Git & CI/CD Practice Questions & Quiz

40 questions / 10 random questions

safe Git collaboration CI/CD design and GitHub Actions permissions operations and troubleshooting
Try a 10-question Git & CI/CD quiz

Random questions, instant feedback, and review for missed questions.

Start quiz →

View recommended Git & CI/CD resources →

Included topics (40 questions)

Q1

How should you safely undo a commit that has already been shared?

Answer: Create an inverse commit with git revert

revert adds an inverse change without rewriting shared history.

Q2

You need the latest main changes in a shared feature branch without rewriting collaborators' history. What is appropriate?

Answer: Merge main into the feature branch

On a shared branch, merge integrates changes while preserving existing commit IDs.

Q3

You want to bring one commit made on the wrong branch into the current branch. Which operation fits?

Answer: git cherry-pick <commit>

cherry-pick applies a selected commit's change onto the current branch.

Q4

You want to stage only parts of a file and leave the rest for a later commit. What is appropriate?

Answer: git add -p

git add -p stages selected hunks interactively.

Q5

A private key was accidentally committed locally but not pushed. What should you do first?

Answer: Revoke or rotate the key, remove it from history, and prevent recurrence

Secrets can remain in history, so rotate them, clean the history, and add preventive scanning.

Q6

Which practice makes a pull request easier to review?

Answer: Keep one purpose, a small diff, and explain verification

A small focused PR makes impact and verification easier to understand.

Q7

What should you always verify after resolving a merge conflict?

Answer: No conflict markers remain and tests plus diff review pass

A syntactically resolved conflict can still be semantically wrong, so review and test it.

Q8

You want to keep a tracked file locally but stop tracking it. What is appropriate?

Answer: Run git rm --cached and add it to .gitignore

.gitignore does not affect already tracked files, so remove the file from the index.

Q9

You need to efficiently identify which commit introduced a regression among many candidates. What is appropriate?

Answer: Use git bisect to binary-search good and bad revisions

bisect binary-searches between known good and bad commits and can run tests.

Q10

You need to temporarily put aside unfinished changes and switch to an urgent fix. What is appropriate?

Answer: Use git stash push and restore it later

stash temporarily saves unfinished changes so you can switch work safely.

Q11

You want a durable release reference with metadata and optional signing. What is appropriate?

Answer: Create an annotated tag

An annotated tag stores tagger, date, message, and can be signed.

Q12

What is the issue with repeatedly committing large generated binaries to normal Git history?

Answer: History grows and clone or fetch becomes slow

Git retains historical versions, so large binaries increase storage and transfer costs.

Q13

Which repository setting prevents direct pushes to main and requires reviewed changes?

Answer: Use branch protection rules requiring PR reviews and status checks

Protection rules restrict direct pushes and require reviews or checks before merge.

Q14

When is history-rewriting rebase generally safest?

Answer: When cleaning up your own unshared local branch

Unshared history can be cleaned without invalidating collaborators' references.

Q15

On your own branch, how can you reduce the risk of overwriting someone else's newer update when force-pushing?

Answer: Use --force-with-lease

--force-with-lease updates only if the remote tip still matches your expectation.

Q16

What is the primary purpose of continuous integration?

Answer: Frequently integrate small changes and detect problems early with automated checks

CI integrates and validates changes early to surface conflicts and defects sooner.

Q17

You want to promote the same commit from staging to production after validation. What is appropriate?

Answer: Promote one immutable artifact across environments

Promoting the same artifact prevents differences between tested and deployed content.

Q18

A flaky test fails intermittently. What is appropriate?

Answer: Find and fix or quarantine the cause rather than hiding it with unlimited retries

Ignoring flaky tests erodes trust in CI and hides real failures.

Q19

What is a sound approach for deploying a backward-compatible database schema change?

Answer: Expand first, support both versions, then contract after migration

Expand/contract preserves compatibility while old and new app versions coexist.

Q20

How should you detect problems quickly after production deployment?

Answer: Monitor key SLIs and error rates, stopping or rolling back on thresholds

Release decisions benefit from user-impact metrics and automated guardrails.

Q21

What characterizes blue-green deployment?

Answer: Maintain old and new environments and switch traffic between them

Blue-green enables pre-switch validation and fast rollback at the cost of duplicate capacity.

Q22

What is the goal of a canary release?

Answer: Expose a new version to a subset, then expand based on metrics

A canary limits exposure while validating production behavior.

Q23

Which practice is appropriate for pipeline secrets?

Answer: Use short-lived credentials from a secret store, mask logs, and apply least privilege

Short-lived least-privilege credentials and redaction reduce exposure.

Q24

How do you improve dependency reproducibility?

Answer: Commit the lock file and verify pinned versions in CI

A lock file shares one dependency resolution and reduces surprise upgrades.

Q25

Which issue should CI cache design avoid?

Answer: Using weak keys that reuse caches across incompatible dependency states

A false cache hit can use stale dependencies and create hard-to-reproduce failures.

Q26

What should you consider before adding more parallel jobs?

Answer: Measure dependencies, shared-resource contention, cost, and bottlenecks

Parallelism can speed work but may add contention, cost, and ordering failures.

Q27

Which protection is appropriate for a production deployment job?

Answer: Use protected environments, approval, scoped credentials, and audit logs

Production should restrict permissions and execution while preserving traceability.

Q28

How should pipeline changes be made safely?

Answer: Review as code, test or dry-run it, and roll it out gradually

A pipeline controls the production path and needs the same review and testing as application code.

Q29

Which pipeline measure reduces supply-chain attack risk?

Answer: Pin and verify external actions and dependencies to trusted versions or SHAs

Pinning and verification reduce the risk of executing unexpected upstream changes.

Q30

What is the first step in improving a slow pipeline?

Answer: Measure each stage or job and identify the critical path

Measurement identifies the real bottleneck before choosing caching, parallelism, or test splitting.

Q31

What basic GitHub Actions setting runs a workflow on pull requests?

Answer: on: pull_request

on defines events that trigger a workflow.

Q32

Which keyword makes job B run after job A succeeds?

Answer: needs

needs declares dependencies between jobs.

Q33

Which setting prevents concurrent deployments and cancels an outdated run for the same environment?

Answer: concurrency with cancel-in-progress

A concurrency group controls runs for the same target and can cancel stale ones.

Q34

What is a safe policy for GITHUB_TOKEN?

Answer: Explicitly set minimum required permissions at workflow or job scope

Restricting permissions reduces the impact of a compromised step.

Q35

Which feature helps maintain the same deployment procedure across repositories?

Answer: A reusable workflow

A reusable workflow centralizes a workflow and accepts inputs from callers.

Q36

Which feature runs the same tests across multiple OS and version combinations?

Answer: strategy.matrix

A matrix expands jobs for combinations of variables.

Q37

What is the strictest way to minimize tampering risk for a referenced third-party action?

Answer: Pin it to a reviewed full commit SHA

A full SHA fixes execution to one commit; updates should be reviewed explicitly.

Q38

What should you use for approval and environment secrets before production deployment?

Answer: GitHub environment protection rules and secrets

An environment applies approval rules and environment-specific secrets to jobs.

Q39

What is a safe approach to secrets in workflows triggered by fork pull requests?

Answer: Do not expose secrets or write tokens to untrusted code; carefully separate privileged events

Treat fork code as attacker-controlled and isolate privileged operations.

Q40

What should you inspect first when troubleshooting a failed workflow?

Answer: The failing job or step logs, relevant inputs, and recent changes

Logs and recent diffs help isolate permission, input, environment, or command failures.

certdrill.dev is an independent, unofficial learning site and is not affiliated with LPI Japan, IPA, AWS, Microsoft Azure, or any exam provider. Questions and explanations are original content.