New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

DCA Docker Certified Associate (DCA) Exam Questions and Answers

Questions 4

You configure a local Docker engine to enforce content trust by setting the environment variable

DOCKER_CONTENT_TRUST=1.

If myorg/myimage: 1.0 is unsigned, does Docker block this command?

Solution: docker image import myorg/myimage:1.0

Options:

A.

Yes

B.

No

Buy Now
Questions 5

A users attempts to set the system time from inside a Docker container are unsuccessful. Could this be blocking this operation?

Solution: Linux capabilities

Options:

A.

Yes

B.

No

Buy Now
Questions 6

Will this Linux kernel facility limit a Docker container's access to host resources, such as CPU or memory?

Solution. capabilities

Options:

A.

Yes

B.

No

Buy Now
Questions 7

Are these conditions sufficient for Kubernetes to dynamically provision a persistentVolume, assuming there are no limitations on the amount and type of available external storage?

Solution: A persistentVolumeClaim is created that specifies a pre-defined storageClass.

Options:

A.

Yes

B.

No

Buy Now
Questions 8

You are troubleshooting a Kubernetes deployment called api, and want to see the events table for this object. Does this command display it?

Solution: kubectl describe deployment api

Options:

A.

Yes

B.

No

Buy Now
Questions 9

A company's security policy specifies that development and production containers must run on separate nodes in a given Swarm cluster. Can this be used to schedule containers to meet the security policy requirements?

Solution. environment variables

Options:

A.

Yes

B.

No

Buy Now
Questions 10

A company's security policy specifies that development and production containers must run on separate nodes in a given Swarm cluster.

Can this be used to schedule containers to meet the security policy requirements?

Solution: resource reservation

Options:

A.

Yes

B.

No

Buy Now
Questions 11

Will this command ensure that overlay traffic between service tasks is encrypted?

Solution: docker network create -d overlay --secure

Options:

A.

Yes

B.

No

Buy Now
Questions 12

In the context of a swarm mode cluster, does this describe a node?

Solution. an instance of the Docker CLI connected to the swarm

Options:

A.

Yes

B.

No

Buy Now
Questions 13

A Kubernetes node is allocated a /26 CIDR block (64 unique IPs) for its

address space.

If every pod on this node has exactly two containers in it, how many pods can

this address space support on this node?

Options:

A.

-995

B.

64

C.

32 in every Kubernetes namespace

D.

64 for every service routing to pods on this node

E.

32

Buy Now
Questions 14

Will this command mount the host's '/data' directory to the ubuntu container in read-only mode?

Solution: 'docker run --volume /data:/mydata:ro ubuntu'

Options:

A.

Yes

B.

No

Buy Now
Questions 15

Will this command list all nodes in a swarm cluster from the command line?

Solution: 'docker swarm nodes'

Options:

A.

Yes

B.

No

Buy Now
Questions 16

A company's security policy specifies that development and production containers must run on separate nodes in a given Swarm cluster.

Can this be used to schedule containers to meet the security policy requirements?

Solution: label contraints

Options:

A.

Yes

B.

No

Buy Now
Questions 17

Will a DTR security scan detect this?

Solution: licenses for known third party binary components

Options:

A.

Yes

B.

No

Buy Now
Questions 18

Does this command create a swarm service that only listens on port 53 using the UDP protocol?

Solution. ‘docker service create -name dns-cache -p 53:53 -constraint networking.protocol.udp=true dns-cache"

Options:

A.

Yes

B.

No

Buy Now
Questions 19

The following Docker Compose file is deployed as a stack:

Is this statement correct about this health check definition?

Solution. Health checks lest for app health ten seconds apart. Three failed health checks transition the container into "unhealthy" status.

Options:

A.

Yes

B.

No

Buy Now
Questions 20

Is this a Linux kernel namespace that is disabled by default and must be enabled at Docker engine runtime to be used?

Solution: mnt

Options:

A.

Yes

B.

No

Buy Now
Questions 21

In Docker Trusted Registry, is this how a user can prevent an image, such as 'nginx:latest’, from being overwritten by another user with push access to the repository?

Solution: Remove push access from all other users.

Options:

A.

Yes

B.

No

Buy Now
Questions 22

Will a DTR security scan detect this?

Solution. image configuration poor practices, such as exposed ports or inclusion of compilers in production images

Options:

A.

Yes

B.

No

Buy Now
Questions 23

Two development teams in your organization use Kubernetes and want to deploy their applications while ensuring that Kubernetes-specific resources, such as secrets, are grouped together for each application.

Is this a way to accomplish this?

Solution: Create one pod and add all the resources needed for each application

Options:

A.

Yes

B.

No

Buy Now
Questions 24

The Kubernetes yaml shown below describes a networkPolicy.

Will the networkPolicy BLOCK this trafftc?

Solution. a request issued from a pod bearing the tier: backend label, to a pod bearing the tier: frontend label

Options:

A.

Yes

B.

No

Buy Now
Questions 25

The Kubernetes yaml shown below describes a networkPolicy.

Will the networkPolicy BLOCK this traffic?

Solution: a request issued from a pod bearing the tier: backend label, to a pod bearing the tier: frontend label

Options:

A.

Yes

B.

No

Buy Now
Questions 26

Does this command display all the pods in the cluster that are labeled as env; development'?

Solution. ‘kubectl gel pods --all-namespaces -I 'env in (development)''

Options:

A.

Yes

B.

No

Buy Now
Questions 27

Does this describe the role of Control Groups (cgroups) when used with a Docker container?

Solution: role-based access control to clustered resources

Options:

A.

Yes

B.

No

Buy Now
Questions 28

Can this set of commands identify the published port(s) for a container?

Solution. ‘docker port inspect", docker container inspect"

Options:

A.

Yes

B.

No

Buy Now
Questions 29

Can this set of commands identify the published port(s) for a container?

Solution: docker container inspect', 'docker port'

Options:

A.

Yes

B.

No

Buy Now
Questions 30

An application image runs in multiple environments, with each environment using different certificates and ports.

Is this a way to provision configuration to containers at runtime?

Solution: Create images that contain the specific configuration for every environment.

Options:

A.

Yes

B.

No

Buy Now
Questions 31

During development of an application meant to be orchestrated by Kubemetes, you want to mount the /data directory on your laptop into a container.

Will this strategy successfully accomplish this?

Solution. Create a Persistent VolumeClaim requesting storageClass:”” (which defaults to local storage) and hostPath: /data, and use this to populate a volume in a pod.

Options:

A.

Yes

B.

No

Buy Now
Questions 32

You add a new user to the engineering organization in DTR.

Will this action grant them read/write access to the engineering/api repository?

Solution: Add them to a team in the engineering organization that has read/write access to the engineering/api repository.

Options:

A.

Yes

B.

No

Buy Now
Questions 33

A company's security policy specifies that development and production containers must run on separate nodes in a given Swarm cluster.

Can this be used to schedule containers to meet the security policy requirements?

Solution: node taints

Options:

A.

Yes

B.

No

Buy Now
Questions 34

You are troubleshooting a Kubernetes deployment called api, and want to see the events table for this object. Does this command display it?

Solution: kubectl events deployment api

Options:

A.

Yes

B.

No

Buy Now
Questions 35

Will this sequence of steps completely delete an image from disk in the Docker Trusted Registry?

Solution. Delete the image and delete the image repository from Docker Trusted Registry.

Options:

A.

Yes

B.

No

Buy Now
Questions 36

Is this an advantage of multi-stage builds?

Solution: optimizes Images by copying artifacts selectively from previous stages

Options:

A.

Yes

B.

No

Buy Now
Questions 37

Seven managers are in a swarm cluster.

Is this how should they be distributed across three datacenters or availability zones?

Solution: 3-3-1

Options:

A.

Yes

B.

No

Buy Now
Questions 38

In the context of a swarm mode cluster, does this describe a node?

Solution: a physical machine participating in the swarm

Options:

A.

Yes

B.

No

Buy Now
Questions 39

During development of an application meant to be orchestrated by Kubernetes, you want to mount the /data directory on your laptop into a container.

Will this strategy successfully accomplish this?

Solution. Set containers. Mounts. hostBinding: /data in the container's specification.

Options:

A.

Yes

B.

No

Buy Now
Questions 40

You want to mount external storage to a particular filesystem path in a

container in a Kubernetes pod.

What is the correct set of objects to use for this?

Options:

A.

a persistentVolume in the pod specification, populated with a persistentVolumeClaim which is bound to a volume defined by a storageClass

B.

a storageClass in the pod's specification, populated with a volume which is bound to a provisioner defined by a persistentVolume

C.

a volume in the pod specification, populated with a storageClass which is bound to a provisioner defined by a persistentVolume

D.

a volume in the pod specification, populated with a persistentVolumeClaim bound to a persistentVolume defined by a storageClass

Buy Now
Questions 41

The Kubernetes yaml shown below describes a networkPolicy.

Will the networkPolicy BLOCK this traffic?

Solution: a request issued from a pod lacking the tier: api label, to a pod bearing the tier: backend label

Options:

A.

Yes

B.

No

Buy Now
Questions 42

Which docker run` flag lifts cgroup limitations?

Options:

A.

`docker run -privileged

B.

`docker run -cpu-period

C.

`docker run -isolation

D.

`docker run -cap-drop

Buy Now
Questions 43

Will this command mount the host's '/data* directory to the ubuntu container in read-only mode?

Solution. ‘docker run -add-volume /data /mydata -read-only ubuntu'

Options:

A.

Yes

B.

No

Buy Now
Questions 44

An application image runs in multiple environments, with each environment using different certificates and ports.

Is this a way to provision configuration to containers at runtime?

Solution: Create a Dockerfile for each environment, specifying ports and ENV variables for certificates.

Options:

A.

Yes

B.

No

Buy Now
Questions 45

A company's security policy specifies that development and production containers must run on separate nodes in a given Swarm cluster.

Can this be used to schedule containers to meet the security policy requirements?

Solution: node affinities

Options:

A.

Yes

B.

No

Buy Now
Questions 46

The following Docker Compose file is deployed as a stack:

Is this statement correct about this health check definition?

Solution: Health checks test for app health five seconds apart. If the test fails, the container will be restarted three times before it gets rescheduled.

Options:

A.

Yes

B.

No

Buy Now
Questions 47

You created a new service named 'http' and discover it is not registering as healthy. Will this command enable you to view the list of historical tasks for this service?

Solution: 'docker service inspect http'

Options:

A.

Yes

B.

No

Buy Now
Questions 48

You created a new service named 'http' and discover it is not registering as healthy. Will this command enable you to view the list of historical tasks for this service?

Solution: 'docker service ps http'

Options:

A.

Yes

B.

No

Buy Now
Questions 49

Will this configuration achieve fault tolerance for managers in a swarm?

Solution: one manager node for two worker nodes

Options:

A.

Yes

B.

No

Buy Now
Questions 50

Is this a supported user authentication method for Universal Control Plane?

Solution. x.500

Options:

A.

Yes

B.

No

Buy Now
Questions 51

Does this command display all the pods in the cluster that are labeled as 'env: development'?

Solution: 'kubectl get pods -I env=development'

Options:

A.

Yes

B.

No

Buy Now
Questions 52

One of several containers in a pod is marked as unhealthy after failing its livenessProbe many times. Is this the action taken by the orchestrator to fix the unhealthy container?

Solution: Kubernetes automatically triggers a user-defined script to attempt to fix the unhealthy container.

Options:

A.

Yes

B.

No

Buy Now
Questions 53

Will this command ensure that overlay traffic between service tasks is encrypted?

Solution. docker network create -d overlay --secure

Options:

A.

Yes

B.

No

Buy Now
Questions 54

Is this statement correct?

Solution. A Dockerfile stores persistent data between deployments of a container

Options:

A.

Yes

B.

No

Buy Now
Exam Code: DCA
Exam Name: Docker Certified Associate (DCA) Exam
Last Update: Dec 26, 2024
Questions: 183
DCA pdf

DCA PDF

$25.5  $84.99
DCA Engine

DCA Testing Engine

$30  $99.99
DCA PDF + Engine

DCA PDF + Testing Engine

$40.5  $134.99