[2023] DCA by Docker Certified Associate Actual Free Exam Practice Test
Free Docker Certified Associate DCA Exam Question
Docker Certified Associate (DCA) certification exam is a highly sought-after certification in the IT industry. Docker Certified Associate (DCA) Exam certification demonstrates your proficiency in Docker technologies and tools, which are widely used in modern software development and deployment. The DCA certification exam is an excellent way to advance your career and increase your earning potential. It also provides you with credibility and recognition in the industry, which can open up new career opportunities for you.
NEW QUESTION # 56
What is the difference between the ADD and COPY dockerfile instructions? (choosen 2)
- A. COPY supports compression format handling while ADD does not.
- B. ADD supports regular expression handling while COPY does not.
- C. ADD support remote URL handling while COPY does not.
- D. COPY supports regular expression handling while ADD does not.
- E. ADD supports compression format handling while COPY does not.
Answer: C
NEW QUESTION # 57
The following Docker Compose file is deployed as a stack:
Is this statement correct about this health check definition?
Solution: Health checks test for app health ten seconds apart. If the test fails, the container will be restarted three times before it gets rescheduled.
- A. Yes
- B. No
Answer: B
NEW QUESTION # 58
You want to provide a configuration file to a container at runtime. Does this set of Kubernetes tools and steps accomplish this?
Solution: Mount the configuration file directly into the appropriate pod and container using the
.spec.containers.configMounts key.
- A. Yes
- B. No
Answer: B
Explanation:
Explanation
This set of Kubernetes tools and steps does not accomplish this, because there is no such key as
.spec.containers.configMounts in the pod specification. According to the official documentation, the correct key to use for mounting a configuration file directly into a container is .spec.containers.volumeMounts, which requires a corresponding volume definition in .spec.volumes.
References:
https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#add-configmap-data-to-a-vo
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#container-v1-core
NEW QUESTION # 59
You created a new service named 'http' and discover it is not registering as healthy. Will this command enable you to view the list of historical tasks for this service?
Solution: 'docker inspect http'
- A. Yes
- B. No
Answer: B
Explanation:
Explanation
Using 'docker inspect http' does not enable you to view the list of historical tasks for this service. The docker inspect command shows low-level information about one or more objects, such as containers, images, networks, volumes, etc. It does not show information about services or tasks. To view the list of historical tasks for this service, you need to use 'docker service ps http'. References:
https://docs.docker.com/engine/reference/commandline/inspect/,
https://docs.docker.com/engine/reference/commandline/service_ps/
NEW QUESTION # 60
A company's security policy specifies that development and production containers must run on separate nodes in a given Swarm cluster. Can this be used to schedule containers to meet the security policy requirements?
Solution. label constraints
- A. No
- B. Yes
Answer: B
Explanation:
Explanation
Label constraints can be used to schedule containers to meet the security policy requirements. Label constraints are expressions that match node labels to service labels. Node labels are key-value pairs that can be attached to nodes to identify them by certain characteristics, such as role, environment, region, etc. Service labels are key-value pairs that can be attached to services to specify scheduling preferences or requirements, such as node.role == manager or environment != production. Label constraints can be used with the
--constraint flag when creating or updating a service to ensure that the service's containers are scheduled on nodes that match the specified criteria. References:
https://docs.docker.com/engine/swarm/services/#specify-service-constraints,
https://docs.docker.com/engine/swarm/manage-nodes/#add-or-remove-label-metadata
NEW QUESTION # 61
You want to create a container that is reachable from its host's network. Does this action accomplish this?
Solution: Use --link to access the container on the bridge network.
- A. Yes
- B. No
Answer: B
Explanation:
Explanation
Using --link to access the container on the bridge network does not make the container reachable from its host's network. The --link option allows containers to communicate with each other using a private network created by Docker. To make a container reachable from its host's network, you need to use either EXPOSE or
--publish to access the containers on the bridge network. References: https://docs.docker.com/network/links/,
https://docs.docker.com/network/bridge/
NEW QUESTION # 62
Will this configuration achieve fault tolerance for managers in a swarm?
Solution: an odd number of manager nodes, totaling more than two
- A. No
- B. Yes
Answer: B
Explanation:
Explanation
This configuration will achieve fault tolerance for managers in a swarm, because an odd number of manager nodes allows for quorum-based consensus among managers and avoids split-brain scenarios. According to the official documentation, having more than two manager nodes ensures that there is always at least one manager available in case of failures.
References: https://docs.docker.com/engine/swarm/admin_guide/#add-manager-nodes-for-fault-tolerance
NEW QUESTION # 63
One of several containers in a pod is marked as unhealthy after failing its livenessProbe many times. Is this the action taken by the orchestrator to fix the unhealthy container?
Solution: Kubernetes automatically triggers a user-defined script to attempt to fix the unhealthy container.
- A. Yes
- B. No
Answer: B
NEW QUESTION # 64
Which of the following is true about overlay networks?
- A. Overlay networks are only created on the manager nodes.
- B. Overlay networks are created only on the manager node that you created the overlay
networking on - C. Overlay networks are created on all cluster nodes when you create the overlay network.
- D. Overlay networks are first created on the manager nodes. Then they are created on the
worker nodes once a task is scheduled on the specific worker node.
Answer: C
NEW QUESTION # 65
The Kubernetes yaml shown below describes a networkPolicy.
Will the networkPolicy BLOCK this traffic?
Solution: a request issued from a pod bearing the tier: backend label, to a pod bearing the tier: frontend label
- A. No
- B. Yes
Answer: B
Explanation:
Explanation
The networkPolicy will block this traffic because it only allows ingress traffic from pods that have the tier: api label. Pods that have the tier: backend label do not match this selector and are therefore denied access to pods that have the tier: frontend label.
References:
https://kubernetes.io/docs/concepts/services-networking/network-policies/#the-networkpolicy-resource
NEW QUESTION # 66
You want to create a container that is reachable from its host's network. Does this action accomplish this?
Solution: Use either EXPOSE or --publish to access the containers on the bridge network
- A. No
- B. Yes
Answer: B
Explanation:
Explanation
Using either EXPOSE or --publish to access the containers on the bridge network makes the container reachable from its host's network. The EXPOSE instruction in the Dockerfile specifies which ports the container listens on at runtime, while the --publish option maps a port on the host to a port in the container.
Both options allow external access to the container's services. References:
https://docs.docker.com/engine/reference/builder/#expose,
https://docs.docker.com/config/containers/container-networking/
NEW QUESTION # 67
Which 'docker run' flag lifts cgroup limitations?
- A. 'docker run --cap-drop'
- B. 'docker run --cpu-period'
- C. 'docker run --isolation'
- D. 'docker run --privileged'
Answer: D
NEW QUESTION # 68
Seven managers are in a swarm cluster.
Is this how should they be distributed across three datacenters or availability zones?
Solution: 3-2-2
- A. No
- B. Yes
Answer: B
Explanation:
Explanation
This is how they should be distributed across three datacenters or availability zones, because having an even distribution of managers across datacenters or availability zones ensures that the swarm can survive the loss of any one datacenter or availability zone and maintain quorum. According to the official documentation, managers should be distributed evenly across datacenters or availability zones to ensure that the swarm can survive the loss of any one datacenter or availability zone.
References: https://docs.docker.com/engine/swarm/admin_guide/#add-manager-nodes-for-fault-tolerance
NEW QUESTION # 69
Will this command mount the host's '/data' directory to the ubuntu container in read-only mode?
Solution: 'docker run -v /data:/mydata --mode readonly ubuntu'
- A. No
- B. Yes
Answer: B
NEW QUESTION # 70
Will this action upgrade Docker Engine CE to Docker Engine EE?
Solution: Uninstall 'docker-ce' package before installing 'docker-ee' package.
- A. No
- B. Yes
Answer: B
Explanation:
Explanation
Uninstalling 'docker-ce' package before installing 'docker-ee' package does upgrade Docker Engine CE to Docker Engine EE. Docker Engine CE is the free and open source edition of Docker Engine, while Docker Engine EE is the enterprise-ready edition that includes additional features and support. To upgrade from CE to EE, you need to uninstall the 'docker-ce' package and its dependencies, and then install the 'docker-ee' package from the Docker repository. References:
https://docs.docker.com/engine/install/centos/#upgrade-docker-after-using-the-convenience-script,
https://docs.docker.com/engine/install/centos/#install-using-the-repository
NEW QUESTION # 71
You are troubleshooting a Kubernetes deployment called api, and want to see the events table for this object.
Does this command display it?
Solution: kubectl events deployment api
- A. Yes
- B. No
Answer: B
Explanation:
Explanation
Using kubectl events deployment api does not display the events table for this object. The kubectl events command shows cluster-level events, but it does not accept a resource name as an argument. To see the events table for this object, you need to use kubectl describe deployment api. References:
https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#events,
https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#describe
NEW QUESTION # 72
Will this command display a list of volumes for a specific container?
Solution: docker volume inspect nginx'
- A. Yes
- B. No
Answer: B
NEW QUESTION # 73
You add a new user to the engineering organization in DTR.
Will this action grant them read/write access to the engineering/api repository?
Solution: Add them to a team in the engineering organization that has read/write access to the engineering/api repository.
- A. No
- B. Yes
Answer: B
Explanation:
Explanation
This action will grant them read/write access to the engineering/api repository, because adding them to a team in the engineering organization that has read/write access to the engineering/api repository is another way to grant permissions to a user in DTR. According to the official documentation, this is an example of using teams and organizations for managing permissions.
References: https://docs.docker.com/ee/dtr/user/manage-repos/permission-levels/
NEW QUESTION # 74
Is this an advantage of multi-stage builds?
Solution: optimizes Images by copying artifacts selectively from previous stages
- A. No
- B. Yes
Answer: B
Explanation:
Explanation
Optimizing images by copying artifacts selectively from previous stages is an advantage of multi-stage builds.
Multi-stage builds allow you to use multiple FROM statements in your Dockerfile, each starting a new stage of the build. You can selectively copy artifacts from one stage to another, leaving behind everything you don't want in the final image. This reduces the size and complexity of your images, and improves security and performance. References: https://docs.docker.com/build/building/multi-stage/,
https://docs.docker.com/engine/reference/builder/#copy
NEW QUESTION # 75
Some Docker images take time to build through a Continuous Integration environment. You want to speed up builds and take advantage of build caching.
Where should the most frequently changed part of a Docker image be placed in a Dockerfile?
- A. at the bottom of the Dockerfile
- B. after the FROM directive
- C. at the top of the Dockerfile
- D. in the ENTRYPOINT directive
Answer: A
NEW QUESTION # 76
A company's security policy specifies that development and production containers must run on separate nodes in a given Swarm cluster. Can this be used to schedule containers to meet the security policy requirements?
Solution. environment variables
- A. Yes
- B. No
Answer: B
Explanation:
Explanation
Environment variables cannot be used to schedule containers to meet the security policy requirements.
Environment variables are key-value pairs that can be passed to containers when they are created or run.
Environment variables can be used to configure the behavior of the containerized application or provide runtime information, such as database credentials, API keys, etc. Environment variables do not affect how containers are scheduled on nodes in a swarm mode cluster. References:
https://docs.docker.com/engine/reference/commandline/run/#set-environment-variables-e-env-env-file,
https://docs.docker.com/engine/swarm/services/#create-a-service
NEW QUESTION # 77
Will this command ensure that overlay traffic between service tasks is encrypted?
Solution: docker service create --network --encrypted
- A. Yes
- B. No
Answer: B
Explanation:
Explanation
This command will not ensure that overlay traffic between service tasks is encrypted, because it uses an invalid option for enabling encryption and an incomplete option for specifying the network. According to the official documentation, there is no such option as --encrypted for the docker service create command. The correct option to use is --network <network-name> where <network-name> is an existing overlay network that was created with encryption enabled.
References: https://docs.docker.com/network/drivers/overlay/#encryption
https://docs.docker.com/engine/reference/commandline/service_create/
NEW QUESTION # 78
Is this a supported user authentication method for Universal Control Plane?
Solution: PAM
- A. Yes
- B. No
Answer: B
Explanation:
Explanation
PAM is not a supported user authentication method for Universal Control Plane. According to the official documentation, the supported methods are LDAP, Active Directory, SAML 2.0, and local users.
References: https://docs.docker.com/ee/ucp/admin/configure/external-auth/
NEW QUESTION # 79
After creating a new service named 'http', you notice that the new service is not registering as healthy. How do
you view the list of historical tasks for that service by using the command line?
- A. 'docker inspect http'
- B. 'docker service inspect http'
- C. 'docker service ps http'
- D. 'docker ps http'
Answer: C
NEW QUESTION # 80
One of several containers in a pod is marked as unhealthy after failing its livenessProbe many times. Is this the action taken by the orchestrator to fix the unhealthy container?
Solution: Kubernetes automatically triggers a user-defined script to attempt to fix the unhealthy container.
- A. Yes
- B. No
Answer: B
Explanation:
Explanation
Kubernetes does not automatically trigger a user-defined script to attempt to fix the unhealthy container, because Kubernetes does not have such a feature. According to the official documentation, Kubernetes only supports three types of probes: exec, httpGet, and tcpSocket, and none of them can execute arbitrary scripts.
References:
https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-a-li
NEW QUESTION # 81
......
Docker DCA Actual Questions and Braindumps: https://www.actual4exams.com/DCA-valid-dump.html
DCA dumps & Docker Certified Associate sure practice dumps: https://drive.google.com/open?id=1nHDYRpcnDU8a7sWQeNRG6p5Cmkuw2SrK