Free Docker DCA Exam Actual Questions

The questions for DCA were last updated On Jan 18, 2025

Get All 183 Questions
Question No. 1

Will this command list all nodes in a swarm cluster from the command line?

Solution: 'docker node Is'

Show Answer Hide Answer
Correct Answer: A

= (Please check the official Docker site for the comprehensive explanation)Reference: (Some possible references from the web search results are)

[Docker Swarm Tutorial: Manage Multiple Docker Hosts - Edureka]

[Docker Swarm - Docker Documentation]

[Docker Swarm Tutorial: How to Manage Multiple Docker Hosts - Linux Hint]

[Docker Swarm Tutorial: How to Manage Multiple Docker Hosts - YouTube]

[Docker Swarm Tutorial: How to Manage Multiple Docker Hosts - Medium]

I hope this helps you in your exam preparation. Good luck!


Question No. 2

Two development teams in your organization use Kubernetes and want to deploy their applications while ensuring that Kubernetes-specific resources, such as secrets, are grouped together for each application.

Is this a way to accomplish this?

Solution: Create one namespace for each application and add all the resources to it.

Show Answer Hide Answer
Correct Answer: A

Namespaces in Kubernetes are a way to create and organize virtual clusters within physical clusters where we can isolate a group of resources within a single cluster1.Namespace helps to organize resources such as pods, services, and volumes within the cluster2. By creating one namespace for each application and adding all the resources to it, the development teams can ensure that Kubernetes-specific resources, such as secrets, are grouped together for each application.This also provides a scope for names, a mechanism to attach authorization and policy, and a way to divide cluster resources between multiple users3.Reference:

Namespaces | Kubernetes

Kubernetes - Namespaces - GeeksforGeeks

Namespaces Walkthrough | Kubernetes


Question No. 3

You configure a local Docker engine to enforce content trust by setting the environment variable

DOCKER_CONTENT_TRUST=1.

If myorg/myimage: 1.0 is unsigned, does Docker block this command?

Solution: docker image inspect myorg/myimage: 1.0

Show Answer Hide Answer
Correct Answer: A

= Docker will block the commanddocker image inspect myorg/myimage: 1.0if the image tag is unsigned and the environment variable DOCKER_CONTENT_TRUST is set to 1.This is because Docker Content Trust (DCT) enables the verification of the integrity and publisher of Docker images using digital signatures1.When DCT is enabled, Docker will only pull, run, or inspect images that have a valid signature2.If the image tag is not signed, Docker will reject the command and display an error message, such asNo valid trust data for 1.03. To inspect an unsigned image, you need to either disable DCT by setting DOCKER_CONTENT_TRUST to 0, or use the--disable-content-trustflag with the command.Reference:

Content trust in Docker | Docker Docs

Enable and disable content trust in Docker | Docker Docs

Docker Content Trust: What It Is and How It Secures Container Images

[docker image inspect | Docker Docs]


Question No. 4

The Kubernetes yaml shown below describes a networkPolicy.

Will the networkPolicy BLOCK this trafftc?

Solution. a request issued from a pod bearing the tier: backend label, to a pod bearing the tier: frontend label

Show Answer Hide Answer
Correct Answer: A

: The networkPolicy willblockthe traffic from a pod bearing the tier: backend label, to a pod bearing the tier: frontend label.The networkPolicy specifies that only pods with the tier: frontend label can access the pods with the app: guestbook-api and tier: backend labels on port 801.Any other traffic to the backend pods will be denied by default2. Therefore, a request issued from a pod bearing the tier: backend label, to a pod bearing the tier: frontend label will be blocked by the networkPolicy.Reference:Connect a Frontend to a Backend Using Services),Network Policies)


Question No. 5

Will this command list all nodes in a swarm cluster from the command line?

Solution. 'docker inspect nodes

Show Answer Hide Answer
Correct Answer: B

The commanddocker inspect nodeswill not list all nodes in a swarm cluster from the command line.This is becausedocker inspectrequires one or more names or IDs of the objects to inspect1.To list all nodes in a swarm cluster, you need to use the commanddocker node ls2, which will display information such as node ID, hostname, status, availability, and role3.Reference:

docker inspect | Docker Docs

docker node ls | Docker Docs

How to list nodes in a Docker swarm cluster


Get All 183 Questions Explore Other Docker Exams