Docker Certified Associate Practice Exam

Docker Certified Associate Practice Exam

The Docker Certified Associate (DCA) exam, delivered by Mirantis, assesses your foundational knowledge and skills in deploying and managing Docker containers. It serves as the first step in the official Docker certification program. 

Who should take this exam?

This exam is ideal for:

• Individuals new to Docker technology.
• IT professionals seeking to validate their basic Docker skills.
• Those seeking to gain a foundation for further Docker certifications.

Roles and responsibilities:

This exam aligns with roles such as:

• System Administrators
• Cloud Engineers
• DevOps Engineers
• Developers interested in containerized applications.

Exam details:

• Format: 55 questions (multiple choice and discrete option multiple choice)
• Duration: 90 minutes
• Passing score: 75%
• Delivery: Remotely proctored on your Windows or Mac computer
  

Who should take Docker Certified Associate Exam?

Docker Certified Associate Exam requires knowledge and skills include objective components like -

• 6-months experience with Docker
• Also, Exposure to Docker Enterprise Edition
• Experience with container security
• Additionally, Experience with at least 1 cloud provider
• Understanding of Docker Best Practices
• Moreover, Experience with configuration management tools
• Finally, Experience with Linux and/or Windows Server

Course Outline 

Domain 1: Orchestration (25% of exam)

Content may include the following:

• Complete the setup of a swarm mode cluster, with managers and worker nodes
• Describing and demonstrate how to extend the instructions to run individual containers into running services under swarm.
• Describing the importance of quorum in a swarm cluster.
• Describing the difference between running a container and running a service.
• Interpret the output of “docker inspect” commands.
• Convert an application deployment into a stack file using a YAML compose file with "docker stack deploy"
• Manipulate a running stack of services.
• Describing and demonstrate orchestration activities.
• Increase the number of replicas.
• Add networks, publish ports.
• Mount volumes.
• Describing and demonstrate how to run replicated and global services.
• Apply node labels to demonstrate placement of tasks.
• Describing and demonstrate how to use templates with “docker service create”.
• Identify the steps needed to troubleshoot a service not deploying.
• Describing how a Dockerized application communicates with legacy systems.
• Describing how to deploy containerized workloads as Kubernetes pods and deployments.
• Describing how to provide configuration to Kubernetes pods using configMaps and secrets.

Domain 2: Image Creation, Management, and Registry (20% of exam)

Content may include the following:

• Describing the use of Dockerfile.
• Describing options, such as add, copy, volumes, expose, entry point.
• Identify and display the main parts of a Dockerfile.
• Describing and demonstrate how to create an efficient image via a Dockerfile.
• Describing and demonstrate how to use CLI commands to manage images, such as list, delete, prune, rmi.
• Describing and demonstrate how to inspect images and report specific attributes using filter and format
• Describing and demonstrate how to tag an image.
• Describing and demonstrate how to apply a file to create a Docker image.
• Describing and demonstrate how to display layers of a Docker image
• Describing and demonstrate how to modify an image to a single layer.
• Describing and demonstrate registry functions.
• Deploy a registry.
• Log into a registry.
• Utilize search in a registry.
• Push an image to a registry.
• Sign an image in a registry.
• Pull and delete images from a registry

Domain 3: Installation and Configuration (15% of exam)

Content may include the following:

• Describing sizing requirements for installation.
• Describing and demonstrate the setup of repo, selection of a storage driver, and installation of the Docker engine on multiple platforms.
• Describing and demonstrate configuration of logging drivers (splunk, journald, etc.).
• Describing and demonstrate how to set up swarm, configure managers, add nodes, and setup the backup schedule.
• Describing and demonstrate how to create and manage user and teams.
• Describing and demonstrate how to configure the Docker daemon to start on boot.
• Describing and demonstrate how to use certificate-based client-server authentication to ensure a Docker daemon has the rights to access images on a registry.
• Describing the use of namespaces, cgroups, and certificate configuration.
• Describing and interpret errors to troubleshoot installation issues without assistance.
• Describing and demonstrate the steps to deploy the Docker engine, UCP, and DTR on AWS and on-premises in an HA configuration.
• Describing and demonstrate how to configure backups for UCP and DTR.

Domain 4: Networking (15% of exam)

Content may include the following:

• Describing the Container Network Model and how it interfaces with the Docker engine and network and IPAM drivers.
• Describing the different types and use cases for the built-in network drivers.
• Describing the types of traffic that flow between the Docker engine, registry and UCP controllers.
• Describing and demonstrate how to create a Docker bridge network for developers to use for their containers.
• Describing and demonstrate how to publish a port so that an application is accessible externally.
• Identify which IP and port a container is externally accessible on.
• Compare and contrast “host” and “ingress” publishing modes.
• Describing and demonstrate how to configure Docker to use external DNS.
• Describing and demonstrate how to use Docker to load balance HTTP/HTTPs traffic to an application (Configure L7 load balancing with Docker EE).
• Understand and describe the types of traffic that flow between the Docker engine, registry, and UCP controllers
• Describing and demonstrate how to deploy a service on a Docker overlay network.
• Describing and demonstrate how to troubleshoot container and engine logs to resolve connectivity issues between containers.
• Describing how to route traffic to Kubernetes pods using ClusterIP and NodePort services.
• Describing the Kubertnetes’ container network model.

Domain 5: Security (15% of exam)

Content may include the following:

• Describing security administration and tasks.
• Describing the process of signing an image.
• Describing default engine security.
• Describing swarm default security.
• Describing MTLS.
• Describing identity roles.
• Compare and contrast UCP workers and managers.
• Describing the process to use external certificates with UCP and DTR.
• Describing and demonstrate that an image passes a security scan.
• Describing and demonstrate how to enable Docker Content Trust.
• Describing and demonstrate how to configure RBAC with UCP.
• Describing and demonstrate how to integrate UCP with LDAP/AD.
• Describing and demonstrate how to create UCP client bundles.

Domain 6: Storage and Volumes (10% of exam)

Content may include the following:

• Identify the correct graph drivers to uses with various operating systems.
• Describing and demonstrate how to configure devicemapper.
• Compare and contrast object and block storage and when they should be used.
• Describing how an application is composed of layers and where these layers reside on the filesystem.
• Describing the use of volumes are used with Docker for persistent storage.
• Identify the steps to take to clean up unused images on a filesystem and DTR.
• Describing and demonstrate how storage can be used across cluster nodes.
• Describing how to provision persistent storage to a Kubernetes pod using persistent Volumes.
• Describing the relationship between container storage interface drivers, storageClass, persistentVolumeClaim and volume objects in Kubernetes.