CNPA Leak Questions

An extensible architecture with modular components is crucial for modern platform engineering. Option C is correct because modularity allows new capabilities (e.g., self-service delivery, observability, or security features) to be added or replaced without disrupting the whole system. This approach promotes agility, scalability, and maintainability.

Option A (monolithic architecture) restricts flexibility and slows innovation. Option B (centralized API gateways) may help integration but still creates bottlenecks if every addition requires specialist intervention. Option D (static architecture) locks the platform into rigid patterns, preventing adaptation to evolving needs.

Extensible, modular design is a hallmark of cloud native platforms. It enables composability, where services (like service mesh, logging, monitoring, or provisioning APIs) can be plugged in as needed. This architecture supports golden paths and self-service abstractions, reducing developer friction while keeping governance intact.

Compliance with regulations like GDPR and PCI DSS requires fine-grained control, auditing, and data protection. Option C is correct because deploying a policy engine like Open Policy Agent (OPA) enables dynamic enforcement of policies, real-time data masking, and comprehensive audit logging. This ensures sensitive data is protected while providing traceability and compliance reporting.

Option A is insufficient, as default IAM policies without Kubernetes-level governance do not provide the granularity required for compliance. Option B (Kubernetes Secrets) adds encryption but lacks auditability and runtime enforcement. Option D (RBAC and network policies) improves security posture but does not provide comprehensive compliance coverage or data privacy features like masking and logging.

OPA and similar tools integrate with Kubernetes admission control to enforce compliance policies consistently, providing the flexibility and auditability needed in regulated industries.

Agile and DevOps share the principle of continuous improvement through rapid feedback and iteration. Option B is correct because gathering feedback continuously and iterating aligns directly with DevOps practices such as CI/CD, observability-driven development, and platform engineering’s focus on developer experience. This ensures platforms and applications evolve quickly in response to real-world conditions.

Option A contradicts Agile, which emphasizes active customer collaboration. Option C reflects rigid waterfall methodologies, not Agile or DevOps. Option D enforces silos, which is the opposite of DevOps principles of cross-functional collaboration.

By embracing continuous feedback loops, both Agile and platform engineering accelerate delivery, improve resilience, and ensure that platforms deliver real value to developers and end users. This cultural alignment ensures both speed and quality in cloud native environments.

The most efficient and scalable strategy is to use a declarative approach with Infrastructure as Code (IaC). Option B is correct because declarative definitions specify the desired state (e.g., resource requests, limits, autoscaling policies) in code, allowing Kubernetes controllers and autoscalers to reconcile and enforce them dynamically. This ensures that applications can scale efficiently based on actual demand.

Option A (fixed allocation) is inefficient, leading to wasted resources during low usage or insufficient capacity during high demand. Option C (manual provisioning) introduces delays, risk of error, and operational overhead. Option D (imperative scripting) is not sustainable for large-scale or dynamic workloads, as it requires constant manual intervention.

Declarative IaC aligns with GitOps workflows, enabling automated, version-controlled scaling decisions. Combined with Kubernetes’ Horizontal Pod Autoscaler (HPA) and Cluster Autoscaler, this approach allows platforms to balance cost efficiency with application reliability.