Unit 6 - Practice Quiz

CSC202 60 Questions
0 Correct 0 Wrong 60 Left
0/60

1 What is the primary concept behind Infrastructure as Code (IaC)?

Using Infrastructure as Code: Understand infrastructure as code Easy
A. Managing and provisioning computer data centers through machine-readable definition files.
B. Manually configuring servers one by one using a command-line interface.
C. A type of physical hardware used for network routing.
D. Writing application code in a specific infrastructure-focused language.

2 Which of the following is a major benefit of using IaC?

Using Infrastructure as Code: Understand infrastructure as code Easy
A. Elimination of the need for version control
B. Increased consistency and reduced human error
C. Slower deployment speeds
D. The requirement for more physical hardware

3 In the context of IaC, what does "idempotency" mean?

Using Infrastructure as Code: Understand infrastructure as code Easy
A. Running the same code multiple times results in the same system state.
B. The infrastructure configuration changes every time the code is run.
C. The code can only be executed a single time.
D. The code is written in an idempotent programming language.

4 Which of the following tools is a popular choice for implementing Infrastructure as Code?

Using Infrastructure as Code: Understand infrastructure as code Easy
A. Microsoft Excel
B. Terraform
C. GIMP
D. Wireshark

5 Which Git command is used to create a copy of a remote repository on your local machine?

Using Infrastructure as Code: Manage version control with Git Easy
A. git init
B. git commit
C. git clone
D. git push

6 What is the purpose of the git commit command?

Using Infrastructure as Code: Manage version control with Git Easy
A. To upload changes to the remote repository.
B. To discard all local changes.
C. To record changes to the local repository.
D. To view the status of your changes.

7 Which command initializes a new, empty Git repository in the current directory?

Using Infrastructure as Code: Manage version control with Git Easy
A. git init
B. git start
C. git new
D. git create

8 What is the function of a .gitignore file?

Using Infrastructure as Code: Manage version control with Git Easy
A. To list the history of all commits.
B. To configure global Git settings.
C. To specify intentionally untracked files that Git should ignore.
D. To store the user's Git credentials.

9 What is a hypervisor?

Managing Containers in Linux: Understand virtualization concepts Easy
A. A networking protocol for VMs.
B. Software that creates and runs virtual machines.
C. A physical hardware component for virtualization.
D. An operating system that runs inside a virtual machine.

10 What is a "Guest OS" in the context of virtualization?

Managing Containers in Linux: Understand virtualization concepts Easy
A. An operating system running inside a virtual machine.
B. A type of hypervisor.
C. A lightweight version of an operating system.
D. The main operating system installed on the physical server.

11 A Type 1 hypervisor runs directly on the host's physical hardware. What is it also known as?

Managing Containers in Linux: Understand virtualization concepts Easy
A. Guest hypervisor
B. Bare-metal hypervisor
C. Hosted hypervisor
D. Container engine

12 What is the primary function of virtualization?

Managing Containers in Linux: Understand virtualization concepts Easy
A. To package an application and its dependencies into a single object.
B. To create a virtual version of a device or resource, such as a server, storage device, network or even an operating system.
C. To increase the physical speed of a CPU.
D. To manage source code for infrastructure.

13 What is a key difference between containers and virtual machines (VMs)?

Managing Containers in Linux: Understand containers Easy
A. VMs start up faster than containers.
B. Containers provide stronger hardware-level isolation than VMs.
C. Containers are much larger in size than VMs.
D. Containers share the host OS kernel, while VMs have their own full guest OS.

14 Which of the following is a well-known containerization platform?

Managing Containers in Linux: Understand containers Easy
A. KVM
B. Docker
C. VMware vSphere
D. Oracle VirtualBox

15 What is a container image?

Managing Containers in Linux: Understand containers Easy
A. A read-only template with instructions for creating a container.
B. A backup file for a virtual machine.
C. A file system for the host operating system.
D. A running instance of a container.

16 How do containers achieve process and resource isolation on a Linux host?

Managing Containers in Linux: Understand containers Easy
A. By using different physical hardware for each container.
B. By encrypting all of their network traffic.
C. By running a separate hypervisor for each container.
D. Using kernel features like namespaces and cgroups.

17 Which Docker command is used to download an image from a container registry like Docker Hub?

Managing Containers in Linux: Deploy containers Easy
A. docker save [image_name]
B. docker pull [image_name]
C. docker download [image_name]
D. docker get [image_name]

18 What is the basic command to create and start a new container from an image called nginx?

Managing Containers in Linux: Deploy containers Easy
A. docker build nginx
B. docker run nginx
C. docker start nginx
D. docker create nginx

19 Which command allows you to see a list of all currently running containers?

Managing Containers in Linux: Deploy containers Easy
A. docker info
B. docker list
C. docker ps
D. docker images

20 What is the purpose of a Dockerfile?

Managing Containers in Linux: Deploy containers Easy
A. It's a log file generated by a running container.
B. It's a text file with instructions on how to build a custom container image.
C. It's a configuration file for the Docker daemon.
D. It's a script for managing multiple containers at once.

21 An Infrastructure as Code (IaC) script is designed to ensure a web server is running and correctly configured. If the script is run multiple times, it makes no further changes after the first successful execution. This property is known as:

Using Infrastructure as Code: Understand infrastructure as code Medium
A. Convergence
B. Idempotence
C. Procedural Deployment
D. Imperative Configuration

22 A developer working on a feature-xyz branch needs to incorporate the latest updates from the main branch. To maintain a clean, linear project history without creating a merge commit, which Git command is the most appropriate choice?

Using Infrastructure as Code: Manage version control with Git Medium
A. git cherry-pick main
B. git pull origin main --no-commit
C. git merge main
D. git rebase main

23 An organization wants to run a virtualization platform directly on their bare-metal servers for maximum performance and security, without an underlying host operating system. Which type of hypervisor should they choose?

Managing Containers in Linux: Understand virtualization concepts Medium
A. Type 1 Hypervisor
B. Container-based Hypervisor
C. Hybrid Hypervisor
D. Type 2 Hypervisor

24 Which of the following statements best describes a key difference in resource utilization between a container and a full virtual machine on the same host?

Managing Containers in Linux: Understand containers Medium
A. A container shares the host OS kernel and its binaries/libraries, leading to lower overhead than a VM which runs a full guest OS.
B. Containers require a dedicated block of RAM pre-allocated at boot, whereas VMs use dynamic memory.
C. A VM shares the host OS kernel, while each container must load its own kernel into memory.
D. Both containers and VMs have identical resource footprints, with the main difference being startup time.

25 A system administrator needs to run a temporary container for a quick test and wants the container's filesystem to be automatically removed once the container exits. Which flag should be added to the docker run command?

Managing Containers in Linux: Deploy containers Medium
A. --no-persist
B. --delete
C. --transient
D. --rm

26 When comparing declarative and imperative approaches to Infrastructure as Code, which statement is most accurate?

Using Infrastructure as Code: Understand infrastructure as code Medium
A. Imperative tools like Terraform automatically handle state management and dependency resolution.
B. Declarative tools like shell scripts are easier to maintain for complex infrastructure.
C. Imperative requires a step-by-step sequence of commands, while declarative defines the desired final state.
D. Declarative focuses on how to achieve the end state, while imperative focuses on what the end state should be.

27 A developer accidentally committed a file with sensitive credentials to a local branch that has not been pushed to a remote repository. To completely remove the most recent commit from the branch's history as if it never happened, which command should be used?

Using Infrastructure as Code: Manage version control with Git Medium
A. git clean -fd
B. git reset --hard HEAD~1
C. git revert HEAD
D. git checkout HEAD~1

28 Which of the following Linux kernel features is primarily responsible for isolating the filesystem view for each container, making it seem like it has its own root filesystem?

Managing Containers in Linux: Understand containers Medium
A. cgroups (Control Groups)
B. SELinux
C. AppArmor
D. Namespaces (specifically, the mount namespace)

29 A sysadmin needs to run a containerized database that requires its data to persist even if the container is removed and recreated. What is the recommended Docker feature to achieve this?

Managing Containers in Linux: Deploy containers Medium
A. Mounting a Docker volume to a data directory inside the container.
B. Committing the container's state to a new image after every transaction.
C. Using the --persist flag with docker run.
D. Storing the data inside the container's default writable layer.

30 What is the primary advantage of paravirtualization (PV) compared to full hardware virtualization (HVM)?

Managing Containers in Linux: Understand virtualization concepts Medium
A. It provides stronger security isolation between guest VMs by using hardware extensions.
B. It can offer better I/O performance by allowing the guest OS to communicate directly with the hypervisor.
C. It requires no modifications to the guest operating system.
D. It is the only method compatible with Type 2 hypervisors like VirtualBox.

31 Your team uses an IaC tool like Terraform, which maintains a file to track the current state of the managed infrastructure. What is the primary purpose of this 'state file'?

Using Infrastructure as Code: Understand infrastructure as code Medium
A. To map the real-world resources to your configuration, track metadata, and improve performance.
B. To serve as a human-readable log of all API calls made.
C. To act as a backup of the infrastructure configuration code.
D. To store sensitive credentials required to access cloud providers in an encrypted format.

32 While reviewing a pull request, you find a small typo in the commit message of an older commit (not the most recent one) in the branch. What is the most effective Git command to fix the message of that specific, older commit?

Using Infrastructure as Code: Manage version control with Git Medium
A. git rebase -i <base-commit-hash>
B. git filter-branch --msg-filter
C. git commit --amend
D. git revert <commit-hash>

33 You need to expose a web server running on port 3000 inside a Docker container to port 8080 on the host machine. Which docker run option correctly maps these ports?

Managing Containers in Linux: Deploy containers Medium
A. -p 8080:3000
B. --port 8080,3000
C. -p 3000:8080
D. --expose 8080:3000

34 A company needs to migrate a legacy application that is tightly coupled to a specific, older kernel version onto a modern server. They cannot containerize the application due to this strict kernel dependency. Which technology is the most suitable solution?

Managing Containers in Linux: Understand virtualization concepts Medium
A. Application Containerization
B. Process-based Sandboxing
C. OS-level Virtualization
D. Hardware Virtualization (VM)

35 In the context of Docker, what is the primary function of a container image?

Managing Containers in Linux: Understand containers Medium
A. It is a live snapshot of a virtual machine's memory and disk state.
B. It is a configuration file, typically docker-compose.yml, that defines a container's runtime state.
C. It is a read-only template with instructions for creating a container, including code, runtime, libraries, and environment variables.
D. It is a running instance of an application with a dedicated writable layer.

36 A team follows a branching model where they want to combine all commits from a feature branch into a single, cohesive commit before merging it into the main branch. This process is best described as:

Using Infrastructure as Code: Manage version control with Git Medium
A. Forking
B. Stashing
C. Squashing
D. Cherry-picking

37 Consider the following Dockerfile instructions:
dockerfile
RUN apt-get update && apt-get install -y nodejs
CMD ["node", "app.js"]

What is the fundamental difference between the RUN and CMD instructions?

Managing Containers in Linux: Deploy containers Medium
A. RUN executes when building the image, while CMD specifies the default command to execute when a container starts.
B. CMD executes when building the image to set up the environment, while RUN is the primary command for the running container.
C. RUN is used for installing packages, while CMD is used for running application processes.
D. Both are executed when the container starts, but RUN is executed as the root user while CMD is executed as a non-root user.

38 A system administrator wrote a shell script to provision a new server. The script works, but if a step fails midway, the server is left in an inconsistent, partially configured state. This is a common problem associated with which IaC approach?

Using Infrastructure as Code: Understand infrastructure as code Medium
A. Agent-based
B. Imperative/Procedural
C. Stateful
D. Declarative

39 When comparing OS-level virtualization (containers) with hardware virtualization (VMs), which statement about security isolation is most accurate?

Managing Containers in Linux: Understand virtualization concepts Medium
A. Security isolation is managed by the application layer in both technologies, not the virtualization layer.
B. Both offer identical levels of security isolation, as they both use cgroups and namespaces for containment.
C. VMs generally offer stronger security isolation due to the complete separation of kernels provided by the hypervisor.
D. Containers provide superior security isolation because they don't have a guest kernel to attack.

40 A container needs access to a configuration file located on the host machine at /opt/configs/app.conf. The administrator wants to make this file available inside the container at /etc/app.conf without copying it into the image. Which docker run option achieves this?

Managing Containers in Linux: Deploy containers Medium
A. --add-host /opt/configs/app.conf:/etc/app.conf
B. --volume /opt/configs/app.conf:/etc/app.conf
C. --link /opt/configs/app.conf:/etc/app.conf
D. --mount /etc/app.conf:/opt/configs/app.conf

41 An idempotent Terraform script designed to manage a web server, a load balancer, and a database fails after successfully provisioning the server and load balancer, but before the database. The failure was due to a temporary cloud provider API outage. Before re-running the script, a sysadmin manually deletes the load balancer via the cloud console. What is the expected outcome when the exact same Terraform script is executed again?

Using Infrastructure as Code: Understand infrastructure as code Hard
A. Terraform will destroy the existing web server to start from a clean slate, then provision all three resources.
B. The script will ignore the manual deletion, fail at the database step again, and leave the infrastructure in its current state (one server, no load balancer).
C. Terraform will detect the discrepancy, re-create the missing load balancer, and then create the missing database, leaving the existing server untouched.
D. The script will error out, reporting a state mismatch for the manually deleted load balancer.

42 A developer working on a feature branch needs to incorporate updates from the main branch. However, the main branch has a commit that reverts a change the developer's feature branch depends on. If the developer runs git rebase main, what is the most likely outcome during the rebase process?

Using Infrastructure as Code: Manage version control with Git Hard
A. The rebase will fail immediately, and git will recommend using git merge instead.
B. The rebase will complete automatically, but the feature will be broken in the newly rebased commits.
C. Git will encounter a merge conflict on the commit in the feature branch that depends on the reverted code, pausing the rebase until the developer resolves it.
D. Git will automatically skip the problematic commit from the feature branch, leading to an incomplete feature.

43 When comparing a Type-1 (bare-metal) hypervisor like KVM with a Type-2 (hosted) hypervisor like VirtualBox for a high-throughput, low-latency database server workload, what is the most significant performance disadvantage of the Type-2 hypervisor?

Managing Containers in Linux: Understand virtualization concepts Hard
A. Inability to utilize hardware virtualization extensions like Intel VT-x or AMD-V.
B. Higher memory overhead because the host OS and hypervisor must share the same memory space.
C. Lack of support for paravirtualized drivers (e.g., virtio) for network and storage devices.
D. Increased I/O latency due to an additional layer of system calls passing through the host operating system's kernel and scheduler.

44 You are deploying a containerized application that writes sensitive logs. You want the logs to persist even if the container is destroyed, but you need to ensure the log data is encrypted on the host filesystem. What is the most effective container deployment strategy on a standard Linux host with filesystem-level encryption (like eCryptfs or fscrypt) enabled?

Managing Containers in Linux: Deploy containers Hard
A. Mount an in-memory tmpfs volume, as it is isolated from the host filesystem and more secure.
B. Use a Docker named volume (-v my-logs:/path/in/container), as volumes are automatically encrypted by the container runtime.
C. Use a Docker bind mount (-v /path/on/host:/path/in/container) to a directory that is encrypted on the host.
D. Run an encryption process inside the container that writes to a standard volume, encrypting the data before it is written to the host.

45 A container is running a process as UID 1000. The host system does not have a user with UID 1000. The container is configured with a bind mount to a host directory owned by root:root with permissions 755 (rwxr-xr-x). What operations can the containerized process perform on the files within the mounted directory?

Managing Containers in Linux: Understand containers Hard
A. It can read existing files but cannot write to them or create new files.
B. It cannot read or write any files due to a UID mismatch.
C. It can read, write, and create new files because container UIDs are mapped to the host's root user.
D. It can create new files, which will be owned by UID 1000 on the host, but cannot modify existing files owned by root.

46 You have accidentally committed a large binary file to your Git history and pushed it to a remote develop branch. You have since added more commits on top of it. You need to completely remove the binary file from the entire history of the develop branch to reduce the repository size, without losing any of the subsequent commits. Which Git command is the most appropriate and effective tool for this specific task?

Using Infrastructure as Code: Manage version control with Git Hard
A. git rebase -i on the affected commits, edit the commit with the binary, remove the file, amend the commit, and continue.
B. git filter-branch --tree-filter 'rm -f path/to/binary' HEAD followed by a force push.
C. git revert on the commit that added the binary file.
D. git reset --hard <commit_before_binary> and then cherry-pick the subsequent commits.

47 In the context of Infrastructure as Code, what is the fundamental difference between 'configuration drift' and a 'failed idempotent execution'?

Using Infrastructure as Code: Understand infrastructure as code Hard
A. A failed idempotent execution always leads to drift, but drift can occur without a failed execution.
B. Drift is a divergence between the live infrastructure and the code-defined state caused by out-of-band changes, while a failed execution is an unsuccessful run of the IaC tool itself.
C. Drift can only be detected by imperative IaC tools, while failed executions are a problem for declarative tools.
D. Drift refers to changes in the IaC code that haven't been applied, while a failed execution is when those changes cannot be applied due to an error.

48 A guest virtual machine is running a legacy operating system that has no awareness of virtualization and lacks paravirtualized (e.g., virtio) drivers. Which I/O virtualization technique must the hypervisor primarily rely on to provide network and disk access to this guest, and what is its main drawback?

Managing Containers in Linux: Understand virtualization concepts Hard
A. Split device driver model; it is efficient but requires the guest OS to be modified with a 'frontend' driver.
B. Shared virtual memory; it is fast for memory access but not applicable for disk or network I/O.
C. Full device emulation; it is flexible but suffers from high CPU overhead due to trapping and emulating hardware device interactions.
D. I/O passthrough (VT-d/AMD-Vi); it is fast but requires dedicated hardware for the guest and is inflexible.

49 Consider the following Docker Compose configuration. Service api needs a fully initialized database in db before it can start. What is the critical flaw in this configuration for ensuring the api service starts correctly?

Managing Containers in Linux: Deploy containers Hard
A. The api service is missing a command directive, so it will not start.
B. The db service does not expose any ports, preventing the api service from connecting to it.
C. The services are not on a shared network, so api will be unable to resolve the hostname db.
D. The depends_on directive only waits for the db container to be started, not for the PostgreSQL service within it to be fully initialized and ready to accept connections.

50 To enhance container security, a system administrator wants to prevent a container from making any network calls except for DNS lookups and connections to a specific internal API server at 10.0.5.10 on port 8080. Which combination of Linux kernel features, commonly leveraged by container runtimes, would be most effective for enforcing this specific policy?

Managing Containers in Linux: Understand containers Hard
A. A custom seccomp profile to block socket syscalls combined with a restrictive AppArmor profile.
B. Network namespaces to isolate the container's network stack and cgroups to limit bandwidth.
C. A restrictive cgroup v2 network controller policy and iptables rules within the container's network namespace.
D. A default Docker bridge network with an egress firewall implemented using host-level iptables rules that match the container's source IP address.

51 A project uses git submodules to include a shared library. A developer clones the main repository using git clone --recursive, makes changes inside the submodule directory, commits them, and pushes them from within that directory. They then go to the main project's root, see a change for the submodule, and commit it with the message "Update library". What exactly is stored in this new commit in the main repository?

Using Infrastructure as Code: Manage version control with Git Hard
A. A complete copy of all the files from the submodule.
B. A symbolic link pointing to the submodule's directory.
C. The new commit SHA-1 of the submodule's HEAD.
D. A patch file (diff) of the changes made in the submodule.

52 In the context of KVM, what is the primary role of Extended Page Tables (EPT) by Intel or Rapid Virtualization Indexing (RVI) by AMD, and what specific performance bottleneck does it address?

Managing Containers in Linux: Understand virtualization concepts Hard
A. They provide a mechanism for efficient live migration by tracking dirty memory pages in hardware.
B. They enable direct assignment of PCIe devices (passthrough) to guest VMs, bypassing the hypervisor for I/O operations.
C. They accelerate memory virtualization by allowing the guest OS to directly manage its page tables, eliminating the overhead of synchronizing with shadow page tables maintained by the hypervisor.
D. They are used for CPU virtualization, allowing the hypervisor to trap and emulate privileged instructions with lower overhead.

53 You are managing a large-scale cloud environment with an IaC tool like Terraform. Your team decides to refactor the code, moving a managed resource (e.g., a VM) from one module to another. If you simply move the code block and run terraform apply, what will happen and what command should be used to prevent this undesirable outcome?

Using Infrastructure as Code: Understand infrastructure as code Hard
A. Terraform will abandon the old resource, leaving it orphaned, and create a new one; terraform import should be used to manage the old resource.
B. The plan will fail with a 'duplicate resource' error; terraform refresh should be run first to resolve it.
C. Terraform will plan to destroy the existing VM and create a new one at the new code location; terraform state mv should be used beforehand.
D. Terraform will automatically detect the move and update its state file without any infrastructure changes.

54 A multi-stage Dockerfile is used to build a Go application. The builder stage compiles the binary, and the final stage copies it from the builder into a scratch image. The resulting container fails to start with an error like /app/my-app: not found or an execution format error. The binary exists at the correct path inside the container. What is the most likely cause of this failure?

Managing Containers in Linux: Deploy containers Hard
A. The COPY --from=builder command failed to preserve the executable permissions of the binary.
B. The scratch image has no shell (/bin/sh), so the CMD ["/app/my-app"] exec form cannot be processed.
C. The Go application was not compiled as a static binary, and the scratch image lacks the required dynamic libraries (like libc).
D. The builder stage and final stage are based on different CPU architectures (e.g., amd64 vs. arm64).

55 A security audit requires that all containers must not be able to gain new privileges via setuid or setgid binaries. Which Docker security feature, when enabled, most directly and effectively enforces this policy?

Managing Containers in Linux: Understand containers Hard
A. Applying the no-new-privileges security option (--security-opt no-new-privileges).
B. Dropping the CAP_SETUID and CAP_SETGID Linux capabilities (--cap-drop=SETUID --cap-drop=SETGID).
C. Enabling a user namespace (--userns-remap=default).
D. Running the container with a read-only root filesystem (--read-only).

56 A developer has been working on a feature branch and has made several commits. They realize that a bug was introduced in the very first commit on their branch, but it is only detectable by a test that runs against the third commit. If they use git bisect to find the bug, what potential complication will they face and how is it typically handled?

Using Infrastructure as Code: Manage version control with Git Hard
A. The bisect process will fail because the 'good' starting commit (the base of the branch) will not have the feature code necessary for the test to run at all.
B. The bisect will correctly identify the first commit as the source, as it checks out each commit and runs the test script against the full codebase at that point.
C. The bisect will incorrectly identify the third commit as 'bad' because that's where the test fails, even though the bug originated earlier. The developer must use git bisect skip on commits that cannot be tested.
D. git bisect cannot be used in this scenario because the bug and the test are in different commits.

57 What is a primary distinction between OS-level virtualization (containers) and hypervisor-based virtualization (VMs) regarding the handling of kernel-level system calls?

Managing Containers in Linux: Understand virtualization concepts Hard
A. Both containers and VMs use a hypervisor to trap all system calls, but the hypervisor for containers is much more lightweight.
B. Containers do not make system calls; they use a higher-level API provided by the runtime, while VMs make standard system calls.
C. In containers, all processes make system calls directly to the single, shared host OS kernel. In VMs, processes make system calls to their own guest OS kernel, which then uses privileged instructions or hypercalls that are handled by the hypervisor.
D. In containers, system calls are emulated by the container runtime (e.g., Docker engine), while in VMs, they are passed through directly to the host kernel.

58 You are trying to optimize the build time of a large Docker image for a Node.js application. The package.json and package-lock.json files change infrequently, while the application source code (.js files) changes very frequently. Which of the following Dockerfile snippets demonstrates the most effective layer caching strategy?

Managing Containers in Linux: Deploy containers Hard
A. dockerfile
FROM node:16
WORKDIR /app
COPY . .
RUN npm ci
CMD ["node", "server.js"]
B. dockerfile
FROM node:16
WORKDIR /app
RUN npm ci
COPY . .
CMD ["node", "server.js"]
C. dockerfile
FROM node:16
WORKDIR /app
COPY . .
CMD ["node", "server.js"]
RUN npm ci
D. dockerfile
FROM node:16
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
CMD ["node", "server.js"]

59 When comparing imperative IaC (e.g., a custom bash script using AWS CLI) with declarative IaC (e.g., Terraform), what is the key challenge an imperative approach faces when attempting to achieve idempotency for resource updates?

Using Infrastructure as Code: Understand infrastructure as code Hard
A. Imperative scripts lack the ability to perform a 'dry run' to preview changes before they are made.
B. The script must explicitly check the current state of every single attribute of a resource before deciding whether to issue an 'update' command, making the logic complex and brittle.
C. Imperative tools cannot store state, so they must query the cloud provider for all resources on every run.
D. It is impossible for an imperative script to be idempotent; they are by nature procedural.

60 A team uses a Git workflow where feature branches are merged into main using --no-ff (no-fast-forward) to preserve branch history. A bug is discovered in production, and git bisect is used on the main branch to find the faulty commit. The bisect process identifies a merge commit as the first 'bad' commit. What does this result signify?

Using Infrastructure as Code: Manage version control with Git Hard
A. The git bisect process failed because it cannot properly analyze merge commits.
B. The bug was caused by a faulty resolution of a merge conflict during the merge.
C. The bug was introduced by the combination of the feature branch and the main branch state at the time of the merge; the bug does not exist on the feature branch itself when viewed in isolation.
D. The bug exists in one of the commits on the feature branch that was merged.