50 Oracle Cloud Infrastructure 2025 DevOps Professional Practice Questions: Question Bank 2025

A team wants to store application source code in OCI with branch protections, pull requests, and tight integration to OCI DevOps build pipelines. Which OCI DevOps component best fits this requirement?

You need a CI pipeline to build a container image, run unit tests, then push the image to OCI Container Registry (OCIR). Which OCI DevOps feature is primarily responsible for orchestrating these build steps?

A platform team wants to provision identical OCI networking and compute resources across multiple compartments using code, with state tracking and the ability to re-apply changes. Which OCI service is the best fit?

Your application team wants to be alerted when CPU utilization of an OCI Compute instance exceeds a threshold for 5 minutes. Which OCI capability should you use?

A DevOps project needs to deploy to two separate environments (dev and prod) where each environment uses different target compute instance pools and different configuration values. What is the recommended OCI DevOps approach?

A company must ensure that build runners used by OCI DevOps can reach private resources (private Git server mirror, private package repo) without exposing those endpoints to the internet. Which design is most appropriate?

Your Terraform code in Resource Manager intermittently fails because two teams can launch jobs against the same stack at the same time, causing state locking conflicts. What is the best practice to prevent this?

An application writes logs to OCI Logging. The operations team wants near-real-time detection of specific error patterns and to trigger an automated remediation workflow. Which OCI design best supports this requirement?

A security team requires that production deployments can only be triggered after an approval step, and that approvals are auditable and tied to OCI identities. How should you design this in OCI DevOps?

After a deployment, an OCI Compute instance pool begins flapping: instances are created and terminated repeatedly. Metrics show the pool is attempting to maintain size, but instances fail health checks shortly after boot. You suspect a misconfiguration introduced by the last infrastructure change. What is the most effective first step to troubleshoot using OCI-native capabilities?

Your team wants to enforce that every OCI DevOps build pipeline runs with the same set of environment variables and build steps across multiple projects. You also want to centrally update the shared logic without editing each pipeline. What is the best approach?

A developer reports that an OCI DevOps deployment to an Instance Group fails with an authorization error when pulling an artifact from OCI Artifact Registry. The same deployment works from a different environment. What is the most likely cause?

You need an OCI DevOps deployment that first updates the backend service, then shifts traffic gradually, and automatically rolls back if health checks fail. Which deployment strategy best matches this requirement?

A Terraform apply from an OCI DevOps pipeline intermittently fails with errors indicating the state is locked or being modified by another process. Your team wants to prevent concurrent runs from corrupting state. What is the best solution?

You want to allow an OCI DevOps build pipeline to push images to OCI Container Registry (OCIR) without storing long-lived user credentials in pipeline variables. What is the recommended approach?

After a new release, application latency increases only in one region. You need to quickly correlate deployment events with changes in performance and error rates. Which combination is most appropriate in OCI?

A security requirement states that production deployments must be approved by a different group than the developers who triggered the pipeline. What is the best way to implement this in OCI DevOps?

You manage multiple microservices and want to standardize CI so each service runs unit tests, security scans, and publishes artifacts. However, some services are in different compartments with separate DevOps projects. Which design best balances standardization and compartment isolation?

A Terraform-based pipeline provisions networking and compute successfully, but application deployment fails because the instances cannot reach a required OCI service endpoint. The VCN uses private subnets with no internet gateway. What is the most likely missing component?

Your organization wants all OCI resources created by Terraform to include mandatory tags and to block noncompliant deployments across all DevOps projects. What is the most robust approach?

Your team wants to prevent accidental deployments to production from feature branches. In OCI DevOps, what is the MOST appropriate control to enforce this?

A build in an OCI DevOps build pipeline needs to download a private dependency from an external system using a token. The security team requires that the token is never stored in code or build logs. What is the BEST approach?

An application deployed on OCI computes starts failing only in the deployment stage, and you need to quickly identify which step in the deployment pipeline introduced the failure. What is the MOST direct first place to look in OCI DevOps?

Your organization uses Terraform to provision OCI resources. Multiple teams collaborate, and you must avoid state corruption while enabling safe concurrent work. Which approach is MOST appropriate?

You are designing a deployment strategy using OCI DevOps to reduce downtime for a stateless microservice behind an OCI Load Balancer. Which deployment approach is MOST suitable?

A deployment to an OCI Container Engine for Kubernetes (OKE) cluster fails with an authorization error when applying Kubernetes manifests. The pipeline uses an OCI DevOps deployment stage configured for OKE. What is the MOST likely cause?

You need to monitor a canary deployment and automatically halt further rollout if error rates exceed a threshold for 5 minutes. Which OCI capability BEST supports this pattern?

A regulated workload requires that build artifacts are immutable, versioned, and can be proven to come from an approved build pipeline. Which design provides the STRONGEST end-to-end assurance in OCI?

Your Terraform apply in a pipeline consistently fails when creating IAM policies due to eventual consistency (resources not immediately available). You want a reliable, automated mitigation without manual retries. What is the BEST solution?

A multi-tenant platform uses a single OKE cluster with separate namespaces per tenant. You must ensure that a DevOps deployment pipeline for Tenant A cannot deploy to Tenant B’s namespace, even if a manifest is modified. What is the MOST effective control?

A team wants every OCI DevOps build run to have identical dependencies across developers and the CI system to reduce "works on my machine" issues. Which approach is most appropriate?

You need to allow an OCI DevOps build pipeline to pull source code from an OCI Code Repository and push a container image to OCIR. Which is the recommended security approach?

A Terraform plan in an OCI DevOps pipeline fails because resources already exist in the target compartment and are not in state. What is the best next step to bring them under Terraform management without recreating them?

Your application team wants to quickly identify which deployment introduced an increase in 5xx errors. What is the most effective practice to enable this in OCI Monitoring/Logging?

A microservice is deployed to two environments (dev and prod) using the same OCI DevOps deployment pipeline. The team wants environment-specific values (endpoints, feature flags) without duplicating the pipeline. What is the best solution?

A build pipeline can successfully push an image to OCIR, but the deployment fails when the runtime (OKE) tries to pull the image. What is the most likely missing configuration?

Your organization uses multiple compartments for isolation. A central platform team wants to manage OCI DevOps projects while application teams deploy into their own compartments. Which design best supports this operating model?

A Terraform-based pipeline intermittently fails with "provider produced inconsistent result" and "state lock" errors when multiple branches run concurrently. What is the best mitigation?

You must design a release process that supports automatic rollback when a canary deployment shows increased latency. The solution must minimize blast radius and use measurable signals. Which approach best meets the requirement?

A security requirement states that deployment artifacts must be provably produced by an approved pipeline and must not be modifiable between build and deploy. Which design best satisfies this end-to-end integrity requirement in OCI DevOps?

You are designing an OCI DevOps deployment pipeline for a microservice that must be promoted through dev, test, and prod. Each environment uses a different Dynamic Group and IAM policy, and production deployment must require explicit approval. Which approach best aligns with OCI DevOps best practices?

A build pipeline fails at the step that runs a script from the repository. The logs show: "permission denied" when invoking the script. The script runs locally on a developer machine. What is the most likely cause and the best fix?

Your team uses OCI Resource Manager with Terraform to provision networking and compute. You want every change to go through a code review and be reproducible. Which practice best achieves this?

A deployment succeeded, but the application is intermittently timing out. You need to quickly determine whether the issue is due to upstream dependency latency or application CPU saturation. Which combination is most appropriate in OCI to diagnose this?

You want to implement “build once, deploy many” across multiple environments. The artifact should be immutable and verifiably the same between test and production. Which approach best satisfies this requirement in OCI DevOps?

A Terraform apply in Resource Manager fails with an error indicating it cannot create resources because the target compartment is not authorized. The stack and job run successfully in another compartment. What is the most likely fix?

A team wants to ensure that any merge to the main branch triggers unit tests, SAST scanning, and container image building, but only tagged commits trigger deployment to production. Which pipeline trigger strategy best meets this requirement?

You are implementing automated drift detection for OCI infrastructure managed with Terraform. You want an alert when actual resources differ from the declared code, without making changes automatically. Which approach is most appropriate?

A regulated workload requires that only vetted container images are deployed to OKE. Images must be signed, and deployments must verify signatures before rollout. Which design is the most appropriate in OCI?

After enabling centralized logging, you notice critical application logs are missing during traffic spikes. The application writes logs to stdout/stderr in containers on OKE. Metrics show node CPU is stable, but log ingestion drops. What is the best next step to troubleshoot and remediate?