Bash, the Crucial Exams Chat Bot
AI Bot
Infrastructure as Code (IaC) Practices Flashcards
CompTIA AutoOps+ AT0-001 Flashcards
Study our Infrastructure as Code (IaC) Practices flashcards for the CompTIA AutoOps+ AT0-001 exam with 44+ flashcards. View as flashcards, a searchable table, or as a fun matching game.
| Front | Back |
| Declarative vs Imperative IaC difference | Declarative describes desired state Imperative describes steps to reach state |
| Explain plan then apply workflow | Generate a plan to preview changes then apply after review to avoid surprises |
| Give an example of a remote state backend | AWS S3 with state locking via DynamoDB |
| Give an example of an IaC unit test | Validate module input validation and generated resource attributes with a test harness |
| Give examples of secret management backends | HashiCorp Vault AWS Secrets Manager and Azure Key Vault |
| How can you detect drift | Use plan or refresh commands scheduled scans and resource drift APIs |
| How do IaC tools implement idempotence | Compare current state to desired state and apply only required changes |
| How to handle provider credentials in CI | Use short lived credentials environment injection and least privilege IAM roles |
| How to manage secrets in IaC | Reference external secret stores avoid hardcoding and use encryption and access controls |
| How to perform safe rollbacks | Use versioned modules immutable artifacts and automated rollback procedures with tested playbooks |
| How to structure IaC repositories | Monorepo for simpler coordination or multiple repos for isolation with clear module registries |
| List three module design principles | Single responsibility clear inputs minimal side effects and versioned interfaces |
| Name a static analysis tool for Terraform | TFLint or Checkov |
| Name three benefits of IaC | Repeatability version control auditability and automation for faster reliable deployments |
| What are common drift remediation strategies | Reapply desired configuration notify operators or rebuild affected resources |
| What are IaC testing levels | Unit testing integration testing and end to end testing |
| What are provider plugins in Terraform | Components that translate resource types to cloud provider APIs |
| What does idempotence mean in IaC | Applying the same configuration multiple times produces the same result without unintended changes |
| What does tainting a resource do | Marks resource for destruction and recreation on next apply |
| What is a change review checklist for IaC | Verify intent state impact cost security compliance and rollback plan |
| What is a drift detection automation tip | Schedule periodic plan or refresh jobs with alerting for unexpected changes |
| What is a module registry | Centralized storage for versioned reusable modules to share across teams |
| What is an IaC module or reusable component | Encapsulated configuration that can be reused with inputs and outputs |
| What is an integration test for IaC | Provision resources in a sandbox and verify connectivity and configuration |
| What is drift in infrastructure configuration | When real world resources diverge from declared configuration |
| What is drift remediation as code | Automated processes that detect drift and either reconcile or open tracked changes |
| What is end to end testing for IaC | Deploy full stack and run application level acceptance tests |
| What is graph based dependency resolution | IaC tool analyzes resource dependencies to create correct create update and delete order |
| What is immutability testing | Validate that replacing resources yields consistent expected behavior without data loss |
| What is immutable infrastructure | Replace resources instead of mutating them to reduce configuration drift and simplify rollbacks |
| What is Infrastructure as Code IaC | Managing infrastructure using machine readable definitions to automate provisioning and configuration |
| What is resource targeting and why be cautious | Applying changes to specific resources can skip dependencies and cause inconsistent state |
| What is semantic versioning for modules | Using MAJOR.MINOR.PATCH to communicate breaking changes new features and fixes |
| What is state locking and why is it important | Prevents concurrent runs from corrupting state during updates |
| What is state management in IaC | Tracking infrastructure resources metadata to map configuration to real world resources |
| What is the role of feature branches and PRs in IaC | Enable peer review and automated plan validation before merging changes |
| When to use mutable infrastructure | Small changes during development or when replacement cost is high |
| Why avoid excessive interpolation and templates | Complex templating increases cognitive load and risk of subtle runtime errors |
| Why encrypt state files | State contains sensitive data and resource identifiers that must be protected at rest |
| Why include IaC in CI pipelines | Automate validation testing linting and plan generation to catch issues early |
| Why pin module and provider versions | Ensure reproducible deployments and avoid unexpected breaking changes |
| Why run linters on IaC | Find security misconfigurations style issues and early logic errors |
| Why run plan approvals in a gate | Prevent accidental destructive changes and require human review for risk mitigation |
| Why use a remote state backend | Shared locking collaboration and centralized state for teams |
About the Flashcards
Flashcards for the CompTIA AutoOps+ exam reinforce the skills you need to design, implement, and maintain Infrastructure as Code solutions. Each card distills definitions, comparisons, and key benefits of IaC, from declarative versus imperative approaches to the role of idempotence and immutable infrastructure, helping you quickly recall essential terminology on test day.
Questions also explore state files, remote backends, drift detection, and graph-based dependency planning, ensuring you understand how IaC tools manage real-world resources. Coverage of modules, semantic versioning, testing levels, static analysis, secrets handling, and CI/CD workflows prepares you to evaluate security, reliability, and collaboration practices in complex cloud environments.
Topics covered in this flashcard deck:
- Infrastructure as Code basics
- State management & drift
- Modules & versioning
- Testing & static analysis
- Secrets and security
- CI/CD workflows