GK Questions

Answer: All of these

IaC (Terraform), Configuration Management (Ansible), and GitOps all use version-controlled code to define infrastructure/app state. Enables: repeatability, auditability, peer review, and automated testing. Critical for modern DevOps practices and cloud operations questions.

Answer: ConfigMap

ConfigMap stores configuration data (environment variables, config files) as key-value pairs for pods. Secret is for sensitive data (base64-encoded); PersistentVolume for storage; Namespace for resource isolation. Critical for Kubernetes configuration management questions.

Answer: Section 66

Section 66 prescribes punishment (up to 3 years + fine) for computer-related offenses: unauthorized access, data theft, introducing viruses. Section 43 covers civil liability; 66C is identity theft; 67 is obscene content. Critical for cyber law awareness in exams.

Answer: Validity

Validity ensures data conforms to business rules, formats, and value ranges (e.g., email format, date ranges). Other dimensions: Accuracy (correctness), Completeness (no missing values), Consistency (across systems). Critical for data governance and quality management questions.

Answer: Homomorphic Encryption

Homomorphic Encryption allows computations on ciphertext, producing encrypted results that decrypt to correct output. Enables privacy-preserving cloud analytics, secure voting, and confidential AI. Still computationally intensive but advancing with research. Critical for privacy-enhancing technologies.

Answer: Terraform

Terraform (HashiCorp) uses HCL declarative language to provision cloud resources across providers (AWS, Azure, GCP). Supports state management, modules, and plan/apply workflow. Ansible is configuration management; Jenkins is CI/CD; Docker is containerization. Critical for IaC questions.

Answer: Canary Release

Canary Release deploys new version to small user subset (canary group), monitors metrics, and gradually expands if stable. Reduces risk vs big-bang releases. Implemented via service mesh, load balancers, or feature flags. Critical for safe deployment strategies.

Answer: Data Protection Board of India

Data Protection Board of India is independent regulatory body established under DPDP Act 2023 to: adjudicate disputes, impose penalties, and enforce compliance. Distinct from CERT-In (cyber incidents) and MeitY (policy). Critical for data governance questions.

Answer: Star Schema

Star Schema (data warehousing) uses denormalized fact tables linked to dimension tables for fast analytical queries. Optimizes read performance at cost of storage redundancy. Contrasts with 3NF (normalized for OLTP). Critical for BI and analytics architecture questions.

Answer: Meltdown/Spectre

Meltdown/Spectre (2018) exploit CPU speculative execution and cache side-channels to read kernel memory or other processes' data. Mitigated via microcode updates, OS patches, and compiler fixes. Highlights hardware-level security challenges. Critical for system security questions.

Answer: Automated Rollback

Automated Rollback uses monitoring alerts (error rate, latency) to trigger immediate reversion to previous stable version. Reduces MTTR and blast radius of bad releases. Implemented via CI/CD pipelines and SRE runbooks. Critical for production reliability practices.

Answer: StatefulSet

StatefulSet manages stateful applications: provides stable pod names (pod-0, pod-1), persistent storage, and ordered deployment/scaling. Used for databases, Kafka, etc. Deployment is for stateless apps; DaemonSet runs one pod per node; ReplicaSet manages pod replicas.

Answer: Direction 20

CERT-In Direction 20 (April 2022) requires service providers to synchronize ICT system clocks with NIC's National Time Server for accurate incident timeline correlation. Also mandates 6-hour incident reporting and 180-day log retention. Critical for cybersecurity compliance questions.

Answer: Apache Spark

Apache Spark provides in-memory distributed computing for big data: batch, streaming, ML, graph processing. Faster than Hadoop MapReduce due to in-memory processing. Supports Scala, Python, SQL. Critical for big data engineering and analytics questions.

Answer: Behavioral Analytics

Behavioral Analytics uses ML to establish baselines of normal behavior and flag deviations indicating threats (insider threats, zero-days). Complements signature-based detection. Implemented in UEBA, NDR solutions. Critical for next-gen SOC and threat hunting questions.

Answer: Lead Time for Changes

Lead Time for Changes (DORA metric) measures time from code commit to successful production deployment. Key indicator of delivery speed and process efficiency. Other DORA metrics: Deployment Frequency, Change Failure Rate, MTTR. Critical for DevOps performance questions.

Answer: Deployment

Deployment manages replica sets of pods: defines replicas, update strategy, rollback, and scaling. Ensures desired state is maintained. Pod is smallest deployable unit; Service exposes pods; ConfigMap stores configuration. Critical for Kubernetes administration questions.

Answer: Section 10

Section 10 of DPDP Act mandates Significant Data Fiduciaries (based on data volume, sensitivity, risk) to appoint DPO, conduct audits, and implement grievance redressal. Enhances accountability for high-risk data processing. Critical for compliance and governance questions.

Answer: Parquet

Parquet is a columnar storage format optimized for analytics: efficient compression, predicate pushdown, and schema evolution. Reduces I/O by reading only required columns. Used in Spark, Hive, Presto. CSV/JSON are row-oriented; XML is verbose. Critical for big data engineering questions.

Answer: Identity Federation Attack

Identity federation attacks exploit trust between identity providers (IdP) and service providers (SP) in SSO setups. Attackers compromise IdP to gain access to multiple federated services. Mitigation: MFA, short-lived tokens, strict trust policies. Critical for cloud security architecture questions.