Switch branches/tags
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
122 lines (110 sloc) 8.26 KB

Docker Certified Associate Exam Preparation Guide

This guide is intended to be a point of knowledge for everyone who wants to pass Docker Certified Associate Exam. The main idea is to provide the right answer/link to every "question" in every domain. Feel free to add useful links below.

Table of Contents:

  1. Orchestration
  2. Image Creation, Management, and Registry
  3. Installation and Configuration
  4. Networking
  5. Security
  6. Storage and Volumes
  7. Links


Domain 1: Orchestration (25% of exam)

Domain 2: Image Creation, Management, and Registry (20% of exam)

Domain 3: Installation and Configuration (15% of exam)

Domain 4: Networking (15% of exam)

  • Create a Docker bridge network for a developer to use for their containers
  • Troubleshoot container and engine logs to understand a connectivity issue between containers
  • Publish a port so that an application is accessible externally
  • Identify which IP and port a container is externally accessible on
  • Describe the different types and use cases for the built-in network drivers
  • Understand the Container Network Model and how it interfaces with the Docker engine and network and IPAM drivers
  • Configure Docker to use external DNS
  • Use Docker to load balance HTTP/HTTPs traffic to an application (Configure L7 load balancing with Docker EE)
  • Understand and describe the types of traffic that flow between the Docker engine, registry, and UCP controllers
  • Deploy a service on a Docker overlay network
  • Describe the difference between "host" and "ingress" port publishing mode

Domain 5: Security (15% of exam)

  • Describe the process of signing an image
  • Demonstrate that an image passes a security scan
  • Enable Docker Content Trust
  • Configure RBAC in UCP
  • Integrate UCP with LDAP/AD
  • Demonstrate creation of UCP client bundles
  • Describe default engine security
  • Describe swarm default security
  • Describe MTLS

Domain 6: Storage and Volumes (10% of exam)

  • State which graph driver should be used on which OS
  • Demonstrate how to configure devicemapper
  • Compare object storage to block storage, and explain which one is preferable when available
  • Summarize how an application is composed of layers and where those layers reside on the filesystem
  • Describe how volumes are used with Docker for persistent storage
  • Identify the steps you would take to clean up unused images on a filesystem, also on DTR
  • Demonstrate how storage can be used across cluster nodes
  • Identity roles
  • Describe the difference between UCP workers and managers
  • Describe process to use external certificates with UCP and DTR