Free Preparation Discussions
MENU
Linux Foundation CNPA Exam Questions
- Topic 1: Platform Engineering Core Fundamentals: This section of the exam measures the skills of Supplier Management Consultants and covers essential foundations such as declarative resource management, DevOps practices, application environments, platform architecture, and the core goals of platform engineering. It also includes continuous integration fundamentals, delivery approaches, and GitOps principles.
- Topic 2: Platform Observability, Security, and Conformance: This part of the exam evaluates Procurement Specialists on key aspects of observability and security. It includes working with traces, metrics, logs, and events while ensuring secure service communication. Policy engines, Kubernetes security essentials, and protection in CI/CD pipelines are also assessed here.
- Topic 3: Continuous Delivery & Platform Engineering: This section measures the skills of Supplier Management Consultants and focuses on continuous integration pipelines, the fundamentals of the CI/CD relationship, and GitOps basics. It also includes knowledge of workflows, incident response in platform engineering, and applying GitOps for application environments.
- Topic 4: Platform APIs and Provisioning Infrastructure: This part of the exam evaluates Procurement Specialists on the use of Kubernetes reconciliation loops, APIs for self-service platforms, and infrastructure provisioning with Kubernetes. It also assesses knowledge of the Kubernetes operator pattern for integration and platform scalability.
- Topic 5: IDPs and Developer Experience: This section of the exam measures the skills of Supplier Management Consultants and focuses on improving developer experience. It covers simplified access to platform capabilities, API-driven service catalogs, developer portals for platform adoption, and the role of AI/ML in platform automation.
- Topic 6: Measuring your Platform: This part of the exam assesses Procurement Specialists on how to measure platform efficiency and team productivity. It includes knowledge of applying DORA metrics for platform initiatives and monitoring outcomes to align with organizational goals.
Free Linux Foundation CNPA Exam Actual Questions
Note: Premium Questions for CNPA were last updated On May. 04, 2026 (see below)
In a scenario where an Internal Developer Platform (IDP) is being used to enable developers to self-service provision products and capabilities such as Namespace-as-a-Service, which answer best describes who is responsible for resolving application-related incidents?
Platform engineering clearly separates responsibilities between platform teams and application teams. Option C is correct because platform teams manage the platform and infrastructure layer, ensuring stability, compliance, and availability, while application teams own their applications, including troubleshooting application-specific issues.
Option A (creating a single merged team) introduces inefficiency and removes specialization. Option B incorrectly suggests application teams should also solve infrastructure issues, which conflicts with platform-as-a-product principles. Option D places all responsibilities on platform teams, which creates bottlenecks and undermines application team ownership.
By splitting responsibilities, IDPs empower developers with self-service provisioning while maintaining clear boundaries. This ensures both agility and accountability: platform teams focus on enabling and securing the platform, while application teams take ownership of their code and services.
--- CNCF Platforms Whitepaper
--- Team Topologies (Platform as a Product Model)
--- Cloud Native Platform Engineering Study Guide
Which provisioning strategy ensures efficient resource scaling for an application on Kubernetes?
The most efficient and scalable strategy is to use a declarative approach with Infrastructure as Code (IaC). Option B is correct because declarative definitions specify the desired state (e.g., resource requests, limits, autoscaling policies) in code, allowing Kubernetes controllers and autoscalers to reconcile and enforce them dynamically. This ensures that applications can scale efficiently based on actual demand.
Option A (fixed allocation) is inefficient, leading to wasted resources during low usage or insufficient capacity during high demand. Option C (manual provisioning) introduces delays, risk of error, and operational overhead. Option D (imperative scripting) is not sustainable for large-scale or dynamic workloads, as it requires constant manual intervention.
Declarative IaC aligns with GitOps workflows, enabling automated, version-controlled scaling decisions. Combined with Kubernetes' Horizontal Pod Autoscaler (HPA) and Cluster Autoscaler, this approach allows platforms to balance cost efficiency with application reliability.
--- CNCF GitOps Principles
--- Kubernetes Autoscaling Documentation
--- Cloud Native Platform Engineering Study Guide
In a Continuous Integration (CI) pipeline, what is a key benefit of using automated builds?
The key benefit of automated builds in a CI pipeline is ensuring consistent and reproducible builds. Option C is correct because automation eliminates the variability introduced by manual processes, guaranteeing that each build follows the same steps, uses the same dependencies, and produces artifacts that are predictable and testable.
Option A (minimizing server costs) may be a side effect but is not the primary advantage. Option B (eliminates coding errors) is inaccurate---automated builds do not prevent developers from writing faulty code; instead, they surface errors earlier. Option D (reduces code redundancy) relates more to code design than CI pipelines.
Automated builds are fundamental to DevOps and platform engineering because they establish reliability in the software supply chain, integrate seamlessly with automated testing, and enable continuous delivery. This practice ensures that code changes are validated quickly, improving developer productivity and reducing integration risks.
--- CNCF Platforms Whitepaper
--- Continuous Delivery Foundation Best Practices
--- Cloud Native Platform Engineering Study Guide
In a Continuous Integration (CI) pipeline, What is a key benefit of using automated builds?
The key benefit of automated builds in a CI pipeline is ensuring consistent and reproducible builds. Option C is correct because automation eliminates the variability introduced by manual processes, guaranteeing that each build follows the same steps, uses the same dependencies, and produces artifacts that are predictable and testable.
Option A (minimizing server costs) may be a side effect but is not the primary advantage. Option B (eliminates coding errors) is inaccurate---automated builds do not prevent developers from writing faulty code; instead, they surface errors earlier. Option D (reduces code redundancy) relates more to code design than CI pipelines.
Automated builds are fundamental to DevOps and platform engineering because they establish reliability in the software supply chain, integrate seamlessly with automated testing, and enable continuous delivery. This practice ensures that code changes are validated quickly, improving developer productivity and reducing integration risks.
--- CNCF Platforms Whitepaper
--- Continuous Delivery Foundation Best Practices
--- Cloud Native Platform Engineering Study Guide
A cloud native application needs to establish secure communication between its microservices. Which mechanism is essential for implementing security in service-to-service communications?
Mutual TLS (mTLS) is the core mechanism for securing service-to-service communication in cloud native environments. Option B is correct because mTLS provides encryption in transit and mutual authentication, ensuring both the client and server verify each other's identity. This prevents unauthorized access, man-in-the-middle attacks, and data leakage.
Option A (API Gateway) manages ingress traffic from external clients but does not secure internal service-to-service communication. Option C (Service Mesh) is a broader infrastructure layer (e.g., Istio, Linkerd) that implements mTLS, but mTLS itself is the mechanism that enforces secure communications. Option D (Load Balancer) distributes traffic but does not handle encryption or authentication.
mTLS is foundational to zero-trust networking inside Kubernetes clusters. Service meshes typically provide automated certificate management and policy enforcement, ensuring seamless adoption of mTLS without requiring developers to modify application code.
--- CNCF Service Mesh Whitepaper
--- CNCF Platforms Whitepaper
--- Cloud Native Platform Engineering Study Guide
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Emma Rodriguez
9 days agoChristopher Adams
6 hours agoGearldine
27 days agoMeghan
1 month agoAntione
1 month agoAdolph
2 months agoRana
2 months agoKristel
2 months agoOmer
3 months agoMarsha
3 months agoMargurite
3 months agoHeike
3 months agoKimbery
4 months agoChu
4 months agoGaynell
4 months agoElli
4 months agoCiara
5 months agoDean
5 months agoJulio
5 months agoStefany
5 months agoCarli
6 months agoLevi
6 months agoLashaunda
6 months agoIluminada
6 months agoAntione
7 months agoLucina
7 months agoFranklyn
7 months agoHoward
7 months agoLashon
7 months agoReynalda
7 months agoAmie
8 months agoBernadine
8 months agoMarla
8 months ago