DCA Exam Dumps : Docker Certified Associate (DCA) Exam

= The pid namespace is not a Linux kernel namespace that is disabled by default and must be enabled at Docker engine runtime to be used. The pid namespace is one of the six namespaces that are enabled by default when you run a container with Docker1. The pid namespace isolates the process ID number space, meaning that processes in different pid namespaces can have the same PID2. This allows containers to have their own init process with PID 1 and to limit the visibility and interaction of processes between containers and the host3. To disable the pid namespace, you need to use the --pid option with the docker run command and specify the host or another container as the pid mode. References:

Docker run reference | Docker Docs

pid_namespaces(7) - Linux manual page - man7.org

Building containers by hand: The PID namespace - Enable Sysadmin

[Share host and container processes with --pid | Docker Docs]

 Docker Content Trust (DCT) is a feature that allows users to verify the integrity and publisher of container images they pull or deploy from a registry server, signed on a Notary server12. DCT does not verify or encrypt the Docker registry TLS, which is a separate mechanism for securing the communication between the Docker client and the registry server. The purpose of DCT is to ensure that the images are not tampered with or maliciously modified by anyone other than the original publisher3. References:

Content trust in Docker | Docker Docs

Docker Content Trust: What It Is and How It Secures Container Images

Automation with content trust | Docker Docs