New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Question # 4

Will this command list all nodes in a swarm cluster from the command line?

Solution. ‘docker inspect nodes

A.

Yes

B.

No

Full Access
Question # 5

You configure a local Docker engine to enforce content trust by setting the environment variable

DOCKER_CONTENT_TRUST=1.

If myorg/myimage: 1.0 is unsigned, does Docker block this command?

Solution: docker image import myorg/myimage:1.0

A.

Yes

B.

No

Full Access
Question # 6

Your organization has a centralized logging solution, such as Sptunk.

Will this configure a Docker container to export container logs to the logging solution?

Solution. docker system events- -filter splunk

A.

Yes

B.

No

Full Access
Question # 7

Will a DTR security scan detect this?

Solution: licenses for known third party binary components

A.

Yes

B.

No

Full Access
Question # 8

You created a new service named 'http' and discover it is not registering as healthy. Will this command enable you to view the list of historical tasks for this service?

Solution: 'docker ps http'

A.

Yes

B.

No

Full Access
Question # 9

Will a DTR security scan detect this?

Solution. private keys copied to the image

A.

Yes

B.

No

Full Access
Question # 10

Are these conditions sufficient for Kubernetes to dynamically provision a persistentVolume, assuming there are no limitations on the amount and type of available external storage?

Solution: A default storageClass is specified, and subsequently a persistentVolumeClaim is created.

A.

Yes

B.

No

Full Access
Question # 11

Will this action upgrade Docker Engine CE to Docker Engine EE?

Solution: Uninstall 'docker-ce' package before installing 'docker-ee' package.

A.

Yes

B.

No

Full Access
Question # 12

A company's security policy specifies that development and production containers must run on separate nodes in a given Swarm cluster. Can this be used to schedule containers to meet the security policy requirements?

Solution. label constraints

A.

Yes

B.

No

Full Access
Question # 13

Will this command display a list of volumes for a specific container?

Solution. ‘docker container inspect nginx’

A.

Yes

B.

No

Full Access
Question # 14

Your organization has a centralized logging solution, such as Splunk.

Will this configure a Docker container to export container logs to the logging solution?

Solution. docker run -- log driver=splunk for every container at run time

A.

Yes

B.

No

Full Access
Question # 15

Is this a way to configure the Docker engine to use a registry without a trusted TLS certificate?

Solution: List insecure registries in the 'daemon.json configuration file under the \insecure-registries' key.

A.

Yes

B.

No

Full Access
Question # 16

Is this a way to configure the Docker engine to use a registry without a trusted TLS certificate?

Solution. Set and export the IGNORE_TLS environment variable on the command line.

A.

Yes

B.

No

Full Access
Question # 17

You add a new user to the engineering organization in DTR.

Will this action grant them read/write access to the engineering/api repository?

Solution. Mirror the engineering/api repository to one of the user's own private repositories.

A.

Yes

B.

No

Full Access
Question # 18

The Kubernetes yaml shown below describes a clusterIP service.

Is this a correct statement about how this service routes requests?

Solution: Traffic sent to the IP of this service on port 80 will be routed to port 8080 in a random pod with the label app:

nginx.

A.

Yes

B.

No

Full Access
Question # 19

You want to provide a configuration file to a container at runtime. Does this set of Kubernetes tools and steps accomplish this?

Solution: Turn the configuration file into a configMap object, use it to populate a volume associated with the pod, and mount that file from the volume to the appropriate container and path.

A.

Yes

B.

No

Full Access
Question # 20

You created a new service named 'http' and discover it is not registering as healthy. Will this command enable you to view the list of historical tasks for this service?

Solution: 'docker service ps http'

A.

Yes

B.

No

Full Access
Question # 21

You are troubleshooting a Kubernetes deployment called api, and want to see the events table for this object. Does this command display it?

Solution: kubectl describe deployment api

A.

Yes

B.

No

Full Access
Question # 22

Is this a type of Linux kernel namespace that provides container isolation?

Solution: Authentication

A.

Yes

B.

No

Full Access
Question # 23

Which networking drivers allow you to enable multi-host network connectivity

between containers?

A.

macvlan, ipvlan, and overlay

B.

bridge, user-defined, host

C.

host, macvlan, overlay, user-defined

D.

bridge, macvlan, ipvlan, overlay

Full Access
Question # 24

You created a new service named 'http' and discover it is not registering as healthy. Will this command enable you to view the list of historical tasks for this service?

Solution: 'docker service inspect http'

A.

Yes

B.

No

Full Access
Question # 25

In Docker Trusted Registry, is this how a user can prevent an image, such as 'nginx:latest’, from being overwritten by another user with push access to the repository?

Solution: Keep a backup copy of the image on another repository.

A.

Yes

B.

No

Full Access
Question # 26

Seven managers are in a swarm cluster.

Is this how should they be distributed across three datacenters or availability zones?

Solution: 5-1-1

A.

Yes

B.

No

Full Access
Question # 27

The following Docker Compose file is deployed as a stack:

Is this statement correct about this health check definition?

Solution. Health checks lest for app health ten seconds apart. Three failed health checks transition the container into "unhealthy" status.

A.

Yes

B.

No

Full Access
Question # 28

Will this Linux kernel facility limit a Docker container's access to host resources, such as CPU or memory?

Solution: cgroups

A.

Yes

B.

No

Full Access
Question # 29

You want to create a container that is reachable from its host's network.

Does this action accomplish this?

Solution: Use network attach to access the container on the bridge network.

A.

Yes

B.

No

Full Access
Question # 30

You add a new user to the engineering organization in DTR.

Will this action grant them read/write access to the engineering/api repository?

Solution: Add the user directly to the list of users with read/write access under the repository's Permissions tab.

A.

Yes

B.

No

Full Access
Question # 31

Can this set of commands identify the published port(s) for a container?

Solution. ‘docker port inspect", docker container inspect"

A.

Yes

B.

No

Full Access
Question # 32

In the context of a swarm mode cluster, does this describe a node?

Solution: an instance of the Docker engine participating in the swarm

A.

Yes

B.

No

Full Access
Question # 33

Will this command display a list of volumes for a specific container?

Solution. ‘docker container logs nginx –volumes’

A.

Yes

B.

No

Full Access
Question # 34

Will this configuration achieve fault tolerance for managers in a swarm?

Solution: one manager node for two worker nodes

A.

Yes

B.

No

Full Access
Question # 35

Will this command mount the host's '/data' directory to the ubuntu container in read-only mode?

Solution: 'docker run --volume /data:/mydata:ro ubuntu'

A.

Yes

B.

No

Full Access
Question # 36

Can this set of commands identify the published port(s) for a container?

Solution: docker container inspect', 'docker port'

A.

Yes

B.

No

Full Access
Question # 37

The Kubernetes yaml shown below describes a networkPolicy.

Will the networkPolicy BLOCK this trafftc?

Solution. a request issued from a pod bearing only the tier: frontend label, to a pod bearing the tier: backend label

A.

Yes

B.

No

Full Access
Question # 38

Will this command list all nodes in a swarm cluster from the command line?

Solution. ‘docker inspect nodes

A.

Yes

B.

No

Full Access
Question # 39

Will this Linux kernel facility limit a Docker container's access to host resources, such as CPU or memory?

Solution: namespaces

A.

Yes

B.

No

Full Access
Question # 40

Will this command mount the host's '/data' directory to the ubuntu container in read-only mode?

Solution: 'docker run --add-volume /data /mydata -read-only ubuntu'

A.

Yes

B.

No

Full Access
Question # 41

Will this action upgrade Docker Engine CE to Docker Engine EE?

Solution. Disable the Docker service via ‘chkconfig' or 'systemctl'.

A.

Yes

B.

No

Full Access
Question # 42

During development of an application meant to be orchestrated by Kubernetes, you want to mount the /data directory on your laptop into a container.

Will this strategy successfully accomplish this?

Solution: Create a PersistentVolume with storageciass: "" and hostPath: /data, and a persistentVolumeClaim requesting this PV. Then use that PVC to populate a volume in a pod

A.

Yes

B.

No

Full Access
Question # 43

Does this describe the role of Control Groups (cgroups) when used with a Docker container?

Solution: isolation between resources used by containers

A.

Yes

B.

No

Full Access
Question # 44

Does this command display all the pods in the cluster that are labeled as 'env: development'?

Solution: 'kubectl get pods --all-namespaces -I env=development'

A.

Yes

B.

No

Full Access
Question # 45

Your organization has a centralized logging solution, such as Splunk.

Will this configure a Docker container to export container logs to the logging solution?

Solution. Set the log-driver-and log-opt keys to values for the logging solution (Splunk) in the daemon.json file.

A.

Yes

B.

No

Full Access
Question # 46

Is this statement correct?

Solution. A Dockerfile stores persistent data between deployments of a container

A.

Yes

B.

No

Full Access
Question # 47

Does this command display all the pods in the cluster that are labeled as 'env: development'?

Solution: 'kubectl get pods --all-namespaces -label env=development'

A.

Yes

B.

No

Full Access
Question # 48

Will this command list all nodes in a swarm cluster from the command line?

Solution: 'docker swarm nodes'

A.

Yes

B.

No

Full Access
Question # 49

You want to provide a configuration file to a container at runtime. Does this set of Kubernetes tools and steps accomplish this?

Solution: Turn the configuration file into a configMap object and mount it directly into the appropriate pod and container using the .spec.containers.configMounts key.

A.

Yes

B.

No

Full Access
Question # 50

In Docker Trusted Registry, is this how a user can prevent an image, such as 'nginx:latest’, from being overwritten by another user with push access to the repository?

Solution: Remove push access from all other users.

A.

Yes

B.

No

Full Access