DevOps / Cloud Engineer Hiring Guide

Attention to Detail Tasks

(Each of these tasks is a deterministic check of the candidates attention to detail. The candidate is given specific data or snippets and asked to spot errors or inconsistencies. Exact expected answers are provided for auto-grading.)

Broken CI Config (YAML Indentation): Provide a snippet of a CI pipeline YAML with a subtle indentation error that causes the pipeline to fail. For example:

steps: -name: Install dependencies run: npm install -name: Run tests run: npm test

The task asks: Identify the error in the YAML above that would cause a pipeline failure. Expected answer: The second -name: Run tests line is mis-indented (one space short). The candidate should point out the indentation error on that line (exactly 1 space instead of 2 before the dash). Scoring is binary: either they correctly pinpoint the misalignment or not.

Server Log Anomaly: Present a short log excerpt from a web server:

[INFO] 2026-02-05 18:00:01 Server started [INFO] 2026-02-05 18:05:23 Health check passed [ERROR] 2026-02-05 18:10:47 Out of memory -process crashed [INFO] 2026-02-05 18:10:50 Server restarted [INFO] 2026-02-05 18:15:00 Health check passed

Ask: According to the log, what event occurred and at what time did it happen (This checks if they notice the error line.) Expected answer: An Out of memory -process crashed error occurred at

18:10:47. (The candidate should identify the error event and its timestamp exactly). This tests

careful log reading; the correct answer must include the error and the time.

Firewall Rule Review: Provide a table of firewall/security group rules (e.g., for an AWS Security Group) such as:

Rule # Protocol Port Source Description

1 TCP 22 203.0.113.5/32 SSH from office

2 TCP 443 0.0.0.0/0 HTTPS for web server

3 TCP 80 0.0.0.0/0 HTTP for web server

4 TCP 5432 0.0.0.0/0 Postgres database access

Ask: Which rule is misconfigured and why is it a concern Expected answer: Rule #4 is a red flag because

it opens the Postgres database port (5432) to the entire world (0.0.0.0/0), which is insecure. (The

candidate should identify Rule 4 and note that its source is too open). This tests detail-attention and security mindset; full credit only if they specify the rule number and the issue (open to 0.0.0.0/0).

Configuration Mismatch: Show two small configuration excerpts side by side (for instance, two environment files or Kubernetes configs) and ask which setting is inconsistent. For example, File A contains APP_MODE=Production while File B has APP_MODE=Prodution (a typo). Task: Find the inconsistency between Config A and Config B. Expected answer: Identify the exact mismatch e.g., APP_MODE is misspelled as Prodution in Config B, which is inconsistent with Production in Config A. This checks if the candidate can spot even minor typos across artifacts. The answer must precisely pinpoint the difference to get full credit.

(These prompts simulate real workplace communications. The candidate must produce clear, concise writing. While open-ended, each has key points expected for full credit, which can be evaluated by AI for inclusion of those points.)

Prompt 1 Incident Update Email: Scenario: An outage occurred overnight and was resolved by the on-call engineer. Task: Draft a brief email to the engineering team and relevant stakeholders explaining this incident. Include what happened, how it was resolved, and any next steps or preventive measures.

Expectations for scoring: The email should contain a clear summary of the issue (e.g. Service X went down at 2 AM due to Y), the resolution (we restarted the database and cleared the cache, restoring service by 2:30 AM), and next steps (we will implement monitoring on memory usage and add a failover instance to prevent recurrence). Tone should be factual and reassuring, without blaming individuals. The AI scorer will check for the presence of these elements: description of cause, resolution, and follow-up actions.

Prompt 2 Deployment Delay Slack Message: Scenario: A scheduled deployment cannot proceed because a critical bug was found at the last minute. Task: Write a Slack message to the Product Manager explaining that the release will be delayed. Include a brief reason and the plan to fix the issue.

Expectations for scoring: The message should quickly state the delay and reason (Hi, we discovered a bug in the payment module during final tests, so we need to pause the deployment), express understanding of the impact (I know stakeholders were expecting this feature today), and outline the plan (the team is fixing the bug now, and we plan to deploy tomorrow after re-testing). Tone should be professional and solution-focused. The rubric will look for: acknowledgment of delay, reason for delay, and a resolution timeline.

Prompt 3 Tool Introduction Announcement: Scenario: The company is adopting a new DevOps tool (e.g., a new monitoring system). Task: Compose a message (email or chat) to the engineering team announcing the introduction of this tool. Explain why its being introduced, how it will help, and any support for onboarding.

Expectations for scoring: The announcement should include context (Were implementing Datadog for monitoring to improve visibility into our apps), benefits (this will alert us faster to issues and reduce downtime), and guidance (we will have a training session and documentation; Ill be available to help with setup). The candidates answer should be encouraging and informative. The scoring checks for mention of rationale, benefits, and support offered.

(All communication responses are evaluated on clarity, completeness of information, tone, and conciseness. Grammar and organization count towards professionalism.)

Tasks

(Deterministic scenario-based tasks where the candidate must outline steps or solutions. Each has an expected correct approach or key steps for scoring.)

Task 1: CI/CD Pipeline Failure Troubleshooting Scenario: A continuous integration pipeline fails during the test stage with an error: Module XYZ not found. The build was working yesterday. Prompt: Describe the steps you would take to diagnose and fix this pipeline failure.

Expected Solution (Key Steps): The candidate should outline a logical troubleshooting process: (1) Check error logs/output to confirm which module is missing and in which step. (2) Verify recent changes e.g., was a dependency added in code but not in the build script (3) Reproduce locally if possible to see if the environment is missing something. (4) Fix e.g., update the pipeline configuration to install the missing module or adjust the path. (5) Re-run pipeline to ensure it passes. (6) Prevent recurrence maybe add that dependency to documentation or lock versions. Scoring: The answer must cover the critical steps of identifying the error, checking recent changes, and implementing a fix. Full credit if the candidate mentions investigating logs and adjusting the pipeline configuration appropriately (e.g. adding an install step for the missing module). Partial credit if steps are generally correct but miss a key aspect (like not mentioning checking the actual error message).

Task 2: Production Outage Response Process Scenario: A critical web service went down due to high CPU usage, causing an outage. Prompt: Outline the step-by-step process you would follow to handle this production incident from start to finish.

Expected Solution (Key Steps): (1) Alert & Triage: Acknowledge the alert, assemble incident team if needed, and check monitoring dashboards to confirm high CPU on which servers. (2) Mitigation: Take quick action to restore service e.g., scale up instances or restart the affected service to temporarily alleviate the issue. (3) Investigation: While service is recovering, dig into the cause check logs, recent deployments or traffic spikes (perhaps a runaway process or infinite loop causing CPU saturation). (4) Resolution: Once root cause is found (say a code bug or misconfiguration), apply a fix or rollback the recent deployment. Ensure the web service is stable and CPU is normal. (5) Communication: Keep stakeholders informed during the outage (status updates) and after resolution provide a summary. (6) Post-Mortem: Document what happened, why, and action items (e.g., add an alert for high CPU, optimize the code, etc.). Scoring: To earn full points, the candidates answer should include immediate containment (mitigation), root cause investigation, communication, and follow-up. Missing any major phase (like not mentioning analysis or

communication) would lose points. The sequence should be logical and focused on minimizing impact quickly then solving underlying issues.

Task 3: Environment Provisioning with IaC Scenario: The company needs to set up a new staging environment identical to production for testing, using Infrastructure as Code (IaC). Prompt: Describe how you would create a new staging environment that mirrors production using IaC and automation. What steps and tools would you use, and how would you ensure consistency with production

Expected Solution (Key Steps): (1) Reuse IaC Definitions: Use existing Terraform or CloudFormation scripts that define production infrastructure. Parameterize them (using variables or separate config files) for staging (e.g., smaller instance sizes or different network) while keeping architecture same. (2) Set Up Resources: Run the IaC tool to provision staging VMs/containers, databases, networking, etc. (3) Configuration: Use configuration management (Ansible, scripts, or cloud-init) to configure those resources with the staging settings (e.g., point to staging databases, use staging credentials). (4) Deploy Application: Extend the CI/CD pipeline to deploy the application to staging after successful builds (or set up a separate pipeline for staging deployments). (5) Data and Dependencies: If needed, seed staging with sample data or connect to shared services, ensuring no conflict with prod (e.g., disable external notifications in staging). (6) Testing & Verification: Verify the staging environment works as expected (run smoke tests). (7) Consistency Checks: Implement version control for IaC scripts and perhaps an automated drift detection to ensure staging and prod remain in sync (aside from intentional differences). Scoring: Full credit if the answer demonstrates use of IaC to duplicate environments and mentions managing differences via variables or separate config, as well as deploying code to that environment. The candidate should explicitly reference Terraform/CloudFormation or similar. Points deducted if they talk about manual setup or dont address how to keep it in sync with prod.

Task 4: Containerization Migration Plan Scenario: An internal legacy application running on a VM needs to be containerized and moved to a container orchestration platform for easier maintenance. Prompt: Outline the steps you would take to containerize this application and deploy it using an orchestration platform (like Kubernetes or ECS).

Expected Solution (Key Steps): (1) Dockerize the App: Write a Dockerfile for the application (choose a base image, add app files, set entrypoint, etc.). Build and test the container image locally.

(2)

Set Up Container Registry: Push the image to a registry (e.g., Docker Hub or AWS ECR). (3) Define Orchestration Config: Create Kubernetes manifests (Deployment, Service, etc.) or ECS Task Definitions to run the container with desired replicas, environment variables, resource limits. If Kubernetes, possibly create a Helm chart or k8s YAMLs. (4) Configure Networking: Expose the app via a Service/Ingress (or in ECS, an Application Load Balancer) to route traffic. (5) Data and State: Plan for any stateful components e.g., if the app writes to disk, mount volumes or use managed DBs, ensure external dependencies (like DB connection strings) are handled via configmaps/secrets.

(6)

Deployment: Deploy to a cluster (kubectl apply or via CI pipeline). (7) Testing in Container Env: Verify the containerized app works (functional tests, performance tests) in the new environment. (8) Cutover Plan: Outline how to switch production to use the containerized version (maybe run both old and new in parallel, then redirect traffic). Scoring: The answer should hit major points: creating a Dockerfile, using a registry, writing K8s/ECS configs, and deployment steps. Mention of handling

config/secrets and testing indicates thorough understanding. Omitting container build or orchestration config details would miss key aspects.

(Each technical/process task above has a clear expected solution path. Grading will compare the candidates steps to the expected key steps. Partial credit is given if they cover most but not all steps. The goal is to see practical thinking in scenarios a mid-level DevOps/Cloud Engineer would encounter.)