Ask Question
Docker DCA Practice Test - Questions Answers, Page 11
Add to Whishlist
List of questions
Question 101
Will this action upgrade Docker Engine CE to Docker Engine EE?
Solution: Manually download the 'docker-ee' package
Yes
No
= Manually downloading the 'docker-ee' package will not upgrade Docker Engine CE to Docker Engine EE. Docker Engine CE and Docker Engine EE are two different products with different installation methods and features.Docker Engine CE is a free and open source containerization platform, while Docker Engine EE is a subscription-based enterprise-grade platform that offers additional features such as security scanning, certified plugins, and support12.To upgrade from Docker Engine CE to Docker Engine EE, you need to uninstall Docker Engine CE and install Docker Engine EE following the official documentation3.Reference:
What is the exact difference between Docker EE (Enterprise Edition), Docker CE (Community Edition) and Docker (Custom Support) - Stack Overflow
Difference between Docker Community Edition (CE) vs Docker Enterprise Edition (EE) in 2020
Install Docker Engine | Docker Docs
Question 102
The Kubernetes yaml shown below describes a clusterIP service.
Is this a correct statement about how this service routes requests?
Solution: Traffic sent to the IP of this service on port 8080 will be routed to port 80 in a random pod with the label aPP: nginx.
Yes
No
The statement is correct. In the provided Kubernetes YAML, it's defined that traffic sent to the IP of this service on port 8080 will be routed to port 80 in a random pod with the label app: nginx. This is because it's a ClusterIP service type which is meant for internal communication within the cluster, and it uses selectors to route traffic to the correct pods.Reference:Docker Certified Associate Guide,DCA Prep Guide
Question 103
The Kubernetes yaml shown below describes a clusterIP service.
Is this a correct statement about how this service routes requests?
Solution: Traffic sent to the IP of any pod with the label app: nginx on port 8080 will be forwarded to port 80 in that pod.
Yes
No
The statement is incorrect because it does not mention the service name or the clusterIP address. Traffic sent to the IP of any pod with the label app: nginx on port 8080 will not be forwarded to port 80 in that pod, unless the traffic is coming from another pod within the same cluster that knows the pod IP. To access the service from outside the cluster, the traffic must be sent to the clusterIP address of the service, which is assigned by Kubernetes, and the port 8080 of the service, which is defined in the yaml file. The service will then forward the traffic to one of the selected pods on port 80.
To summarize, the correct statement should be:
Traffic sent to theclusterIP addressof the servicedcaon port8080will be forwarded to port 80 in one of the pods with the label app: nginx.
Question 104
In the context of a swarm mode cluster, does this describe a node?
Solution: a physical machine participating in the swarm
Yes
No
A node is a physical or virtual machine running Docker Engine in swarm mode1.A node can be either a manager or a worker, depending on its role in the cluster1.A physical machine participating in the swarm is a node, regardless of its role or availability2.Reference:
How nodes work | Docker Docs
Manage nodes in a swarm | Docker Docs
Question 105
In the context of a swarm mode cluster, does this describe a node?
Solution: an instance of the Docker engine participating in the swarm
Yes
No
In the context of a swarm mode cluster, an instance of the Docker engine participating in the swarm is indeed a node1.A node can be either a manager or a worker, depending on the role assigned by the swarm manager2.A manager node handles the orchestration and management of the swarm, while a worker node executes the tasks assigned by the manager2.A node can join or leave a swarm at any time, and the swarm manager will reconcile the desired state of the cluster accordingly1.Reference:
1: Swarm mode overview | Docker Docs
2: Manage nodes in a swarm | Docker Docs
Question 106
Is this a function of UCP?
Solution: scans images to detect any security vulnerability
Yes
No
= Scanning images to detect any security vulnerability is a function of UCP.UCP integrates with Docker Trusted Registry (DTR), which is a secure and scalable image storage solution1.DTR has a built-in image scanning feature that checks every layer of every image for known vulnerabilities and displays the results in the UCP web UI2. This helps users to identify and fix any security issues before deploying their applications.UCP also allows users to enforce security policies and only allow running applications that use images that are scanned and free of vulnerabilities3.Reference:
Docker Trusted Registry | Docker Docs
Scan images for vulnerabilities | Docker Docs
Manage images | Docker Docs
Question 107
Is this a function of UCP?
Solution: image role-based access control
Yes
No
Image role-based access control isnota function of UCP. UCP has its own built-in authentication mechanism and integrates with LDAP services.It also has role-based access control (RBAC), so that you can control who can access and make changes to your cluster and applications1.However, image role-based access control is a feature of Docker Trusted Registry (DTR), which integrates with UCP and allows you to manage the images you use for your applications2.DTR lets you define granular permissions for images, such as who can push, pull, delete, or scan them3.Reference:Universal Control Plane overview), Docker Trusted Registry overview),Docker Access Control)
Question 108
Is this a function of UCP?
Solution: enforces the deployment of signed images to the cluster
Yes
No
= This is a function of UCP, as it integrates with Docker Trusted Registry (DTR) to provide built-in security and access control for your images. DTR allows you to enforce security policies and only allow running applications that use Docker images you know and trust. You can sign your images with Docker Content Trust (DCT) to prove their authenticity and integrity.UCP will verify the signatures of the images before deploying them to the cluster12.Reference:
Universal Control Plane overview | dockerlabs
How to Sign Your Docker Images to Increase Trust - How-To Geek
Question 109
You are troubleshooting a Kubernetes deployment called api, and want to see the events table for this object.
Does this command display it?
Solution: kubectl get deployment api
Unlock Premium Member
Question 110
A user's attempts to set the system time from inside a Docker container are unsuccessful.
Could this be blocking this operation?
Solution. SELinux
Related questions
Export
If you didn't receive an email within 5 minutes, you should submit a support request to Support@examgecko.com.
|
BASIC - 1 Month
$
3
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PLUS - 2 Months
$
15
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PRO - 6 Months
$
40
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Selling illegal goods, money scams etc.
Serious attack on a group.
Harassing an individual (including doxing)
Threatening or glorifying violence or serious harm, including self-harm
Nudity/Sexual content
Sexually explicit or suggestive imagery or writing involving minors
Sexually explicit or suggestive imagery or writing involving non-consenting adults or non-humans
Reusing content without attribution (link and blockquotes)
Not in English or has very bad formatting, grammar, and spelling
Author's credential is offensive, spam, or impersonation
Ex. Illegal content, incomplete question...
Question