Home
Vendors
FAQs
Login / Register

Popular Vendors

Microsoft

HP

Amazon

Fortinet

Nutanix

Palo Alto Networks

Dell EMC

CheckPoint

Isaca

NetApp

Pegasystems

CompTIA

SAP

IBM

Eccouncil

View All Vendors

Home
Docker
DCA

Docker Certified Associate Exam Practice Test

Page: 1 / 14
Total 183 questions

Want more questions? Get Premium Access.
()

Question 1

The Kubernetes yaml shown below describes a networkPolicy.

Will the networkPolicy BLOCK this trafftc?

Solution. a request issued from a pod bearing only the tier: frontend label, to a pod bearing the tier: backend label

AYes

BNo

Answer : A

The provided Kubernetes NetworkPolicy YAML configuration indicates that the policy applies to pods with the label tier: backend in the default namespace1. The ingress rule allows traffic from pods with the label tier: api1. Therefore, a request issued from a pod bearing only the tier: frontend label to a pod bearing the tier: backend label will be blocked by this networkPolicy1. This is because the networkPolicy does not have a rule allowing ingress from pods with the tier: frontend label1. For more information on Kubernetes NetworkPolicies, you can refer to the Kubernetes Documentation on Network Policies.

Question 2

Will this sequence of steps completely delete an image from disk in the Docker Trusted Registry?

Solution. Delete the image and remove permissions to the repository in the Docker

Trusted Registry.

AYes

BNo

Answer : B

= The sequence of steps will not completely delete an image from disk in the Docker Trusted Registry. Deleting the image and removing permissions to the repository will only remove the image from the registry's user interface and prevent unauthorized access to it.However, the image data will still remain on the registry's storage backend until garbage collection is performed1.Garbage collection is a process that removes unused blobs (layers) from the registry's storage2.To run garbage collection, the registry must be stopped and the commandbin/registry garbage-collect /etc/docker/registry/config.ymlmust be executed3.Alternatively, the registry can be configured to run garbage collection automatically at regular intervals4.Reference:

Deleting images | Docker Documentation

Garbage collection | Docker Documentation

How to delete images from a private docker registry? | Stack Overflow

Automating garbage collection | Docker Documentation

Question 3

Your organization has a centralized logging solution, such as Splunk.

Will this configure a Docker container to export container logs to the logging solution?

Solution. docker run -- log driver=splunk for every container at run time

AYes

BNo

Answer : A

The commanddocker run --log-driver=splunkfor every container at run time will configure a Docker container to export container logs to the logging solution.The reason is that the--log-driveroption specifies the logging driver for the container, which determines how the container logs are handled1.Thesplunklogging driver is a plugin that sends container logs to HTTP Event Collector in Splunk Enterprise and Splunk Cloud2.To use thesplunklogging driver, you also need to provide some additional options with the--log-optflag, such as the Splunk token, URL, source, sourcetype, index, etc2. For example, to run a container with thesplunklogging driver and send the logs to a Splunk instance with the URLhttps://splunk.example.com:8088and the token176fabb6-7811-4b3a-8ba0-4d49302e50f2, you can use:

docker run --log-driver=splunk --log-opt splunk-token=176fabb6-7811-4b3a-8ba0-4d49302e50f2 --log-opt splunk-url=https://splunk.example.com:8088 ...

This way, you can configure a Docker container to export container logs to Splunk, which is a centralized logging solution.Alternatively, you can also configure thesplunklogging driver as the default logging driver for the Docker daemon by setting thelog-driverandlog-optskeys in thedaemon.jsonfile and restarting Docker3. This will apply thesplunklogging driver to all containers unless overridden by the--log-driveroption.Reference:

Configure logging drivers

Splunk logging driver

Set the logging driver for the Docker daemon

Question 4

Does this describe the role of Control Groups (cgroups) when used with a Docker container?

Solution: isolation between resources used by containers

AYes

BNo

Answer : A

Control Groups (cgroups) are a Linux kernel feature that allow you to limit, modify, or allocate resources as needed1.Docker uses cgroups to isolate the resources used by containers, such as CPU, memory, disk I/O, network, etc2.This means that each container can have its own set of resource limits and constraints, and that the containers cannot interfere with each other or with the host system2. This improves the security, performance, and reliability of the containers and the system as a whole.Reference:

Lab: Control Groups (cgroups) | dockerlabs

Docker run reference | Docker Docs

Question 5

Seven managers are in a swarm cluster.

Is this how should they be distributed across three datacenters or availability zones?

Solution: 4-2-1

AYes

BNo

Answer : B

= This is not how the seven managers should be distributed across three datacenters or availability zones.A swarm cluster is a group of Docker hosts that are running in swarm mode and act as managers or workers1.A manager node is responsible for maintaining the swarm state and orchestrating the services2.A swarm cluster needs a quorum of managers to operate, which means a majority of managers must be available and able to communicate with each other3.

The problem with distributing the seven managers as 4-2-1 is that it creates a split-brain scenario, where the cluster can lose the quorum if one datacenter or availability zone fails. For example, if the datacenter with four managers goes down, the remaining three managers will not have enough votes to form a quorum, and the cluster will stop functioning.Similarly, if the datacenter with one manager goes down, the cluster will lose the tie-breaking vote and will not be able to elect a leader4.

A better way to distribute the seven managers across three datacenters or availability zones is to use 3-2-2, which ensures that the cluster can tolerate the failure of any one datacenter or availability zone and still maintain the quorum. For example, if the datacenter with three managers goes down, the remaining four managers will have enough votes to form a quorum and elect a leader.Similarly, if the datacenter with two managers goes down, the remaining five managers will have enough votes to form a quorum and elect a leader4.Reference:

Swarm mode overview | Docker Docs

Administer and maintain a swarm of Docker Engines | Docker Docs

Raft consensus in swarm mode | Docker Docs

Docker Swarm: How to distribute managers across availability zones? - Stack Overflow

Question 6

Is this statement correct?

Solution: A Dockerfile stores the Docker daemon's configuration options.

AYes

BNo

Answer : B

The statement isnotcorrect. A Dockerfile does not store the Docker daemon's configuration options.A Dockerfile is a text document that contains all the commands a user could call on the command line to assemble an image1. A Dockerfile is used to build images, not to configure the Docker daemon.The Docker daemon's configuration options are stored in a JSON file, which is usually located at /etc/docker/daemon.json on Linux systems, or C:\ProgramData\docker\config\daemon.json on Windows2.The JSON file allows you to customize the Docker daemon's behavior, such as enabling debug mode, setting TLS certificates, or changing the data directory2.Reference:Dockerfile reference),Docker daemon configuration overview)

Question 7

An application image runs in multiple environments, with each environment using different certificates and ports.

Is this a way to provision configuration to containers at runtime?

Solution: Create images that contain the specific configuration for every environment.

AYes

BNo

Answer : B

= Creating images that contain the specific configuration for every environment is not a way to provision configuration to containers at runtime.This approach violates the principle of separating application code from configuration, and makes the images less portable and reusable across different environments1.It also increases the maintenance overhead and the risk of configuration drift, as any change in the configuration would require rebuilding and redeploying the images2.To provision configuration to containers at runtime, you should use a different mechanism, such as environment variables, command-line arguments, or config maps345.Reference:

Configuration management with Containers | Kubernetes

Environment variables in Compose | Docker Docs

Override the default command | Docker Docs

Configuration management with Containers | Kubernetes

Page: 1 / 14
Total 183 questions

Unlock Full
DCA Exam Features

In Just $49 You can Access

All Official Question Types
Interactive Web-Based Practice Test Software
No Installation or 3rd Party Software Required
Customize your practice sessions (Free Demo)
24/7 Customer Support

Get Full Access Now

Unlock Full
DCA Exam Features

In Just $49 You can Access

All Official Question Types
Interactive Web-Based Practice Test Software
No Installation or 3rd Party Software Required
Customize your practice sessions (Free Demo)
24/7 Customer Support

Get Full Access Now

Login First To Buy This Product

Email

Password

Download PDF File Demo

Try Web-Based Exam Practice Software Demo

Desktop Practice Test

2024 certshero.com. All rights reserved.

All Products
Guarantee
Privacy Policy
F.A.Q.
DMCA
Contact Us
About Us