Unit 5 - Practice Quiz

INT332 60 Questions
0 Correct 0 Wrong 60 Left
0/60

1 What is the primary purpose of workflow automation in GitHub Actions?

Understanding workflow automation Easy
A. To automatically write source code for developers
B. To automate software development processes like Continuous Integration and Deployment (CI/CD)
C. To manually review all code changes
D. To host virtual servers for database storage

2 In which directory must GitHub Actions workflow files be stored to be recognized by GitHub?

workflow directory structure Easy
A. .github/workflows
B. /src/workflows
C. .actions/config
D. /github/actions

3 What file format is used to define GitHub Actions workflows?

Key components: workflows Easy
A. YAML
B. HTML
C. XML
D. JSON

4 Which GitHub Actions component provides the virtual server environment where jobs are executed?

Key components: jobs, steps, actions, runners Easy
A. Runner
B. Step
C. Action
D. Trigger

5 Which event keyword is used to allow a workflow to be triggered manually from the GitHub UI?

Workflow triggers: push, pull request, schedule, manual workflow Easy
A. manual_run
B. push
C. workflow_dispatch
D. schedule

6 What is a matrix strategy used for in GitHub Actions?

Jobs & matrix strategies Easy
A. To run tests across multiple combinations of operating systems or programming language versions simultaneously
B. To automatically fix bugs in the code
C. To format the output logs into a grid
D. To encrypt secrets and passwords

7 Which keyword is used inside a workflow step to execute a shell command?

Steps & shell commands Easy
A. cmd:
B. execute:
C. shell:
D. run:

8 Where can developers browse and find pre-built actions created by the community?

Using marketplace actions Easy
A. Docker Hub
B. GitHub Discussions
C. GitHub Marketplace
D. GitHub Wiki

9 Which widely used action sets up a Node.js environment in a workflow?

Language-specific actions Easy
A. actions/setup-node
B. actions/install-npm
C. actions/js-env
D. actions/run-node

10 Why is caching used in GitHub Actions workflows?

Using caching for faster builds Easy
A. To permanently store the final production code
B. To hide source code from unauthorized users
C. To pause a workflow execution until a certain time
D. To speed up workflow execution times by reusing dependencies

11 By default, how do multiple jobs in a single GitHub Actions workflow execute?

Multi-job workflows Easy
A. Sequentially, one after another
B. Alphabetically by job name
C. In random order
D. In parallel (simultaneously)

12 What is a GitHub-hosted runner?

Runners: GitHub-hosted runners Easy
A. A local machine maintained by a developer
B. A virtual machine managed, maintained, and updated by GitHub
C. A cloud storage bucket
D. An on-premise physical server

13 What is a primary advantage of using a self-hosted runner over a GitHub-hosted runner?

Runners:Self-hosted runners Easy
A. It automatically writes workflows for you
B. It provides full control over the hardware, operating system, and software tools
C. It is completely free of configuration effort
D. It runs 100 times faster by default

14 Why is it generally considered unsafe to use self-hosted runners on public repositories?

Runner security & management Easy
A. Because they cannot connect to the internet
B. Because public repositories do not support self-hosted runners
C. Because malicious pull requests could execute harmful code on your infrastructure
D. Because they run too slowly for open-source projects

15 Which shell command is typically executed in a workflow step to build a Docker image?

Docker & GitHub Actions: Building Docker images in CI Easy
A. docker pull
B. docker push
C. docker start
D. docker build

16 What must be configured in GitHub before an Action can successfully push a new image to Docker Hub?

Pushing to Docker Hub Easy
A. A manual approval rule
B. Authentication credentials stored securely as GitHub Secrets
C. A GitHub Pages website
D. A self-hosted runner

17 What domain name is used to access the GitHub Container Registry (GHCR)?

Pushing to GitHub Container Registry (GHCR) Easy
A. registry.github.io
B. ghcr.io
C. hub.github.com
D. docker.github.com

18 In GitHub Actions, what defines an 'event'?

Events, triggers Easy
A. A notification sent to the developer's email
B. A scheduled meeting for the development team
C. A specific activity or occurrence in the repository that triggers a workflow
D. The final successful completion of a deployment

19 How should sensitive information like cloud API keys and deployment passwords be managed in GitHub Actions?

Deploying to servers/cloud using Actions Easy
A. Committed in a text file named passwords.txt
B. Printed in the workflow logs for easy access
C. Stored in plain text inside the workflow YAML file
D. Saved securely as encrypted GitHub Secrets

20 Which trigger uses POSIX cron syntax to run a workflow at specific times?

Workflow triggers: push, pull request, schedule, manual workflow Easy
A. cron_run
B. clock
C. timer
D. schedule

21 To ensure GitHub recognizes a YAML file as an Actions workflow, in which specific directory path relative to the repository root must it be placed?

Events, triggers, workflow directory structure Medium
A. .github/actions/
B. .actions/workflows/
C. workflows/
D. .github/workflows/

22 Which event trigger should you configure in a GitHub Actions workflow to allow users to manually trigger the workflow from the GitHub Actions tab, optionally providing input parameters?

Workflow triggers: push, pull request, schedule, manual workflow Medium
A. manual_run
B. workflow_dispatch
C. push
D. repository_dispatch

23 You need to test your Node.js application against Node versions 14, 16, and 18 on both ubuntu-latest and windows-latest. How many total job executions will a standard matrix strategy create for this configuration?

Jobs & matrix strategies Medium
A. 5
B. 2
C. 6
D. 3

24 In a multi-job workflow, Job B requires the output or successful completion of Job A before it can start. Which keyword is used in the configuration for Job B to enforce this dependency?

Multi-job workflows Medium
A. needs
B. after
C. depends_on
D. requires

25 When using the actions/cache action to speed up builds by caching dependencies, which input parameter is mandatory to accurately determine if the cache needs to be invalidated or restored?

Using caching for faster builds Medium
A. hashFiles
B. restore-keys
C. path
D. key

26 If you want to execute a multi-line shell script within a single step in a GitHub Actions workflow, how should you format the run keyword in the YAML file?

Steps & shell commands Medium
A. script:
B. run: >
C. run: |
D. execute: -

27 When referencing a third-party action from the GitHub Marketplace in your workflow, how do you pin the action to a specific immutable release to prevent breaking changes?

Using marketplace actions Medium
A. By appending :<version-number> to the action name
B. By appending @<commit-SHA> to the action name
C. By using the version: keyword under the action
D. By using the release: keyword under the action

28 What is a primary reason a DevOps team might choose to deploy a self-hosted runner instead of using a GitHub-hosted runner?

Runners:Self-hosted runners Medium
A. To utilize GitHub's automatic OS patching mechanisms
B. To reduce the configuration time of setting up the CI environment
C. To access resources securely inside a private corporate network or VPC
D. To ensure a completely clean, ephemeral environment for every single job

29 Which of the following accurately describes the environment of a standard GitHub-hosted runner for Ubuntu?

Runners: GitHub-hosted runners Medium
A. It runs entirely in the browser using WebAssembly.
B. It is a shared virtual machine where multiple workflows from different repositories run concurrently.
C. It is a fresh virtual machine for each job execution that is discarded after the job completes.
D. It is a persistent container where state is maintained across different job executions.

30 Why is it considered a severe security risk to attach a self-hosted runner to a public repository without specific safeguards?

Runner security & management Medium
A. Because self-hosted runners automatically grant admin access to the GitHub repository.
B. Because malicious users can submit pull requests that execute untrusted code directly on your local infrastructure.
C. Because the runner's IP address will be broadcasted to all GitHub users.
D. Because GitHub charges excess usage fees for public repos using self-hosted runners.

31 When building a Docker image using GitHub Actions, which action is standardly used to set up Docker Buildx, allowing for advanced features like multi-platform builds?

Docker & GitHub Actions: Building Docker images in CI Medium
A. actions/docker-build
B. docker/setup-buildx-action
C. docker/login-action
D. docker/build-push-action

32 When authenticating a workflow to push a Docker image to the GitHub Container Registry (GHCR), which credential is automatically provided by GitHub Actions and recommended for use?

Pushing to GitHub Container Registry (GHCR) Medium
A. ${{ secrets.DOCKER_PASSWORD }}
B. ${{ env.GHCR_TOKEN }}
C. ${{ github.personal_access_token }}
D. ${{ secrets.GITHUB_TOKEN }}

33 How should a DevOps engineer securely pass static cloud provider credentials (like AWS Access Keys) into a GitHub Actions deployment workflow?

Deploying to servers/cloud using Actions Medium
A. Hardcode them into the workflow file but restrict read access to the repository
B. Pass them as plain-text parameters via the workflow_dispatch trigger
C. Store them in a .env file and commit it to the repository
D. Store them as encrypted Repository Secrets and reference them using ${{ secrets.SECRET_NAME }}

34 In the GitHub Actions hierarchy, what is the correct relationship between jobs, steps, and workflows?

Key components: jobs, steps, actions, runners Medium
A. A workflow contains one or more jobs; a job contains one or more steps.
B. A job contains one or more workflows; a workflow contains one or more steps.
C. A step contains one or more jobs; a job contains one or more workflows.
D. A workflow contains one or more steps; a step contains one or more jobs.

35 Before using docker/build-push-action to push an image to Docker Hub, which step must be executed in the workflow?

Pushing to Docker Hub Medium
A. Push the image to GHCR first to create an intermediary cache.
B. Configure a self-hosted runner since GitHub-hosted runners cannot push to Docker Hub.
C. Install Docker Desktop on the GitHub runner.
D. Authenticate using docker/login-action with Docker Hub credentials.

36 When configuring a CI workflow for a Python application, what is the primary purpose of using the actions/setup-python action?

Language-specific actions Medium
A. It installs a specific version of Python and adds it to the system PATH.
B. It automatically formats the Python code using black.
C. It runs the pytest test suite automatically.
D. It builds a Docker container running Python.

37 You want to run a workflow every day at midnight UTC using the schedule event. What is the correct cron syntax to define this trigger?

Workflow triggers: push, pull request, schedule, manual workflow Medium
A. cron: '* 0 * * *'
B. cron: '0 0 * * *'
C. cron: '0 * * * *'
D. cron: '0 0 0 * *'

38 When deploying an application to an AWS server using GitHub Actions via OIDC (OpenID Connect), what is the main advantage over using long-lived IAM user credentials?

Deployments to servers/clouds Medium
A. OIDC allows the deployment to run directly on the GitHub Actions runner instead of the AWS server.
B. OIDC uses short-lived, dynamically requested tokens, eliminating the need to store static AWS credentials in GitHub Secrets.
C. OIDC automatically configures the AWS infrastructure using CloudFormation.
D. OIDC bypasses all IAM permissions, resulting in faster deployments.

39 If you define environment variables at the root level of a workflow using the env: keyword, what is the scope of those variables?

Key components: workflows Medium
A. They are only available to jobs running on self-hosted runners.
B. They are available to all jobs and steps within the workflow.
C. They are automatically exported as GitHub Secrets.
D. They are only available to the first job executed in the workflow.

40 Which of the following best describes the core purpose of a Continuous Integration (CI) workflow in GitHub Actions?

Understanding workflow automation Medium
A. To handle user authentication and session management in web applications.
B. To manually provision cloud infrastructure using Terraform scripts.
C. To automatically scale application containers based on user traffic.
D. To automatically build, test, and validate code changes whenever a commit is pushed to a repository.

41 A developer configures a build matrix with 3 operating systems and 3 Node.js versions (9 jobs total). Job 2 fails after 30 seconds. What is the default behavior of the remaining running jobs in the matrix, and how can it be altered to allow independent completion?

Jobs & matrix strategies Hard
A. They are immediately canceled; use ignore-errors: true under the matrix key to allow them to complete.
B. They continue running; use continue-on-error: false to cancel them.
C. They are immediately canceled; use fail-fast: false under the strategy key to allow them to complete.
D. They are paused until manual intervention; use auto-resume: true to continue.

42 You want a workflow to trigger on pushes to the main branch, EXCEPT when the changes are strictly within the docs/ directory. Which of the following YAML configurations achieves this without throwing a syntax or validation error?

Workflow triggers: push, pull request, schedule, manual workflow Hard
A. on: push: branches: [main] paths-ignore: ['docs/**']
B. on: push: branches: [main] exclude: paths: ['docs/**']
C. on: push: branches: [main] paths: ['**'] paths-ignore: ['docs/**']
D. on: push: branches: [main] ignore-paths: ['docs/']

43 When using the actions/cache action, what happens if there is a cache miss for the exact key, but a partial match exists in the restore-keys list?

Using caching for faster builds Hard
A. The action fails the step and proceeds without restoring any cache.
B. The workflow pauses and prompts for manual approval to restore a potentially outdated cache.
C. The partial match is restored, and at the end of the job, the updated cache is saved under the new exact key.
D. The partial match is restored, but the cache is NOT saved at the end of the job to prevent cache poisoning.

44 Why is it considered a severe security risk to use persistent self-hosted runners for public repositories that accept pull requests from forks?

Runner security & management Hard
A. Forked repositories automatically inherit write access to the main repository when using self-hosted runners.
B. Persistent self-hosted runners bypass GitHub's rate limiting, which can result in denial-of-service billing attacks from malicious forks.
C. Forks can trigger workflows that execute arbitrary code, potentially compromising the runner's host environment and persisting malicious payloads for subsequent runs.
D. Self-hosted runners do not support encrypted secrets, exposing API keys to fork authors.

45 To successfully authenticate and push a Docker image to the GitHub Container Registry (ghcr.io) within a GitHub Actions workflow using the default GITHUB_TOKEN, which specific permission must be explicitly granted to the job?

Pushing to GitHub Container Registry (GHCR) Hard
A. docker: push
B. packages: write
C. registry: write
D. contents: write

46 A workflow contains a deployment job configured with environment: production. The production environment in GitHub is set to require a manual reviewer. What happens to the workflow execution while waiting for the reviewer's approval?

Deploying to servers/cloud using Actions Hard
A. The job is temporarily offloaded to a self-hosted runner to save costs while waiting for approval.
B. The job execution is paused and does not consume runner minutes; it waits up to 30 days for approval before being automatically canceled.
C. The workflow proceeds to the next job automatically if the reviewer does not respond within the environment's specified timeout period.
D. The job consumes runner minutes while in the "waiting" state until the timeout limit (default 360 minutes) is reached.

47 Job A generates a dynamic version string and needs to pass it to Job B. How is this correctly achieved in GitHub Actions?

Multi-job workflows Hard
A. Pass the string as a positional argument in the runs-on context of Job B.
B. In Job A, save the string in a workflow artifact. In Job B, use the actions/download-artifact to read it directly into a job-level variable.
C. In Job A, echo the string to {{ needs.JobA.outputs.version }}.
D. In Job A, write the string to {{ env.VERSION }}.

48 When configuring a workflow to deploy to AWS without storing long-lived IAM user credentials as GitHub Secrets, which mechanism should be utilized?

Deployments to servers/clouds Hard
A. GitHub App installation tokens bound to an AWS IAM policy.
B. SSH Agent Forwarding with ephemeral keys.
C. Mutual TLS (mTLS) certificates stored in the GitHub runner's system keystore.
D. OpenID Connect (OIDC) to exchange a short-lived GitHub Actions token for an AWS role assumption.

49 In a bash shell step on an Ubuntu runner, what is the default behavior if a command within a multi-line script fails (returns a non-zero exit code) halfway through the step?

Steps & shell commands Hard
A. The workflow prompts the user to either ignore the error or cancel the run.
B. Execution halts immediately because GitHub Actions runs bash with set -e and pipefail by default, and the step fails.
C. Execution halts immediately, but the job is marked as successful unless exit 1 is explicitly called at the end of the script.
D. The script continues to execute the remaining lines, but the step is marked as failed at the end.

50 A developer places a valid workflow file at .github/actions/deploy.yml. Upon pushing to the repository, the workflow does not trigger. What is the root cause?

Events, triggers, workflow directory structure Hard
A. The directory must be explicitly registered in the repository settings under "Actions".
B. The file must be named main.yml to be recognized as a workflow.
C. Workflows must be placed in the .github/workflows/ directory to be detected and triggered by GitHub.
D. The file extension must be .yaml, as .yml is only supported for composite actions.

51 When building Docker images in CI, optimizing build times is crucial. Using the docker/build-push-action, which caching strategy natively utilizes GitHub Actions' built-in Cache API to store and retrieve Docker layers?

Docker & GitHub Actions: Building Docker images in CI Hard
A. cache-from: type=actions and cache-to: type=actions
B. cache-from: type=registry and cache-to: type=registry
C. cache-from: type=local and cache-to: type=local
D. cache-from: type=gha and cache-to: type=gha

52 You are deploying an application from a GitHub-hosted runner to a corporate database that strictly requires IP whitelisting. Which statement accurately describes the limitation of standard GitHub-hosted runners in this scenario?

Runners: GitHub-hosted runners Hard
A. Standard GitHub-hosted runners do not have static IP addresses, making strict IP whitelisting highly impractical.
B. Standard GitHub-hosted runners only support IPv6, which is incompatible with most legacy corporate databases.
C. Standard GitHub-hosted runners block outbound traffic on non-standard ports (like 3306 or 5432) by default.
D. Standard GitHub-hosted runners share a single, global static IP address, meaning any GitHub user could theoretically access the whitelisted database.

53 A team wants Workflow B to automatically execute only after Workflow A has successfully completed, regardless of whether Workflow A was triggered via a push, schedule, or manual event. Which event trigger should be configured in Workflow B?

Events, triggers, workflow directory structure Hard
A. on: after_workflow: name: ["Workflow A"]
B. on: workflow_run: workflows: ["Workflow A"] types: [completed]
C. on: repository_dispatch: types: [Workflow A_success]
D. on: [workflow_call]

54 When a workflow is triggered by a pull_request event originating from a fork repository, which repository's commit and secrets are used for the workflow execution by default?

Workflow triggers: push, pull request, schedule, manual workflow Hard
A. The workflow automatically prompts a repository admin to approve the run before selecting the source or target context.
B. The target branch's latest commit is checked out, but the workflow is denied access to any secrets to prevent exfiltration.
C. The merge commit of the source and target branch is checked out, and the target repository's secrets are used (excluding pull_request_target).
D. The exact commit of the source branch is checked out, and the fork's secrets are utilized to ensure isolation.

55 In a Node.js workflow using actions/setup-node@v3, how can you configure the action to automatically cache npm dependencies by analyzing the lockfile, thereby bypassing the need for a manual actions/cache step?

Language-specific actions Hard
A. Specify auto-cache: true under the strategy matrix definition.
B. Add npm-cache: true as an environment variable in the job level.
C. Add cache: 'npm' to the with inputs of the setup-node step.
D. The setup-node action caches dependencies by default; no configuration is required.

56 To mitigate supply chain attacks when utilizing third-party actions from the GitHub Marketplace, what is the most secure method for referencing an action in a workflow file?

Using marketplace actions Hard
A. Referencing the action by its full 40-character Git commit SHA.
B. Forking the action and referencing the fork by a mutable tag.
C. Referencing the action by its major version tag (e.g., @v2).
D. Referencing the action by the main or master branch.

57 When configuring automated pushes to Docker Hub using the docker/login-action in a CI pipeline, why is it functionally critical and recommended to use Docker Personal Access Tokens (PATs) instead of the main account password?

Pushing to Docker Hub Hard
A. Docker Hub rate limits are bypassed entirely when authenticating via a PAT compared to standard user credentials.
B. Passwords are automatically exposed in the GitHub Actions runner logs, whereas PATs are masked automatically.
C. PATs allow fine-grained access control, are easily revocable, and bypass 2FA requirements which otherwise block automated CI pipelines.
D. GitHub Actions inherently blocks the transmission of user passwords, failing the workflow if a password string is detected.

58 You are defining a manual workflow using workflow_dispatch. You need to allow the user to select an environment (either dev, staging, or prod) from a dropdown menu. How is this defined in the workflow YAML?

Workflow triggers: push, pull request, schedule, manual workflow Hard
A. Define three separate boolean inputs for each environment and require the user to check only one.
B. Use an input with type: string and provide a regex validation rule pattern: dev|staging|prod.
C. Use an input with type: choice and provide the options in the options array.
D. Use an input with type: dropdown and provide the options as a comma-separated string.

59 A team manages multiple self-hosted runners across different architectures and specialized hardware (e.g., GPUs). How can a specific workflow job strictly and explicitly target a self-hosted runner equipped with a GPU?

Runners:Self-hosted runners Hard
A. Add an environment variable REQUIRE_GPU=true to the job context, which the runner's polling mechanism will filter by.
B. Assign a custom label (e.g., gpu-enabled) to the specific runner, and configure the job with runs-on: [self-hosted, gpu-enabled].
C. Use a matrix strategy to iterate over all runners until one successfully executes a GPU test command.
D. Specify runs-on: self-hosted-gpu and GitHub will automatically detect the hardware capabilities.

60 You have a deployment workflow triggered on every push to the main branch. If multiple developers merge PRs in rapid succession, you want to ensure only one deployment runs at a time and any pending deployments are canceled in favor of the latest push. Which configuration achieves this?

Deploying to servers/cloud using Actions Hard
A. Use the timeout-minutes key to forcefully fail older jobs if a newer job enters the queue.
B. Use the concurrency key at the workflow level, defining a group name and setting cancel-in-progress: true.
C. Use max-parallel: 1 at the job level.
D. Set queue: true and strategy: override in the deployment job configuration.