What is the purpose of volume drivers in Docker?
To improve the performance of volume operations.
To manage the lifecycle of bind mounts.
To enable the use of remote storage or cloud-based solutions for volumes.
To restrict container access to specific volumes.
Which data persistence approach provides the highest level of isolation between the host system and container data?
Using a shared network drive.
Docker volumes.
Directly writing data to the container's filesystem.
Bind mounts.
What is the primary advantage of using Docker containers in a CI/CD pipeline?
Guaranteed execution on any operating system
Enhanced environment consistency across development, testing, and production
Elimination of the need for version control
Reduced storage footprint for build artifacts
When might a bind mount be a suitable choice for data persistence in Docker?
When you need to share data between multiple Docker containers running on the same host.
When you need to share sensitive configuration files between the host and a container.
When you require data portability across different Docker environments.
When you want to leverage the scalability and redundancy of cloud storage.
Which statement accurately describes a drawback of using bind mounts for sensitive data?
Bind mounts can expose parts of the host's filesystem to containers, potentially leading to security risks.
Bind mounts are not supported in the latest versions of Docker.
Bind mounts are less efficient than Docker volumes for handling large data volumes.
Bind mounts provide enhanced security for storing sensitive data.
What is the purpose of the COPY --from instruction in a multi-stage Docker build?
COPY --from
To copy files from the current build stage to a later build stage.
To copy files from a previous build stage to the current build stage.
To copy files from the host machine to the current build stage.
To copy files from a remote repository to the current build stage.
What is the role of authentication tokens in the context of a Docker Registry?
They provide temporary access credentials for interacting with the registry.
They define the network routes for communication between the registry and clients.
They are used to encrypt images stored in the registry.
They are used to digitally sign images to ensure their integrity.
Why would you set up a private Docker Registry instead of using a public one like Docker Hub?
To share images publicly with the open-source community
To reduce network latency and improve image pull times
To increase the storage capacity for your images
To easily explore and discover new public images
How can you invalidate the Docker build cache for a specific instruction?
All of the above.
By using the --no-cache flag during the build process.
--no-cache
By modifying the instruction itself.
By deleting the corresponding image layer.
You want to execute 'ls -l' inside a container named 'app-server' and allocate a pseudo-TTY. Which command is correct?
docker exec -it app-server ls -l
docker exec -d app-server ls -l
docker run -it app-server ls -l
docker exec app-server -it ls -l