Docker Certified Associate v1.0

Does this describe the role of Control Groups (cgroups) when used with a Docker container? accounting and limiting of resources

Two development teams in your organization use Kubernetes and want to deploy their applications while ensuring that Kubernetes-specific resources, such as secrets, are grouped together for each application.
Is this a way to accomplish this?
Create one pod and add all the resources needed for each application.

Two development teams in your organization use Kubernetes and want to deploy their applications while ensuring that Kubernetes-specific resources, such as secrets, are grouped together for each application.
Is this a way to accomplish this?
Create one namespace for each application and add all the resources to it.

Two development teams in your organization use Kubernetes and want to deploy their applications while ensuring that Kubernetes-specific resources, such as secrets, are grouped together for each application.
Is this a way to accomplish this?
Create a collection for each application.

You created a new service named ‘http’ and discover it is not registering as healthy.
Will this command enable you to view the list of historical tasks for this service?
‘docker inspect http’

The Kubernetes yaml shown below describes a clusterIP service.

Is this a correct statement about how this service routes requests?
Traffic sent to the IP of any pod with the label app: nginx on port 8080 will be forwarded to port 80 in that pod.

A company’s security policy specifies that development and production containers must run on separate nodes in a given Swarm cluster.
Can this be used to schedule containers to meet the security policy requirements? label constraints

A company’s security policy specifies that development and production containers must run on separate nodes in a given Swarm cluster. Can this be used to schedule containers to meet the security policy requirements? environment variables

Will a DTR security scan detect this?
private keys copied to the image

Will a DTR security scan detect this?
image configuration poor practices, such as exposed ports or inclusion of compilers in production images

You configure a local Docker engine to enforce content trust by setting the environment variable DOCKER_CONTENT_TRUST=1.
If myorg/myimage:1.0 is unsigned, does Docker block this command? docker image build, from a Dockerfile that begins FROM myorg/myimage:1.0

Can this set of commands identify the published port(s) for a container?
‘docker container inspect’, ‘docker port’

Can this set of commands identify the published port(s) for a container?
‘docker port inspect’, ‘docker container inspect’

A persistentVolumeClaim (PVC) is created with the specification storageClass: "", and size requirements that cannot be satisfied by any existing persistentVolume.
Is this an action Kubernetes takes in this situation?
The PVC remains unbound until a persistentVolume that matches all requirements of the PVC becomes available.