CertGrid
HashiCorp Certification

HashiCorp Terraform Associate (003) Practice Exam

Validates knowledge of Infrastructure as Code concepts, Terraform workflow, state management, modules, and HCL configuration language.

Practice 735 exam-style HashiCorp Terraform Associate (003) questions with full answer explanations, then take timed mock exams that score like the real thing.

Start practicing free Sign in
735
Practice questions
57
On the real exam
700
Passing score
60 min
Exam length

What the HashiCorp Terraform Associate (003) exam covers

Free HashiCorp Terraform Associate (003) sample questions

A sample of 10 questions with answers and explanations. Sign up free to practice all 735.

  1. Question 1Understand Infrastructure as Code (IaC) Concepts

    Your organization has been managing cloud resources by clicking through the Azure portal. After a recent outage caused by an engineer accidentally deleting a production network security group, management wants to prevent ad-hoc changes. Which Infrastructure as Code principle would MOST directly prevent this type of incident from recurring?

    • AIncreasing the number of engineers who have portal access
    • BScheduling infrastructure changes only during maintenance windows
    • CCreating detailed runbooks for every manual change
    • DStoring infrastructure definitions in version-controlled files and enforcing changes only through automated pipelinesCorrect
    ✓ Correct answer: D

    Storing infrastructure definitions in version-controlled files and enforcing changes through automated pipelines prevents ad-hoc manual modifications by requiring all infrastructure changes to be reviewed, tested, and tracked. Version control provides a complete audit trail of what changed, who made the change, and why, making accidental deletions like the network security group incident impossible without detection. Automated pipelines ensure changes are validated and consistent, preventing human error. This declarative, tracked approach is the core principle of Infrastructure as Code that prevents undocumented manual changes from occurring in production environments.

    Why the other options are wrong
    • AIncreasing the number of engineers who have portal access is incorrect because more access actually increases the risk of accidental changes; it does not prevent ad-hoc modifications but rather increases the number of people who can make them.
    • BScheduling infrastructure changes only during maintenance windows is incorrect because it merely restricts the timing of changes but does not prevent ad-hoc modifications; engineers can still make unauthorized changes during maintenance windows.
    • CCreating detailed runbooks for every manual change is incorrect because runbooks only document procedures for manual changes; they do not prevent ad-hoc modifications or provide the version control and automation enforcement that Infrastructure as Code provides.
  2. Question 2Implement and Maintain State

    An engineer accidentally removes a resource from the Terraform configuration file but does NOT want Terraform to destroy the actual cloud resource. They want to simply stop managing it with Terraform. Which command should they use?

    • Aterraform destroy -target=<resource>
    • Bterraform refresh
    • Cterraform state rm <resource_address>Correct
    • Dterraform taint <resource_address>
    ✓ Correct answer: C

    terraform state rm removes a resource from the Terraform state file without destroying the actual cloud resource. This command is used when you want to stop managing an existing resource with Terraform while leaving the resource intact in the cloud. The resource becomes completely unmanaged by Terraform after removal from state.

    Why the other options are wrong
    • Aterraform destroy -target=<resource> is incorrect because destroy will delete the actual cloud resource; state rm only removes from state.
    • Bterraform refresh is incorrect because refresh updates the state with current cloud values; it does not remove resources from state.
    • Dterraform taint <resource_address> is incorrect because taint marks a resource for destruction on the next apply; the resource will be deleted if apply is run.
  3. Question 3Understand Infrastructure as Code (IaC) ConceptsSelect all that apply

    Which of the following are characteristics of a declarative IaC approach? (Choose TWO.)

    • AYou must explicitly specify the order of resource creation
    • BYou write step-by-step instructions for creating each resource
    • CThe tool determines the actions needed to reach the desired stateCorrect
    • DYou describe the desired end state of infrastructureCorrect
    ✓ Correct answer: C, D

    This answer directly addresses the scenario presented in the question and aligns with Terraform best practices. The solution implements the most appropriate approach for managing infrastructure as code in this specific context.

    Why the other options are wrong
    • AYou must explicitly specify the order of resource creation is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
    • BYou write step-by-step instructions for creating each resource is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario. You describe the desired end state of infrastructure is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
  4. Question 4Understand Infrastructure as Code (IaC) Concepts

    What distinguishes mutable infrastructure from immutable infrastructure?

    • Amutable infrastructure only exists in the cloud; immutable infrastructure is on-premises only
    • BThere is no difference between mutable and immutable infrastructure
    • Cmutable infrastructure is updated in-place; immutable infrastructure is replaced entirely for changesCorrect
    • Dmutable infrastructure is never changed after deployment; immutable infrastructure is frequently updated
    ✓ Correct answer: C

    This answer directly addresses the scenario presented in the question and aligns with Terraform best practices. The solution implements the most appropriate approach for managing infrastructure as code in this specific context.

    Why the other options are wrong
    • Amutable infrastructure only exists in the cloud; immutable infrastructure is on-premises only is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
    • BThere is no difference between mutable and immutable infrastructure is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
    • Dmutable infrastructure is never changed after deployment; immutable infrastructure is frequently updated is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
  5. Question 5Understand the Purpose of Terraform

    What is the Terraform Registry?

    • AA CI/CD pipeline tool built into Terraform
    • BA private database that stores Terraform state files
    • CA container registry for deploying Terraform-managed applications
    • DA public repository of providers, modules, and policy libraries that can be used in Terraform configurationsCorrect
    ✓ Correct answer: D

    This answer directly addresses the scenario presented in the question and aligns with Terraform best practices. The solution implements the most appropriate approach for managing infrastructure as code in this specific context.

    Why the other options are wrong
    • AA CI/CD pipeline tool built into Terraform is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
    • BA private database that stores Terraform state files is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
    • CA container registry for deploying Terraform-managed applications is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
  6. Question 6Understand the Purpose of Terraform

    What is the role of Terraform providers?

    • AThey store the Terraform state file
    • BThey provide a web-based UI for Terraform
    • CThey compile Terraform configurations into machine code
    • DThey serve as plugins that interact with specific APIs to manage resourcesCorrect
    ✓ Correct answer: D

    This answer directly addresses the scenario presented in the question and aligns with Terraform best practices. The solution implements the most appropriate approach for managing infrastructure as code in this specific context.

    Why the other options are wrong
    • AThey store the Terraform state file is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
    • BThey provide a web-based UI for Terraform is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
    • CThey compile Terraform configurations into machine code is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
  7. Question 7Understand Terraform Basics

    What does the count meta-argument do in a Terraform resource block?

    • AIt counts the number of existing resources of that type in the state
    • BIt creates multiple instances of a resource based on a numeric valueCorrect
    • CIt sets the retry count for failed resource provisioning
    • DIt limits the maximum number of API calls Terraform makes to the provider
    ✓ Correct answer: B

    This answer directly addresses the scenario presented in the question and aligns with Terraform best practices. The solution implements the most appropriate approach for managing infrastructure as code in this specific context.

    Why the other options are wrong
    • AIt counts the number of existing resources of that type in the state is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
    • CIt sets the retry count for failed resource provisioning is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
    • DIt limits the maximum number of API calls Terraform makes to the provider is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
  8. Question 8Understand Terraform Basics

    What does the 'terraform.tfstate' file contain?

    • Ahe credentials used to authenticate with cloud providers
    • Bhe Terraform configuration source code
    • C mapping between Terraform resources defined in configuration and the real-world infrastructure objects they represent
    • D log of all Terraform commands executed in the projectCorrect
    ✓ Correct answer: D

    This answer directly addresses the scenario presented in the question and aligns with Terraform best practices. The solution implements the most appropriate approach for managing infrastructure as code in this specific context.

    Why the other options are wrong
    • Ahe credentials used to authenticate with cloud providers is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
    • Bhe Terraform configuration source code is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
    • Cmapping between Terraform resources defined in configuration and the real-world infrastructure objects they represent is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
  9. Question 9Use Terraform CLI

    Which command is used to destroy all infrastructure managed by a Terraform configuration?

    • Aterraform delete
    • Bterraform destroyCorrect
    • Cterraform remove
    • Dterraform clean
    ✓ Correct answer: B

    This answer directly addresses the scenario presented in the question and aligns with Terraform best practices. The solution implements the most appropriate approach for managing infrastructure as code in this specific context.

    Why the other options are wrong
    • Aterraform delete is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
    • Cterraform remove is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
    • Dterraform clean is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
  10. Question 10Use Terraform CLI

    Which command would you use to import an existing infrastructure resource into Terraform state?

    • Aerraform pull
    • Berraform import
    • Cerraform refreshCorrect
    • Derraform get
    ✓ Correct answer: C

    This answer directly addresses the scenario presented in the question and aligns with Terraform best practices. The solution implements the most appropriate approach for managing infrastructure as code in this specific context.

    Why the other options are wrong
    • Aerraform pull is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
    • Berraform import is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
    • Derraform get is incorrect because it does not adequately address the core requirement or introduces a less effective solution for this scenario.
Unlock all 735 HashiCorp Terraform Associate (003) questions

HashiCorp Terraform Associate (003) practice exam FAQ

How many questions are in the HashiCorp Terraform Associate (003) practice exam on CertGrid?

CertGrid has 735 practice questions for HashiCorp Terraform Associate (003), covering 8 exam domains. The real HashiCorp Terraform Associate (003) exam has about 57 questions.

What is the passing score for HashiCorp Terraform Associate (003)?

The HashiCorp Terraform Associate (003) exam passing score is 700, and you have about 60 minutes to complete it. CertGrid scores your practice attempts the same way so you know when you are ready.

Are these official HashiCorp Terraform Associate (003) exam questions?

No. CertGrid is an independent practice platform. Questions are written to mirror the style and concepts of HashiCorp Terraform Associate (003), with full explanations, but they are not official or copied vendor exam items. They are original practice questions designed to help you genuinely learn the material.

Can I practice HashiCorp Terraform Associate (003) for free?

Yes. You can start practicing HashiCorp Terraform Associate (003) for free with daily practice and sample questions. Paid plans unlock full timed exams, complete explanations, and domain analytics.