CDP Study Guide 2026

Everything you need to pass the CDP exam in one place: the exam format, every topic to study, real practice questions with explanations, flashcards, and full-length practice tests. Free, no sign-up needed.

📚 CDP Topics to Study (21)

✍️ Sample CDP Questions & Answers

1. Image scanning in a container registry is used to:
Detect known CVEs in OS packages and application libraries within the image

Registry-integrated scanners check image layers against vulnerability databases and block or alert on images that exceed policy thresholds.

2. Security regression testing in CI/CD is intended to:
Verify that previously fixed vulnerabilities have not been reintroduced

Regression tests for security ensure that code changes do not accidentally reopen vulnerabilities that were previously remediated.

3. What is the primary output of the PASTA (Process for Attack Simulation and Threat Analysis) threat modeling methodology?
A prioritized list of threats aligned with business impact and risk

PASTA is a risk-centric, seven-stage methodology that produces a threat analysis aligned with business objectives and the organization's risk appetite.

4. What role does security policy play in DevSecOps?
Provide guidelines for managing risks and ensuring compliance

Security policies are fundamental in DevSecOps as they establish the foundational rules and principles for integrating security into every stage of the development pipeline. They provide clear guidelines for teams on how to manage risks, implement security controls, and handle sensitive data. This ensures that all development and operational activities align with organizational security objectives and regulatory compliance requirements, fostering a consistent and secure environment.

5. Which documentation practice is most important for cloud infrastructure & deployment in the CDP field?
Maintaining complete, accurate, and timely records

Maintaining complete, accurate, and timely records is crucial for accountability, quality assurance, and legal compliance in cloud infrastructure & deployment.

6. An admission controller in Kubernetes is best described as:
A webhook that intercepts and validates or mutates API requests before they are persisted

Admission controllers enforce security policies (e.g., blocking privileged containers) at the API server level before objects are created or modified.

🎯 Free CDP Practice Tests

📖 CDP Guides & Articles

Your CDP Study Path
1. Learn with Flashcards → 2. Drill Practice Tests → 3. Take the Full Exam Simulation
CDP Study Guide 2026 — Exam Format, Topics & Practice Questions