[Q145-Q166] Certification Training for TA-002-P Exam Dumps Test Engine [2021]

Share

Certification Training for TA-002-P Exam Dumps Test Engine [2021]

Oct 16, 2021 Step by Step Guide to Prepare for TA-002-P Exam

NEW QUESTION 145
True or False? When using the Terraform provider for Vault, the tight integration between these HashiCorp tools provides the ability to mask secrets in the terraform plan and state files.

  • A. False
  • B. True

Answer: A

Explanation:
Explanation
Currently, Terraform has no mechanism to redact or protect secrets that are returned via data sources, so secrets read via this provider will be persisted into the Terraform state, into any plan files, and in some cases in the console output produced while planning and applying. These artifacts must, therefore, all be protected accordingly.

 

NEW QUESTION 146
What features stops multiple admins from changing the Terraform state at the same time?

  • A. Provider constraints
  • B. Backend types
  • C. State locking
  • D. Version control

Answer: C

 

NEW QUESTION 147
Which of the below options is a valid interpolation syntax for retrieving a data source?

  • A. ${data.google_dns_keys.foo_dns_keys.key_signing_keys[0].ds_record}
  • B. ${google_storage_bucket.backend}
  • C. ${aws_instance.web.id.data}
  • D. ${azurerm_resource_group.test.data}

Answer: A

Explanation:
Data source attributes are interpolated with the general syntax data.TYPE.NAME.ATTRIBUTE. The interpolation for a resource is the same but without the data. prefix (TYPE.NAME.ATTRIBUTE).
https://www.terraform.io/docs/configuration-0-11/interpolation.html#attributes-of-a-data-source

 

NEW QUESTION 148
Hanah is writing a terraform configuration with nested modules, there are multiple places where she has to use the same conditional expression but she wants to avoid repeating the same values or expressions multiple times in the configuration,. What is a better approach to dealing with this?

  • A. Local Values
  • B. Variables
  • C. Expressions
  • D. Functions

Answer: A

Explanation:
https://www.terraform.io/docs/configuration/locals.html

 

NEW QUESTION 149
Which of the below features of Terraform can be used for managing small differences between different environments which can act more like completely separate working directories.

  • A. Environment Variables
  • B. Repositories
  • C. Backends
  • D. Workspaces

Answer: D

Explanation:
workspaces allow conveniently switching between multiple instances of a single configuration within its single backend. They are convenient in a number of situations, but cannot solve all problems.
A common use for multiple workspaces is to create a parallel, distinct copy of a set of infrastructure in order to test a set of changes before modifying the main production infrastructure. For example, a developer working on a complex set of infrastructure changes might create a new temporary workspace in order to freely experiment with changes without affecting the default workspace.
Non-default workspaces are often related to feature branches in version control. The default workspace might correspond to the "master" or "trunk" branch, which describes the intended state of production infrastructure. When a feature branch is created to develop a change, the developer of that feature might create a corresponding workspace and deploy into it a temporary "copy" of the main infrastructure so that changes can be tested without affecting the production infrastructure. Once the change is merged and deployed to the default workspace, the test infrastructure can be destroyed and the temporary workspace deleted.
https://www.terraform.io/docs/state/workspaces.html
https://www.terraform.io/docs/state/workspaces.html#when-to-use-multiple-workspaces

 

NEW QUESTION 150
In order to reduce the time it takes to provision resources, Terraform uses parallelism. By default, how many resources will Terraform provision concurrently?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: B

 

NEW QUESTION 151
Provisioners should only be used as a last resort.

  • A. True
  • B. False

Answer: A

Explanation:
Explanation
Provisioners are a Last Resort
Terraform includes the concept of provisioners as a measure of pragmatism, knowing that there will always be certain behaviors that can't be directly represented in Terraform's declarative model.
However, they also add a considerable amount of complexity and uncertainty to Terraform usage. Firstly, Terraform cannot model the actions of provisioners as part of a plan because they can in principle take any action. Secondly, successful use of provisioners requires coordinating many more details than Terraform usage usually requires: direct network access to your servers, issuing Terraform credentials to log in, making sure that all of the necessary external software is installed, etc.
The following sections describe some situations which can be solved with provisioners in principle, but where better solutions are also available. We do not recommend using provisioners for any of the use-cases described in the following sections.
Even if your specific use-case is not described in the following sections, we still recommend attempting to solve it using other techniques first, and use provisioners only if there is no other option.
https://www.terraform.io/docs/provisioners/index.html

 

NEW QUESTION 152
Which of the following allows Terraform users to apply policy as code to enforce standardized configurations for resources being deployed via infrastructure as code?

  • A. Sentinel
  • B. Workspaces
  • C. Functions
  • D. Module registry

Answer: A

Explanation:
Sentinel is a language and framework for policy built to be embedded in existing software to enable fine-grained, logic-based policy decisions. A policy describes under what circumstances certain behaviors are allowed. Sentinel is an enterprise-only feature.
https://www.youtube.com/watch?v=Vy8s7AAvU6g&feature=emb_title

 

NEW QUESTION 153
In Terraform Enterprise, a workspace can be mapped to how many VCS repos?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: C

Explanation:
A workspace can only be configured to a single VCS repo, however, multiple workspaces can use the same repo.
https://www.terraform.io/docs/cloud/workspaces/vcs.html

 

NEW QUESTION 154
Complete the following sentence:
The terraform state command can be used to ____

  • A. view state
  • B. There is no such command
  • C. refresh state
  • D. modify state

Answer: D

Explanation:
Explanation
https://www.terraform.io/docs/commands/state/index.html

 

NEW QUESTION 155
ABC Enterprise has recently tied up with multiple small organizations for exchanging database information.
Due to this, the firewall rules are increasing and are more than 100 rules. This is leading firewall configuration file that is difficult to manage. What is the way this type of configuration can be managed easily?

  • A. Terraform Expression
  • B. Terraform Functions
  • C. Dynamic Blocks
  • D. Terraform Backends

Answer: C

 

NEW QUESTION 156
What is the name assigned by Terraform to reference this resource?

  • A. azurerm
  • B. test
  • C. azurerm_resource_group
  • D. dev

Answer: B

 

NEW QUESTION 157
How is the Terraform remote backend different than other state backends such as S3, Consul, etc.?

  • A. It is only available to paying customers
  • B. All of the above
  • C. It can execute Terraform runs on dedicated infrastructure on premises or in Terraform Cloud
  • D. It doesn't show the output of a terraform apply locally

Answer: C

Explanation:
Explanation
If you and your team are using Terraform to manage meaningful infrastructure, we recommend using the remote backend with Terraform Cloud or Terraform Enterprise.
Reference: https://www.terraform.io/docs/language/settings/backends/index.html

 

NEW QUESTION 158
Anyone can publish and share modules on the Terraform Public Module Registry, and meeting the requirements for publishing a module is extremely easy. Select from the following list all valid requirements. (select three)

  • A. The module must be PCI/HIPPA compliant.
  • B. The module must be on GitHub and must be a public repo.
  • C. The registry uses tags to identify module versions.
  • D. Module repositories must use this three-part name format, terraform-- .
  • E. Release tag names must be for the format x.y.z, and can optionally be prefixed with a v .

Answer: B,C,E

Explanation:
Explanation
https://www.terraform.io/docs/registry/modules/publish.html#requirements

 

NEW QUESTION 159
Which of these is the best practice to protect sensitive values in state files?

  • A. Enhanced remote backends
  • B. Signed Terraform providers
  • C. Secure Sockets Layer (SSL)
  • D. Blockchain

Answer: A

Explanation:
Use of remote backends and especially the availability of Terraform Cloud, there are now a variety of backends that will encrypt state at rest and will not store the state in cleartext on machines running. Reference: https://www.terraform.io/docs/extend/best-practices/sensitive-state.html

 

NEW QUESTION 160
Your team lead does not trust the junior terraform engineers who now have access to the git repo . So , he wants you to have some sort of a checking layer , whereby , you can ensure that the juniors will not create any non-compliant resources that might lead to a security audit failure in future. What can you do to efficiently enforce this?

  • A. Create a design /security document (in PDF) and share to the team , and ask them to always follow that document , and never deviate from it.
  • B. Create a git master branch , and implement PR . Every change needs to be reviewed by you , before being merged to the master branch.
  • C. Use Terraform OSS Sentinel Lite version , which will save cost , since there is no charge for OSS , but it can still check for most non-compliant rules using Policy-As-Code.
  • D. Since your team is using Hashicorp Terraform Enterprise Edition , enable Sentinel , and write Policy-As-Code rules that will check for non-compliant resource provisioning , and prevent/report them.

Answer: D

Explanation:
Explanation
Sentinel is an embedded policy-as-code framework integrated with the HashiCorp Enterprise products. It enables fine-grained, logic-based policy decisions, and can be extended to use information from external sources.
https://www.terraform.io/docs/cloud/sentinel/index.html

 

NEW QUESTION 161
What is terraform refresh intended to detect?

  • A. Empty state files
  • B. Corrupt state files
  • C. Terraform configuration code changes
  • D. State file drift

Answer: D

 

NEW QUESTION 162
Which of the following is the right substitute for static values that can make Terraform configuration file more dynamic and reusable?

  • A. Input parameters
  • B. Output value
  • C. Functions
  • D. Modules

Answer: A

Explanation:
Input variables serve as parameters for a Terraform module, allowing aspects of the module to be customized without altering the module's own source code, and allowing modules to be shared between different configurations.

 

NEW QUESTION 163
1. resource "aws_s3_bucket" "example" {
2. bucket = "my-test-s3-terraform-bucket"
3. ...} resource "aws_iam_role" "test_role" {
4. name = "test_role"
5. ...}
Due to the way that the application code is written, the s3 bucket must be created before the test role is created, otherwise there will be a problem. How can you ensure that?

  • A. This is not possible to control in terraform . Terraform will take care of it in a native way , and create a dependency graph that is best suited for the parallel resource creation.
  • B. Add explicit dependency using depends_on . This will ensure the correct order of resource creation.
  • C. Create 2 separate terraform config scripts , and run them one by one , 1 for s3 bucket , and another for IAM role , run the S3 bucket script first.
  • D. This will already be taken care of by terraform native implicit dependency. Nothing else needs to be done from your end.

Answer: B

Explanation:
Explanation
Implicit dependency works only if there is some reference of one resource to another. Explicit dependency is the option here.

 

NEW QUESTION 164
terraform state subcommands such as list are read-only commands, do read-only commands create state backup files?

  • A. No
  • B. Yes

Answer: A

Explanation:
Explanation
Subcommands that are read-only (such as list) do not write any backup files since they aren't modifying the state.
All terraform state subcommands that modify the state write backup files. The path of these backup file can be controlled with -backup.
https://www.terraform.io/docs/commands/state/index.html#backups

 

NEW QUESTION 165
Which of the following value will be accepted for my_var?
1. variable "my_var"
2. {
3. type = string
4. }

  • A. Both A and B
  • B. 0
  • C. "15"
  • D. None of the above

Answer: A

Explanation:
Explanation
The Terraform language will automatically convert number and bool values to string values when needed, and vice-versa as long as the string contains a valid representation of a number or boolean value.
Example
* true converts to "true", and vice-versa
* false converts to "false", and vice-versa
* 15 converts to "15", and vice-versa
Where possible, Terraform automatically converts values from one type to another in order to produce the expected type. If this isn't possible, Terraform will produce a type mismatch error and you must update the configuration with a more suitable expression.
https://www.terraform.io/docs/configuration/expressions.html#type-conversion

 

NEW QUESTION 166
......

Ultimate Guide to Prepare TA-002-P Certification Exam for HashiCorp Infrastructure Automation: https://www.briandumpsprep.com/TA-002-P-prep-exam-braindumps.html

HashiCorp Infrastructure Automation TA-002-P Real Exam Questions and Answers FREE Updated: https://drive.google.com/open?id=1C25AtU4x8HGUDKUyzSrt--JfHEGKnYvl