1. GitOps & Infrastructure Automation
1. What is GitOps?
A)
o A DevOps model where infrastructure changes are managed via Git repositories.
2. How does GitOps differ from traditional IaC?
A)
o GitOps enforces version-controlled infrastructure and automatic reconciliation.
3. What are the best practices for Terraform state management?
A)
o Store state in remote backends (S3, Azure Blob).
o Use state locking to prevent conflicts.
4. What is a Terraform module?
A)
o A reusable, parameterized collection of Terraform configurations.
5. What is drift detection in Terraform?
A)
o Detecting changes in infrastructure that are not in the Terraform state.
2. Kubernetes Advanced Topics
6. What is a Kubernetes DaemonSet?
A)
o Ensures a pod runs on every node in a cluster.
7. What is a Kubernetes StatefulSet?
A)
o Used for stateful applications, providing stable network IDs and persistent storage.
8. How does Kubernetes Horizontal Pod Autoscaler (HPA) work?
A)
o Adjusts the number of pods based on CPU/memory metrics.
9. What is a Kubernetes Ingress?
A)
o A resource managing external access to services via HTTP/HTTPS.
10. What is Kubernetes RBAC?
A)o Role-Based Access Control for managing permissions in a cluster.
3. Monitoring & Logging Advanced Concepts
11. What is PromQL in Prometheus?
A)
o A query language for fetching Prometheus metrics.
12. How do you monitor Kubernetes clusters?
A)
o Use Prometheus, Grafana, and Kubernetes Metrics Server.
13. How do you centralize logs in a distributed system?
A)
o Use the ELK Stack or Fluentd for log aggregation.
14. What is the difference between tracing and logging?
A)
o Logging captures discrete events; tracing follows a request’s lifecycle.
15. How does OpenTelemetry help with observability?
A)
o Provides unified telemetry (logs, metrics, traces) across services.
4. Security Best Practices in DevOps
16. How do you implement DevSecOps in a pipeline?
A)
o Integrate security scanning tools (SAST, DAST) into CI/CD.
17. What is a SAST tool?
A)
o Static Application Security Testing (e.g., SonarQube, Snyk).
18. What is a DAST tool?
A)
o Dynamic Application Security Testing (e.g., OWASP ZAP, Burp Suite).
19. How do you implement least privilege access in DevOps?
A)
o Use IAM roles, RBAC, and enforce MFA.
20. What is container image scanning?
A)
o Scanning Docker images for vulnerabilities using tools like Trivy or Clair.
5. Cloud-Native & Serverless
21. What is a serverless architecture?
A)
o Running applications without managing infrastructure (e.g., AWS Lambda).
22. What are the benefits of serverless computing?
A)
o Auto-scaling, cost efficiency, and reduced operational overhead.
23. How does Kubernetes compare to AWS Lambda?
A)
o Kubernetes runs containerized apps, whereas Lambda is event-driven and serverless.
24. What is a CloudFormation Stack?
A)o A collection of AWS resources managed as a single unit.
25. What is an API Gateway in cloud environments?
A)
o A managed service for routing, securing, and monitoring API requests.
6. Advanced Networking & Security
26. What is a Service Mesh?
A)
o A dedicated infrastructure layer for managing service-to-service communication (e.g., Istio, Linkerd).
27. How do you secure microservices communication?
A)
o Use TLS encryption, API gateways, and mutual TLS authentication.
28. What is a Zero Trust security model?
A)
o A model where no one is trusted by default, requiring strict identity verification.
29. What is a WAF (Web Application Firewall)?
A)
o Protects applications from web-based threats like SQL injection and XSS.
30. How do you protect against DDoS attacks?
A)
o Use CDNs, rate limiting, and AWS Shield/Cloudflare protections.
7. DevOps Culture & Processes
31. How do you implement DevOps in a large enterprise?
A)
o Start with CI/CD adoption, IaC, monitoring, and DevSecOps practices.
32. What are key DevOps KPIs?
A)
o Deployment frequency, mean time to recover (MTTR), change failure rate.
33. How do you handle failures in a DevOps environment?
A)
o Implement rollback strategies, blameless postmortems, and chaos engineering.
34. What is a postmortem in DevOps?
A)
o A retrospective analysis of an incident to prevent recurrence.
35. What are feature flags?
A)
o A mechanism for toggling features on/off in production.
8. Performance Optimization
36. What is a CDN, and why is it used?
A)
o A Content Delivery Network caches content to reduce latency.
37. How do you optimize CI/CD pipeline performance?
A)
o Use parallel builds, caching, and selective testing.
38. How do you optimize database performance in DevOps?
A)
o Indexing, caching, and database partitioning.
39. What is a sidecar pattern in microservices?
A)
o Deploying an auxiliary container alongside the main service for logging, monitoring, or security.
40. How do you reduce cloud costs in a DevOps environment?
A)
o Use auto-scaling, spot instances, and cost monitoring tools.
9. Incident Management & Disaster Recovery
41. What is a runbook in DevOps?
A)
o A predefined set of procedures for handling incidents.
42. What is a playbook in incident response?
A)
o A detailed action plan for mitigating security or system issues.
43. How do you handle rollback in Kubernetes?
A)
o Use kubectl rollout undo to revert to the previous deployment.
44. What is RTO and RPO in disaster recovery?
A)
o RTO: Recovery Time Objective (time to restore services).
o RPO: Recovery Point Objective (maximum acceptable data loss).
45. How do you test disaster recovery in DevOps?
A)
o Conduct failover tests and simulate outages.
10. Miscellaneous & Future Trends
46. What is FinOps in cloud computing?
A)
o Financial operations to optimize cloud spending.
47. What is Chaos Engineering?
A)
o Deliberate testing of system failures to improve resilience.
48. What is Policy-as-Code?
A)
o Defining security and compliance policies in code (e.g., OPA, AWS SCPs).
49. What is AIOps?
A)
o AI-driven operations that automate incident detection and resolution.
50. What are emerging trends in DevOps for 2025?
A)- AI-driven automation, GitOps adoption, enhanced Kubernetes security, and observability
improvements.