Free Preparation Discussions
MENU
Docker DCA Exam Questions
- Topic 1: Orchestration: This section of the exam measures the skills of DevOps engineers and covers the configuration and management of Docker Swarm clusters. It includes tasks such as setting up manager and worker nodes, converting containers into services, and manipulating stacks. Candidates must understand the role of templates, inspect and troubleshoot running services, and adjust service scaling and placement using node labels. The section also requires interpreting docker inspect outputs and handling communication between Dockerized applications and legacy systems, emphasizing the importance of quorum in cluster resilience.
- Topic 2: Image Creation, Management, and Registry: This domain assesses cloud infrastructure administrators and focuses on building, managing, and optimizing Docker images. It involves working with Dockerfiles, tagging, and pruning images, as well as understanding image layering and registry usage. Candidates must demonstrate image creation from files, modifications to reduce layers, and the ability to push, pull, and sign images. Registry configuration and management are also included, with tasks involving authentication, search, deletion, and secure access to stored images.
- Topic 3: Installation and Configuration (15%): This section of the exam evaluates the capabilities of cloud infrastructure administrators and addresses Docker engine installation, setup, and configuration across multiple platforms. It includes tasks such as logging driver selection, swarm initialization, error resolution, and user access management. Candidates must demonstrate knowledge of system prerequisites, namespaces, cgroups, and the implementation of secure client-server certificate authentication. It also requires consistent deployment practices for Docker UCP and DTR environments, including backup scheduling and HA configurations.
- Topic 4: Networking: This domain targets DevOps engineers and covers Docker networking fundamentals. It includes creating bridge and overlay networks, publishing ports, diagnosing connectivity issues, and understanding network driver types. Candidates are expected to comprehend the Container Network Model, configure external DNS, and apply HTTP/HTTPS load balancing techniques using Docker EE. Additional topics include evaluating traffic flow between Docker components and distinguishing between different port publishing modes like host and ingress.
- Topic 5: Domain 5: Security: This part of the exam focuses on the knowledge of cloud infrastructure administrators and addresses Docker security configurations and practices. It covers image signing, security scans, Docker Content Trust, and default engine protections. Candidates must configure RBAC settings within UCP, integrate identity systems such as LDAP or Active Directory, and manage UCP client bundles. Understanding MTLS, swarm security defaults, and UCP/DTR certificate usage is essential to meet the requirements of this domain.
- Topic 6: Domain 6: Storage and Volumes: This domain measures the practical storage configuration knowledge of DevOps engineers. It includes selecting appropriate storage drivers based on the OS, configuring devicemapper, and comparing object and block storage. Candidates must understand image layering and its implications on the file system, handle volume configuration for persistent storage, and perform system cleanup of unused images. Cross-node storage usage and differentiating roles between UCP workers and managers are also addressed, along with managing external certificates within UCP and DTR environments.
Free Docker DCA Exam Actual Questions
Note: Premium Questions for DCA were last updated On Mar. 08, 2026 (see below)
You set up an automatic pruning policy on a DTR repository to prune all images using Apache licenses.
What effect does this have on images in this repository?
Seven managers are in a swarm cluster.
Is this how should they be distributed across three datacenters or availability zones?
Solution: 4-2-1
= This is not how the seven managers should be distributed across three datacenters or availability zones.A swarm cluster is a group of Docker hosts that are running in swarm mode and act as managers or workers1.A manager node is responsible for maintainingthe swarm state and orchestrating the services2.A swarm cluster needs a quorum of managers to operate, which means a majority of managers must be available and able to communicate with each other3.
The problem with distributing the seven managers as 4-2-1 is that it creates a split-brain scenario, where the cluster can lose the quorum if one datacenter or availability zone fails. For example, if the datacenter with four managers goes down, the remaining three managers will not have enough votes to form a quorum, and the cluster will stop functioning.Similarly, if the datacenter with one manager goes down, the cluster will lose the tie-breaking vote and will not be able to elect a leader4.
A better way to distribute the seven managers across three datacenters or availability zones is to use 3-2-2, which ensures that the cluster can tolerate the failure of any one datacenter or availability zone and still maintain the quorum. For example, if the datacenter with three managers goes down, the remaining four managers will have enough votes to form a quorum and elect a leader.Similarly, if the datacenter with two managers goes down, the remaining five managers will have enough votes to form a quorum and elect a leader4.Reference:
Swarm mode overview | Docker Docs
Administer and maintain a swarm of Docker Engines | Docker Docs
Raft consensus in swarm mode | Docker Docs
Docker Swarm: How to distribute managers across availability zones? - Stack Overflow
In Kubernetes, to mount external storage to a filesystem path in a container within a pod, you would use a volume in the pod specification. This volume is populated with a persistentVolumeClaim that is bound to an existing persistentVolume. The persistentVolume is defined and managed by the storageClass which provides dynamic or static provisioning of the volume and determines what type of storage will be provided1. Reference:
*Dynamic Volume Provisioning | Kubernetes
Is this a supported user authentication method for Universal Control Plane?
Solution: Docker ID
Docker Universal Control Plane (UCP) has its own built-in authentication mechanism and integrates with LDAP services1.It also has role-based access control (RBAC), so that you can control who can access and make changes to your cluster and applications1.However, there is no mention of Docker ID being a supported user authentication method for UCP in the resources provided1234.
Does this command create a swarm service that only listens on port 53 using the UDP protocol?
Solution. 'docker service create -name dns-cache -p 53:53/udp dns-cache"
= The command 'docker service create -name dns-cache -p 53:53/udp dns-cache' is not correct and will not create a swarm service that only listens on port 53 using the UDP protocol. There are two errors in the command:
The option-nameshould be--namewith two dashes, otherwise it will be interpreted as a short option-nfollowed by an argumentame1.
The option-por--publishwill publish the service port to the host port, which means the service will be reachable from outside the swarm2.To create a service that only listens on the internal network, you need to use the--publish-addoption with themode=ingressflag3.
The correct command should be:
docker service create --name dns-cache --publish-add mode=ingress,target=53,published=53,protocol=udp dns-cache
:
docker service create | Docker Docs
Publish ports on the host | Docker Docs
Publish a port for a service | Docker Docs
Which networking drivers allow you to enable multi-host network connectivity
between containers?
The networking drivers that allow you to enable multi-host network connectivity between containers are bridge, macvlan, ipvlan, and overlay. These drivers create networks that can span multiple Docker hosts, and therefore enable containers on different hosts to communicate with each other. The other drivers, such as host, user-defined, and none, create networks that are either isolated or limited to a single host. Here is a brief overview of each driver and how it supports multi-host networking:
*bridge: The bridge driver creates a network that connects containers on the same host using a Linux bridge. However, it can also be used to create a network that connects containers across multiple hosts using an external key-value store, such as Consul, Etcd, or ZooKeeper. This feature is deprecated and not recommended, as it requires manual configuration and has some limitations. The preferred driver for multi-host networking is overlay1.
*macvlan: The macvlan driver creates a network that assigns a MAC address to each container, making it appear as a physical device on the network. This allows the containers to communicate with other devices on the same network, regardless of the host they are running on. The macvlan driver can also use 802.1q trunking to create sub-interfaces and isolate traffic between different networks2.
*ipvlan: The ipvlan driver creates a network that assigns an IP address to each container, making it appear as a logical device on the network. This allows the containers to communicate with other devices on the same network, regardless of the host they are running on. The ipvlan driver can also use different modes, such as l2, l3, or l3s, to control the routing and isolation of traffic between different networks3.
*overlay: The overlay driver creates a network that connects multiple Docker daemons together using VXLAN tunnels. This allows the containers to communicate across different hosts, even if they are on different networks. The overlay driver also supports encryption, load balancing, and servicediscovery. The overlay driver is the default and recommended driver for multi-host networking, especially for Swarm services4.
*Use bridge networks
*Use macvlan networks
*Use ipvlan networks
*Use overlay networks
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Jade
1 day agoLarae
8 days agoSuzan
16 days agoIzetta
24 days agoKara
1 month agoNoel
1 month agoJennie
2 months agoAlonzo
2 months agoElinore
2 months agoChantell
2 months agoMakeda
2 months agoFreeman
3 months agoKristeen
3 months agoNickolas
3 months agoElvis
3 months agoStefany
4 months agoRozella
4 months agoGlory
4 months agoKris
5 months agoKenneth
5 months agoJacinta
5 months agoIlene
5 months agoRoy
5 months agoElouise
6 months agoFidelia
6 months agoMaryrose
6 months agoDoretha
6 months agoGracia
8 months agoEzekiel
8 months agoJennifer
9 months agoCandida
10 months agoMichell
10 months agoKaitlyn
11 months agoAide
11 months agoAn
12 months agoHuey
1 year agoAlba
1 year agoLynelle
1 year agoBrynn
1 year agoThomasena
1 year agoAileen
1 year agoRosita
1 year agoGracia
1 year agoTalia
1 year agoLilli
1 year agoRory
1 year agoLorean
1 year agoTwana
1 year agoZona
1 year agoJestine
1 year agoJusta
1 year agoVilma
1 year agoCecilia
1 year agoRebbecca
1 year agoCarin
1 year agoCassie
1 year agoLashaunda
1 year agoChun
1 year agoJose
1 year agoBrittni
2 years agoDaniela
2 years agoHerminia
2 years agoCorazon
2 years agoFrancoise
2 years agoThea
2 years agoFannie
2 years agoGermaine
2 years agoSelene
2 years agoKaitlyn
2 years ago