Page: 1
/ 8
Total 123 questions
A three-tier web application must be moved to containers. A webserver is already in place, and the middleware container can talk to a central database server. The hostname of the database server is known, but the name of the middleware server must be provided to the webserver.
In which file should the name of the middleware server be configured?
- A. Docker Service discovery daemon
- B. Docker Swarm
- C. Docker Compose
- D. Dynamic Host Configuration Protocol
Answer : A
Which Kubernetes object ensures that each node is limited to running no more than one pod?
- A. UniCast
- B. Deployment
- C. DaemonSet
- D. ReplicaSet
Answer : C
Refer to the exhibit. What are the properties of the load balancer in a Kubernetes environment?
- A. Has exposed ports 80 and 8080 to a private IP address and directs outgoing connections to the port named http-port1
- B. Has exposed ports 80 and 8080 to a public IP address and directs incoming connections to the port named nginx-port
- C. Forwards incoming traffic from the port named nginx-port to ports 80 and 8080 of nginxapp
- D. Forwards any outgoing traffic from the port named nginx-port to exposed ports http-port1 and http-port2 of nginxapp
Answer : B
Refer to the exhibit. The JSON object represents a single entry on a centralized log server, but log data cannot be processed because of the format.
What causes the issue?
- A. A hostgroup must be defined
- B. The “_type” must represent the process type
- C. The priority of the message must be to the server
- D. The process name in the message must be parsed into a field
Answer : D
Refer to the exhibit. The push_configs.yml playbook returns the error shown.
Which action resolves the error?
- A. Install the Paramiko library on the host that runs Ansible
- B. Generate a new SSH key pair and add the public key to the target machine
- C. Export the ANSIBLE_HOST_KEY_CHECKING=False variable
- D. Comment out the StrictHostKeyChecking=yes line from ansible.cfg
Answer : C
What are two testing scenarios of the chaos engineering principle? (Choose two.)
- A. maxing out CPU cores on an Elasticsearch duster
- B. removing all users from a version control system
- C. executing routine in driver code to emulate I/O errors
- D. blocking developers’ building access
- E. unplugging a core switch device
Answer : AE
A security team is running vulnerability scans against a CI/CD pipeline. The reports show that RDBMS secrets were found hardcoded in Ansible scripts. The RDBMS resides in the internal network but is accessible from a jump server that resides in a public network.
If an attacker gains access to the scripts, what is the risk exposure?
- A. The Automation server is at risk of being compromised.
- B. The Ansible scripts run through encrypted SSH connections.
- C. The internal network is at risk of being compromised.
- D. The entire CI/CD-related infrastructure is at risk.
Answer : D
DRAG DROP
-
A developer must create a GitLab CI/CD pipeline with these requirements:
• builds an on-demand test environment
• deploys configurations
• verifies the results
Drag and drop the code from the bottom onto the box where the code is missing to complete the GitLab CI/CD pipeline. Not all options are used.
Answer :
A company has a CI/CD pipeline implemented to automate application deployment. An urgent change is required in the production environment. A developer produces and tests the required change in the company's environment, but the pipeline fails when pushed.
Which action conforms to the rules of a CI/CD pipeline and enables the pipeline to pass?
- A. Remove the failing test.
- B. Manually deploy the change into the production environment
- C. Use a backup pipeline
- D. Replicate the production environment in the pipeline before applying
Answer : A
An application for storing and categorizing has been developed. The application uses dual-factor authentication for user access. After authentication, users can upload sensitive data. The application has been hacked through system exploits and most of the saved data has been lost.
Which action prevents new security threats in the environment?
- A. Use self-developed algorithms for encryption
- B. Install virtual firewalls
- C. Actively change the ISP provider
- D. Apply all the latest patches and updates
Answer : D
What is a practice of infrastructure as code?
- A. Use multiple version control systems
- B. Document as much as possible
- C. Configure the deployment consistently
- D. Test, integrate, and deploy once a day
Answer : C
A precheck validation is being designed for the network state in a Cl/CD pipeline This design requires:
• the CI/CD pipeline to spin up test instances.
• instances must be used to validate changes.
• changes must be validated prior to a continuous deployment workflow, and
• then push the changes to production
How should the pipeline target the required environment?
- A. Use separate CI servers for each environment
- B. Use different pipelines for each environment
- C. Use separate Git repositories for each environment
- D. Use different inventory files for each environment
Answer : D
Refer to the exhibit. How does the architecture respond to a usage spike?
- A. The monitoring software instructs the Orchestrator to increase the count of containers and to configure the load balancer accordingly
- B. The database prioritizes quick and immediate queries over complicated ones to reduce the request queue
- C. The Orchestrator increases the resources assigned to containers to increase performance
- D. The load balancer interacts with the Orchestrator to optimize the balancing algorithm to match the incoming flow of requests
Answer : D
Refer to the exhibit. A distributed application contains data services that connect to databases via JDBC and to other remote services via HTTP. The overall response time is too long, and AppDynamics is used to investigate the root cause. From the application flow map, a specific data service running on Docker has been identified whose response time is over 10 seconds.
Which action resolves the issue?
- A. Change from a JDBC call to a HTTP call to retrieve data faster
- B. Run the AccountProfileMySQL service in Kubernetes
- C. Explore the JDBC queries looking for optimization opportunities
- D. Verify if the Docker container running MySQL is limiting CPU utilization
Answer : D
Refer to the exhibit. An application has been developed as a fileserver. To create this application as a fileserver. the class is used to store data in an SQL database.
Which two steps help minimize the risk of attack and compromise of the application? (Choose two.)
- A. Reject string values that are greater than maximum size
- B. Use floating point instead of integer for rating to avoid overflow
- C. Validate the content of the name and address parameters
- D. Run the application in a Docker container
- E. Compile the application using Java HotSpot
Answer : CE
30 days access 