Pod lifecycle, Deployments vs StatefulSets vs DaemonSets, Services and Ingress, RBAC and ServiceAccounts, HPA, liveness vs readiness probes, NetworkPolicy, PersistentVolumes, and common troubleshooting scenarios including CrashLoopBackOff and OOMKilled.

Dockerfile best practices, multi-stage builds, minimal base images (alpine, distroless), layer caching, CMD vs ENTRYPOINT, Docker networking (bridge, host, overlay), named volumes vs bind mounts, security hardening with non-root users and read-only filesystems.

EC2 instance types and placement groups, VPC design with subnets and NAT, IAM roles and policies, S3 storage classes and lifecycle rules, EKS cluster architecture, Lambda functions and event sources, RDS Multi-AZ vs Read Replicas, CloudWatch and Auto Scaling.

AKS architecture, Azure DevOps pipelines vs GitHub Actions, App Service plans, Virtual Networks and NSGs, Azure Key Vault and Managed Identity, Azure Load Balancer vs Application Gateway, Azure Monitor and Log Analytics, Entra ID (formerly Azure AD) and RBAC.

Providers, resources, data sources, and variables. Remote state with S3 and DynamoDB locking. Modules for reusability. Workspaces for environment isolation. Import existing infrastructure. Terraform plan/apply/destroy lifecycle. State manipulation and taint commands.

GitOps principles and ArgoCD architecture. Application CRD, sync policies (auto vs manual), self-healing, and pruning. App-of-apps pattern for multi-cluster management. Image Updater for automated tag promotion. Handling secrets in GitOps pipelines with External Secrets Operator.

Workflow YAML structure, triggers (push, pull_request, schedule, workflow_dispatch), jobs and steps, secrets and OIDC for passwordless cloud auth, actions/cache for speed, matrix builds for parallel testing, reusable workflows, and concurrency controls.

Declarative vs Scripted Pipelines, Jenkinsfile structure, agents and node labels, shared libraries for DRY pipelines, credential binding, upstream/downstream jobs, Blue Ocean UI, parallel stages, and integration with SonarQube, Nexus, and Kubernetes agents.

Chart structure (Chart.yaml, values.yaml, templates), Go templating syntax, values override hierarchy (--set vs -f vs defaults), helm upgrade --install for idempotent CI deploys, rollback via helm history, lifecycle hooks for database migrations, and OCI chart repositories.

Prometheus data model (metrics, labels, timestamps), scrape configurations, PromQL query language, recording rules for expensive queries, Alertmanager routing and inhibition, Grafana dashboards and data sources, and the four golden signals: latency, traffic, errors, saturation.

Branching strategies (GitFlow vs trunk-based development), rebase vs merge and when to use each, interactive rebase for squashing commits, git reflog as a safety net, cherry-pick, bisect for bug hunting, and branch protection rules for team workflows.

File permissions and ownership (chmod, chown, umask), process management (ps, kill signals, systemctl), networking tools (ss, ip, dig, curl), log analysis with journalctl, cron jobs and scheduling, performance analysis with top/vmstat/iostat, and shell scripting fundamentals.

SAST analysis, quality gates and quality profiles, bugs vs vulnerabilities vs code smells vs security hotspots, test coverage integration with JaCoCo and pytest-cov, Jenkins and GitHub Actions integration, branch analysis, and technical debt measurement.

OWASP Top 10 with mitigations, shift-left security principles, SAST vs DAST, complete DevSecOps pipeline stages: Gitleaks for secret scanning, SonarQube for SAST, OWASP Dependency-Check for SCA, Trivy for image scanning, and OWASP ZAP for DAST.

Binary repository management, repository types (local, remote, virtual), artifact promotion from snapshot to release, retention policies, integration with Maven, Docker, npm and pip, Xray scanning for CVEs, and build information for full traceability.

SPL (Search Processing Language) for log analysis, Universal and Heavy Forwarders for log collection, index management, dashboards and visualizations, saved searches and scheduled alerts, field extractions, and Splunk as a SIEM for security event correlation.

SLI, SLO, SLA definitions and relationships, error budget calculation and usage, burn rate alerting, MTTR and MTBF, blameless post-mortem structure, toil definition and reduction strategies, deployment strategies (blue-green, canary, rolling), and incident management workflows.

Maven build lifecycle phases, dependency scopes (compile, runtime, provided, test), BOM (Bill of Materials) for version management, multi-module projects, SNAPSHOT vs RELEASE artifact promotion, plugin configuration, and Gradle comparison for DevOps interviews.