Get Latest Sep-2021 Conduct effective penetration tests using BraindumpQuiz TA-002-P exam [Q25-Q49]

Share

Get Latest [Sep-2021] Conduct effective penetration tests using  BraindumpQuiz TA-002-P

Penetration testers simulate TA-002-P exam PDF

NEW QUESTION 25
What is the name assigned by Terraform to reference this resource?

  • A. main
  • B. teat
  • C. google
  • D. compute_instance

Answer: D

 

NEW QUESTION 26
Terraform can run on Windows or Linux, but it requires a Server version of the Windows operating system.

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 27
State is a requirement for Terraform to function

  • A. True
  • B. False

Answer: A

Explanation:
Explanation
State is a necessary requirement for Terraform to function. It is often asked if it is possible for Terraform to work without state, or for Terraform to not use state and just inspect cloud resources on every run.
Purpose of Terraform State
State is a necessary requirement for Terraform to function. It is often asked if it is possible for Terraform to work without state, or for Terraform to not use state and just inspect cloud resources on every run. This page will help explain why Terraform state is required.
As you'll see from the reasons below, state is required. And in the scenarios where Terraform may be able to get away without state, doing so would require shifting massive amounts of complexity from one place (state) to another place (the replacement concept).
1. Mapping to the Real World
Terraform requires some sort of database to map Terraform config to the real world. When you have a resource resource "aws_instance" "foo" in your configuration, Terraform uses this map to know that instance i- abcd1234 is represented by that resource.
For some providers like AWS, Terraform could theoretically use something like AWS tags. Early prototypes of Terraform actually had no state files and used this method. However, we quickly ran into problems. The first major issue was a simple one: not all resources support tags, and not all cloud providers support tags.
Therefore, for mapping configuration to resources in the real world, Terraform uses its own state structure.
2. Metadata
Alongside the mappings between resources and remote objects, Terraform must also track metadata such as resource dependencies.
Terraform typically uses the configuration to determine dependency order. However, when you delete a resource from a Terraform configuration, Terraform must know how to delete that resource. Terraform can see that a mapping exists for a resource not in your configuration and plan to destroy. However, since the configuration no longer exists, the order cannot be determined from the configuration alone.
To ensure correct operation, Terraform retains a copy of the most recent set of dependencies within the state.
Now Terraform can still determine the correct order for destruction from the state when you delete one or more items from the configuration.
One way to avoid this would be for Terraform to know a required ordering between resource types. For example, Terraform could know that servers must be deleted before the subnets they are a part of. The complexity for this approach quickly explodes, however: in addition to Terraform having to understand the ordering semantics of every resource for every cloud, Terraform must also understand the ordering across providers.
Terraform also stores other metadata for similar reasons, such as a pointer to the provider configuration that was most recently used with the resource in situations where multiple aliased providers are present.
3. Performance
In addition to basic mapping, Terraform stores a cache of the attribute values for all resources in the state. This is the most optional feature of Terraform state and is done only as a performance improvement.
When running a terraform plan, Terraform must know the current state of resources in order to effectively determine the changes that it needs to make to reach your desired configuration.
For small infrastructures, Terraform can query your providers and sync the latest attributes from all your resources. This is the default behavior of Terraform: for every plan and apply, Terraform will sync all resources in your state.
For larger infrastructures, querying every resource is too slow. Many cloud providers do not provide APIs to query multiple resources at once, and the round trip time for each resource is hundreds of milliseconds. On top of this, cloud providers almost always have API rate limiting so Terraform can only request a certain number of resources in a period of time. Larger users of Terraform make heavy use of the -refresh=false flag as well as the -target flag in order to work around this. In these scenarios, the cached state is treated as the record of truth.
4. Syncing
In the default configuration, Terraform stores the state in a file in the current working directory where Terraform was run. This is okay for getting started, but when using Terraform in a team it is important for everyone to be working with the same state so that operations will be applied to the same remote objects.
Remote state is the recommended solution to this problem. With a fully-featured state backend, Terraform can use remote locking as a measure to avoid two or more different users accidentally running Terraform at the same time, and thus ensure that each Terraform run begins with the most recent updated state.

 

NEW QUESTION 28
A colleague has informed you that a new version of a Terraform module that your team hosts on an Amazon S3 bucket is broken. The Amazon S3 bucket has versioning enabled. Your colleague tells you to make sure you are not using the latest version in your configuration. You have the following configuration block in your code that refers to the module:
module "infranet" { source = "s3::https://s3-us-west-2.amazonaws.com/infrabucket/infra_module.zip"} What is the best way to ensure that you are not using the latest version of the module?

  • A. Delete the latest version of the module in S3 to rollback to the previous version.
  • B. Add a version property to the module in Terraform's state file and specify a previous version.
  • C. Add a module version constraint in your configuration's backend block and specify a previous version.
  • D. Add a version key to the module configuration and specify a previous version.

Answer: A

Explanation:
Only Terraform Registries support module versioning by using the version key, one cannot configure a previous version of the module in the configuration. Deleting the latest version of the module in S3 is the only option of the available options that ensures you won't use the latest version. You could also modify the source URL to specify a versionId URL parameter for a previous version.
https://www.terraform.io/docs/configuration/modules.html#source

 

NEW QUESTION 29
Jim has created several AWS resources from a single terraform configuration file. Someone from his team has manually modified one of the EC2 instance.
Now to discard the manual change, Jim wants to destroy and recreate the EC2 instance. What is the best way to do it?

  • A. terraform destroy
  • B. terraform recreate
  • C. terraform refresh
  • D. terraform taint

Answer: D

Explanation:
Explanation
The terraform taint command manually marks a Terraform-managed resource as tainted, forcing it to be destroyed and recreated on the next apply.
This command will not modify infrastructure, but does modify the state file in order to mark a resource as tainted. Once a resource is marked as tainted, the next plan will show that the resource will be destroyed and recreated and the next apply will implement this change.
Forcing the recreation of a resource is useful when you want a certain side effect of recreation that is not visible in the attributes of a resource. For example: re-running provisioners will cause the node to be different or rebooting the machine from a base image will cause new startup scripts to run.
Note that tainting a resource for recreation may affect resources that depend on the newly tainted resource. For example, a DNS resource that uses the IP address of a server may need to be modified to reflect the potentially new IP address of a tainted server. The plan command will show this if this is the case.
This example will taint a single resource:
$ terraform taint aws_security_group.allow_all
The resource aws_security_group.allow_all in the module root has been marked as tainted.
https://www.terraform.io/docs/commands/taint.html

 

NEW QUESTION 30
Every region in AWS has a different AMI ID for Linux and these are keep on changing. What is the best approach to create the EC2 instances that can deal with different AMI IDs based on regions?

  • A. Use data source aws_ami.
  • B. Create different configuration file for different region.
  • C. Create a map of region to ami id.
  • D. None of the above

Answer: A

Explanation:
Explanation
https://www.terraform.io/docs/configuration/data-sources.html

 

NEW QUESTION 31
Only the user that generated a plan may apply it.

  • A. True
  • B. False

Answer: A

Explanation:
Explanation
The optional -out argument can be used to save the generated plan to a file for later execution with terraform apply, which can be useful when running Terraform in automation.
Reference: https://learn.hashicorp.com/tutorials/terraform/automate-terraform

 

NEW QUESTION 32
What is the default backend for Terraform?

  • A. gcs
  • B. consul
  • C. etcd
  • D. local

Answer: D

Explanation:
By default, Terraform uses the "local" backend, which is the normal behavior of Terraform you're used to.
https://www.terraform.io/docs/backends/index.html

 

NEW QUESTION 33
Provider dependencies are created in several different ways. Select the valid provider dependencies from the following list: (select three)

  • A. Existence of any resource instance belonging to a particular provider in the current state.
  • B. Explicit use of a provider block in configuration, optionally including a version constraint.
  • C. Existence of any provider plugins found locally in the working directory.
    Explanation
    The existence of a provider plugin found locally in the working directory does not itself create a provider dependency. The plugin can exist without any reference to it in the terraform configuration. https://www.terraform.io/docs/commands/providers.html
  • D. Use of any resource belonging to a particular provider in a resource or data block in configuration.

Answer: A,B,D

 

NEW QUESTION 34
You cannot publish your own modules on the Terraform Registry.

  • A. False
  • B. True

Answer: A

Explanation:
https://www.terraform.io/docs/registry/modules/publish.html

 

NEW QUESTION 35
The terraform.tfstate file always matches your currently built infrastructure.

  • A. False
  • B. True

Answer: A

 

NEW QUESTION 36
When using constraint expressions to signify a version of a provider, which of the following are valid provider versions that satisfy the expression found in the following code snippet: (select two)
1. terraform
2. {
3. required_providers
4. {
5. aws = "~> 1.2.0"
6. }
7. }

  • A. 1.2.3
  • B. 1.2.9
  • C. 1.3.1
  • D. 1.3.0

Answer: A,B

Explanation:
As your Terraform usage becomes more advanced, there are some cases where you may need to modify the Terraform state. Rather than modify the state directly, the terraform state commands can be used in many cases instead. This command is a nested subcommand, meaning that it has further subcommands.
https://www.terraform.io/docs/commands/state/index.html

 

NEW QUESTION 37
True or False: A list(...) contain a number of values of the same type while an object(...) can contain a number of values of different types.

  • A. True
  • B. False

Answer: A

Explanation:
Collection Types
A collection type allows multiple values of one other type to be grouped together as a single value. The type of value within a collection is called its element type. All collection types must have an element type, which is provided as the argument to their constructor.
For example, the type list(string) means "list of strings", which is a different type than list(number), a list of numbers. All elements of a collection must always be of the same type.
The three kinds of collection type in the Terraform language are:
* list(...): a sequence of values identified by consecutive whole numbers starting with zero.
The keyword list is a shorthand for list(any), which accepts any element type as long as every element is the same type. This is for compatibility with older configurations; for new code, we recommend using the full form.
* map(...): a collection of values where each is identified by a string label.
The keyword map is a shorthand for map(any), which accepts any element type as long as every element is the same type. This is for compatibility with older configurations; for new code, we recommend using the full form.
* set(...): a collection of unique values that do not have any secondary identifiers or ordering.
https://www.terraform.io/docs/configuration/types.html
Structural Types
A structural type allows multiple values of several distinct types to be grouped together as a single value. Structural types require a schema as an argument, to specify which types are allowed for which elements.
The two kinds of structural type in the Terraform language are:
* object(...): a collection of named attributes that each have their own type.
The schema for object types is { <KEY> = <TYPE>, <KEY> = <TYPE>, ... } - a pair of curly braces containing a comma-separated series of <KEY> = <TYPE> pairs. Values that match the object type must contain all of the specified keys, and the value for each key must match its specified type. (Values with additional keys can still match an object type, but the extra attributes are discarded during type conversion.)
* tuple(...): a sequence of elements identified by consecutive whole numbers starting with zero, where each element has its own type.
The schema for tuple types is [<TYPE>, <TYPE>, ...] - a pair of square brackets containing a comma-separated series of types. Values that match the tuple type must have exactly the same number of elements (no more and no fewer), and the value in each position must match the specified type for that position.
For example: an object type of object({ name=string, age=number }) would match a value like the following:
{
name = "John"
age = 52
}
Also, an object type of object({ id=string, cidr_block=string }) would match the object produced by a reference to an aws_vpc resource, like aws_vpc.example_vpc; although the resource has additional attributes, they would be discarded during type conversion.
Finally, a tuple type of tuple([string, number, bool]) would match a value like the following:
["a", 15, true]
https://www.terraform.io/docs/configuration/types.html

 

NEW QUESTION 38
Which of the following Terraform commands will automatically refresh the state unless supplied with additional flags or arguments? Choose TWO correct answers.

  • A. terraform plan
  • B. terraform state
  • C. terraform output
  • D. terraform validate
  • E. terraform apply

Answer: A,E

 

NEW QUESTION 39
Which of the following is not a valid string function in Terraform?

  • A. slice
  • B. split
  • C. join
  • D. chomp

Answer: D

 

NEW QUESTION 40
You have created 2 workspaces PROD and RQA. You have switched to RQA and provisioned RQA infrastructure from this workspace. Where is your state file stored?

  • A. terraform.tfstate.d
  • B. terraform.tfstate
  • C. terraform.tfstate.RQA
  • D. terraform.d

Answer: A

 

NEW QUESTION 41
In the example below, the depends_on argument creates what type of dependency?

  • A. internal dependency
  • B. explicit dependency
  • C. implicit dependency
  • D. non-dependency resource

Answer: B

 

NEW QUESTION 42
Anyone can publish and share modules on the Terraform Public Module Registry, and meeting the requirements for publishing a module is extremely easy. Select from the following list all valid requirements. (select three)

  • A. The module must be PCI/HIPPA compliant.
  • B. The module must be on GitHub and must be a public repo.
    Explanation
    https://www.terraform.io/docs/registry/modules/publish.html#requirements
  • C. The registry uses tags to identify module versions.
  • D. Module repositories must use this three-part name format, terraform-- .
  • E. Release tag names must be for the format x.y.z, and can optionally be prefixed with a v .

Answer: B,C,E

 

NEW QUESTION 43
When using parent/child modules to deploy infrastructure, how would you export a value from one module to import into another module.
For example, a module dynamically deploys an application instance or virtual machine, and you need the IP address in another module to configure a related DNS record in order to reach the newly deployed application.

  • A. Export the value using terraform export and input the value using terraform input.
  • B. Configure an output value in the application module in order to use that value for the DNS module.
  • C. Preconfigure the IP address as a parameter in the DNS module.
  • D. Configure the pertinent provider's configuration with a list of possible IP addresses to use.

Answer: B

Explanation:
Explanation
Output values are like the return values of a Terraform module, and have several uses:
* A child module can use outputs to expose a subset of its resource attributes to a parent module.
* A root module can use outputs to print certain values in the CLI output after running terraform apply.
* When using remote state, root module outputs can be accessed by other configurations via a terraform_remote_state data source.
https://www.terraform.io/docs/configuration/outputs.html

 

NEW QUESTION 44
John is writing a module and within the module, there are multiple places where he has to use the same conditional expression but he wants to avoid repeating the same values or expressions multiple times in a configuration,. What is a better approach to dealing with this?

  • A. Local Values
  • B. Variables
  • C. Expressions
  • D. Functions

Answer: A

Explanation:
A local value assigns a name to an expression, allowing it to be used multiple times within a module without repeating it.
https://www.terraform.io/docs/configuration/locals.html

 

NEW QUESTION 45
Your company has a lot of workloads in AWS , and Azure that were respectively created using CloudFormation , and AzureRM Templates. However , now your CIO has decided to use Terraform for all new projects , and has asked you to check how to integrate the existing environment with terraform code.
What should be your next plan of action?

  • A. Use terraform import command to import each resource one by one .
  • B. Just write the terraform config file for the new resources , and run terraform apply , the state file will automatically be updated with the details of the new resources to be imported.
  • C. This is only possible in Terraform Enterprise , which has the TerraformConverter exe that can take any other template language like AzureRM and convert to Terraform code.
  • D. Tell the CIO that this is not possible . Resources created in CloudFormation , and AzureRM templates cannot be tracked using terraform.

Answer: A

 

NEW QUESTION 46
By default, where does Terraform store its state file?

  • A. shared directory
  • B. Amazon S3 bucket
  • C. remotely using Terraform Cloud
  • D. current working directory
    Explanation
    By default, the state file is stored in a local file named "terraform.tfstate", but it can also be stored remotely, which works better in a team environment.

Answer: D

 

NEW QUESTION 47
What is the name of the default file where Terraform stores the state?
Type your answer in the field provided. The text field is not case-sensitive and all variations of the correct answer are accepted.

Answer:

Explanation:
Terraformtfstate

 

NEW QUESTION 48
What are some of the problems of how infrastructure was traditionally managed before Infrastructure as Code? (select three)

  • A. Requests for infrastructure or hardware required a ticket, increasing the time required to deploy applications
  • B. Traditionally managed infrastructure can't keep up with cyclic or elastic applications
  • C. Traditional deployment methods are not able to meet the demands of the modern business where resources tend to live days to weeks, rather than months to years
  • D. Pointing and clicking in a management console is a scalable approach and reduces human error as businesses are moving to a multi-cloud deployment model

Answer: A,B,C

Explanation:
Businesses are making a transition where traditionally-managed infrastructure can no longer meet the demands of today's businesses. IT organizations are quickly adopting the public cloud, which is predominantly API-driven. To meet customer demands and save costs, application teams are architecting their applications to support a much higher level of elasticity, supporting technology like containers and public cloud resources. These resources may only live for a matter of hours; therefore the traditional method of raising a ticket to request resources is no longer a viable option Pointing and clicking in a management console is NOT scale and increases the change of human error.

 

NEW QUESTION 49
......

Tested Material Used To TA-002-P Test Engine: https://www.braindumpquiz.com/TA-002-P-exam-material.html

Steps Necessary To Pass The TA-002-P Exam: https://drive.google.com/open?id=1fj6LfrMHgvaYhondHEO5avIvKzlHqIf0