New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Docker DCA Dumps Questions Answers

Page: 1 / 13
Total 183 questions

Docker Certified Associate (DCA) Exam Questions and Answers

Question 1

In the context of a swarm mode cluster, does this describe a node?

Solution: an instance of the Docker engine participating in the swarm

Options:

A.

Yes

B.

No

Buy Now
Question 2

Does this command create a swarm service that only listens on port 53 using the UDP protocol?

Solution. ‘docker service create -name dns-cache -p 53:53 -udp dns-cache’

Options:

A.

Yes

B.

No

Question 3

Will a DTR security scan detect this?

Solution. private keys copied to the image

Options:

A.

Yes

B.

No

Question 4

Is this the purpose of Docker Content Trust?

Solution: Enable mutual TLS between the Docker client and server.

Options:

A.

Yes

B.

No

Question 5

A company's security policy specifies that development and production containers must run on separate nodes in a given Swarm cluster. Can this be used to schedule containers to meet the security policy requirements?

Solution. environment variables

Options:

A.

Yes

B.

No

Question 6

Is this the purpose of Docker Content Trust?

Solution. Sign and verify image tags.

Options:

A.

Yes

B.

No

Question 7

An application image runs in multiple environments, with each environment using different certificates and ports.

Is this a way to provision configuration to containers at runtime?

Solution: Create a Dockerfile for each environment, specifying ports and ENV variables for certificates.

Options:

A.

Yes

B.

No

Question 8

You want to create a container that is reachable from its host's network.

Does this action accomplish this?

Solution: Use network attach to access the container on the bridge network.

Options:

A.

Yes

B.

No

Question 9

You configure a local Docker engine to enforce content trust by setting the environment variable

DOCKER_CONTENT_TRUST=1.

If myorg/myimage: 1.0 is unsigned, does Docker block this command?

Solution: docker service create myorg/myimage:1.0

Options:

A.

Yes

B.

No

Question 10

A company's security policy specifies that development and production containers must run on separate nodes in a given Swarm cluster.

Can this be used to schedule containers to meet the security policy requirements?

Solution: node taints

Options:

A.

Yes

B.

No

Question 11

Two development teams in your organization use Kubernetes and want to deploy their applications while ensuring that Kubernetes-specific resources, such as secrets, are grouped together for each application.

Is this a way to accomplish this?

Solution: Create one pod and add all the resources needed for each application

Options:

A.

Yes

B.

No

Question 12

Does this command create a swarm service that only listens on port 53 using the UDP protocol?

Solution. ‘docker service create -name dns-cache -p 53:53 -constraint networking.protocol.udp=true dns-cache"

Options:

A.

Yes

B.

No

Question 13

Will this Linux kernel facility limit a Docker container's access to host resources, such as CPU or memory?

Solution. capabilities

Options:

A.

Yes

B.

No

Question 14

Is this a function of UCP?

Solution: image role-based access control

Options:

A.

Yes

B.

No

Question 15

A Kubernetes node is allocated a /26 CIDR block (64 unique IPs) for its

address space.

If every pod on this node has exactly two containers in it, how many pods can

this address space support on this node?

Options:

A.

-995

B.

64

C.

32 in every Kubernetes namespace

D.

64 for every service routing to pods on this node

E.

32

Question 16

In Docker Trusted Registry, is this how a user can prevent an image, such as 'nginx:latest’, from being overwritten by another user with push access to the repository?

Solution: Use the DTR web Ul to make all tags in the repository immutable.

Options:

A.

Yes

B.

No

Question 17

Is this an advantage of multi-stage builds?

Solution: optimizes Images by copying artifacts selectively from previous stages

Options:

A.

Yes

B.

No

Question 18

Does this command display all the pods in the cluster that are labeled as env; development'?

Solution. ‘kubectl gel pods --all-namespaces -I 'env in (development)''

Options:

A.

Yes

B.

No

Question 19

Is this an advantage of multi-stage builds?

Solution: faster image builds by allowing parallel execution of Docker builds

Options:

A.

Yes

B.

No

Question 20

Is this statement correct?

Solution: A Dockerfile stores the Docker daemon's configuration options.

Options:

A.

Yes

B.

No

Question 21

A company's security policy specifies that development and production containers must run on separate nodes in a given Swarm cluster.

Can this be used to schedule containers to meet the security policy requirements?

Solution: label contraints

Options:

A.

Yes

B.

No

Question 22

During development of an application meant to be orchestrated by Kubemetes, you want to mount the /data directory on your laptop into a container.

Will this strategy successfully accomplish this?

Solution. Create a Persistent VolumeClaim requesting storageClass:”” (which defaults to local storage) and hostPath: /data, and use this to populate a volume in a pod.

Options:

A.

Yes

B.

No

Question 23

Are these conditions sufficient for Kubernetes to dynamically provision a persistentVolume, assuming there are no limitations on the amount and type of available external storage?

Solution: A persistentVolumeClaim is created that specifies a pre-defined storageClass.

Options:

A.

Yes

B.

No

Question 24

Does this describe the role of Control Groups (cgroups) when used with a Docker container?

Solution: accounting and limiting of resources

Options:

A.

Yes

B.

No

Question 25

Does this command display all the pods in the cluster that are labeled as 'env: development'?

Solution: 'kubectl get pods --all-namespaces -I env=development'

Options:

A.

Yes

B.

No

Question 26

Is this a function of UCP?

Solution: scans images to detect any security vulnerability

Options:

A.

Yes

B.

No

Question 27

The Kubernetes yaml shown below describes a networkPolicy.

Will the networkPolicy BLOCK this trafftc?

Solution. a request issued from a pod bearing only the tier: frontend label, to a pod bearing the tier: backend label

Options:

A.

Yes

B.

No

Question 28

Will this command mount the host's '/data' directory to the ubuntu container in read-only mode?

Solution: 'docker run --volume /data:/mydata:ro ubuntu'

Options:

A.

Yes

B.

No

Question 29

Will this sequence of steps completely delete an image from disk in the Docker Trusted Registry?

Solution. Delete the image and delete the image repository from Docker Trusted Registry.

Options:

A.

Yes

B.

No

Question 30

One of several containers in a pod is marked as unhealthy after failing its livenessProbe many times. Is this the action taken by the orchestrator to fix the unhealthy container?

Solution: Kubernetes automatically triggers a user-defined script to attempt to fix the unhealthy container.

Options:

A.

Yes

B.

No

Question 31

You created a new service named 'http' and discover it is not registering as healthy. Will this command enable you to view the list of historical tasks for this service?

Solution: 'docker service ps http'

Options:

A.

Yes

B.

No

Question 32

Is this statement correct?

Solution. A Dockerfile stores persistent data between deployments of a container

Options:

A.

Yes

B.

No

Question 33

You add a new user to the engineering organization in DTR.

Will this action grant them read/write access to the engineering/api repository?

Solution: Add the user directly to the list of users with read/write access under the repository's Permissions tab.

Options:

A.

Yes

B.

No

Question 34

Does this command display all the pods in the cluster that are labeled as 'env: development'?

Solution: 'kubectl get pods --all-namespaces -label env=development'

Options:

A.

Yes

B.

No

Question 35

Is this a type of Linux kernel namespace that provides container isolation?

Solution: Authentication

Options:

A.

Yes

B.

No

Question 36

Is this a way to configure the Docker engine to use a registry without a trusted TLS certificate?

Solution. Set and export the IGNORE_TLS environment variable on the command line.

Options:

A.

Yes

B.

No

Question 37

You want to provide a configuration file to a container at runtime. Does this set of Kubernetes tools and steps accomplish this?

Solution: Mount the configuration file directly into the appropriate pod and container using the .spec.containers.configMounts key.

Options:

A.

Yes

B.

No

Question 38

Will this Linux kernel facility limit a Docker container's access to host resources, such as CPU or memory?

Solution: seccomp

Options:

A.

Yes

B.

No

Question 39

Which networking drivers allow you to enable multi-host network connectivity

between containers?

Options:

A.

macvlan, ipvlan, and overlay

B.

bridge, user-defined, host

C.

host, macvlan, overlay, user-defined

D.

bridge, macvlan, ipvlan, overlay

Question 40

The Kubernetes yaml shown below describes a clusterIP service.

Is this a correct statement about how this service routes requests?

Solution: Traffic sent to the IP of any pod with the label app: nginx on port 8080 will be forwarded to port 80 in that pod.

Options:

A.

Yes

B.

No

Question 41

In Docker Trusted Registry, is this how a user can prevent an image, such as 'nginx:latest’, from being overwritten by another user with push access to the repository?

Solution: Remove push access from all other users.

Options:

A.

Yes

B.

No

Question 42

The Kubernetes yaml shown below describes a networkPolicy.

Will the networkPolicy BLOCK this trafftc?

Solution. a request issued from a pod bearing the tier: backend label, to a pod bearing the tier: frontend label

Options:

A.

Yes

B.

No

Question 43

Your organization has a centralized logging solution, such as Splunk.

Will this configure a Docker container to export container logs to the logging solution?

Solution: Set the log-driver and log-oPt keys to values for the logging solution (Splunk) In the daemon.json file.

Options:

A.

Yes

B.

No

Question 44

A persistentVolumeClaim (PVC) is created with the specification storageClass: "", and size requirements that cannot be satisfied by any existing persistentVolume.

Is this an action Kubernetes takes in this situation?

Solution: The PVC remains unbound until a persistentVolume that matches all requirements of the PVC becomes available.

Options:

A.

Yes

B.

No

Question 45

A user's attempts to set the system time from inside a Docker container are unsuccessful.

Could this be blocking this operation?

Solution. SELinux

Options:

A.

Yes

B.

No

Question 46

Is this a supported user authentication method for Universal Control Plane?

Solution. SAML

Options:

A.

Yes

B.

No

Question 47

Is this a Linux kernel namespace that is disabled by default and must be enabled at Docker engine runtime to be used?

Solution. pid

Options:

A.

Yes

B.

No

Question 48

Will this command list all nodes in a swarm cluster from the command line?

Solution. ‘docker inspect nodes

Options:

A.

Yes

B.

No

Question 49

In Docker Trusted Registry, is this how a user can prevent an image, such as 'nginx:latest’, from being overwritten by another user with push access to the repository?

Solution: Keep a backup copy of the image on another repository.

Options:

A.

Yes

B.

No

Question 50

Is this a Linux kernel namespace that is disabled by default and must be enabled at Docker engine runtime to be used?

Solution: user

Options:

A.

Yes

B.

No

Question 51

Is this a way to configure the Docker engine to use a registry without a trusted TLS certificate?

Solution. Set INSECURE_REGISTRY in the’ /etc/docker/default’ configuration file.

Options:

A.

Yes

B.

No

Question 52

Is this an advantage of multi-stage builds?

Solution: simultaneously creates and tags multiple images

Options:

A.

Yes

B.

No

Question 53

You add a new user to the engineering organization in DTR.

Will this action grant them read/write access to the engineering/api repository?

Solution: Add them to a team in the engineering organization that has read/write access to the engineering/api repository.

Options:

A.

Yes

B.

No

Page: 1 / 13
Total 183 questions