catch style violations early, before human review begins. Which addition to the CI pipeline BEST addresses this need?

Reviewed for accuracy · Report an issue

More CV0-004 practice

Keep going with the other CompTIA Cloud+ (CV0-004) domains, or take a full timed mock exam.

← Back to CV0-004 overview