[CFCD] Cloud Foundry Certified Developer CFCD Certification Exam Guide, Exams of Technology

This certification exam guide prepares developers to build, deploy, and manage applications using the Cloud Foundry platform. Topics include Cloud Foundry architecture, application lifecycle management, service bindings, scaling, logging, monitoring, and troubleshooting. Candidates gain hands-on knowledge to leverage Cloud Foundry for efficient cloud-native development.

Typology: Exams

2025/2026

Available from 02/12/2026

shilpi-jain-3
shilpi-jain-3 🇮🇳

2.5

(11)

80K documents

1 / 88

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
[CFCD] Cloud Foundry Certified Developer CFCD
Certification Exam Guide
**Question 1.** Which command logs you into a Cloud Foundry API endpoint?
A) cf login
B) cf target
C) cf auth
D) cf connect
Answer: A
Explanation: `cf login` prompts for API endpoint, username, and password, establishing a
session with the Cloud Controller.
**Question 2.** What does the `cf target` command display?
A) List of services in the marketplace
B) Current API endpoint, org, and space
C) All applications in the target space
D) Available buildpacks
Answer: B
Explanation: `cf target` shows the API endpoint, selected organization, and space, indicating the
current context for subsequent commands.
**Question 3.** In Cloud Foundry, which entity provides multitenancy isolation?
A) Buildpacks
B) Organizations and Spaces
C) Service Brokers
D) Routes
Answer: B
Explanation: Organizations separate groups of users, and Spaces further isolate applications and
services, enabling multitenant isolation.
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d
pf4e
pf4f
pf50
pf51
pf52
pf53
pf54
pf55
pf56
pf57
pf58

Partial preview of the text

Download [CFCD] Cloud Foundry Certified Developer CFCD Certification Exam Guide and more Exams Technology in PDF only on Docsity!

Certification Exam Guide

Question 1. Which command logs you into a Cloud Foundry API endpoint? A) cf login B) cf target C) cf auth D) cf connect Answer: A Explanation: cf login prompts for API endpoint, username, and password, establishing a session with the Cloud Controller. Question 2. What does the cf target command display? A) List of services in the marketplace B) Current API endpoint, org, and space C) All applications in the target space D) Available buildpacks Answer: B Explanation: cf target shows the API endpoint, selected organization, and space, indicating the current context for subsequent commands. Question 3. In Cloud Foundry, which entity provides multi‑tenancy isolation? A) Buildpacks B) Organizations and Spaces C) Service Brokers D) Routes Answer: B Explanation: Organizations separate groups of users, and Spaces further isolate applications and services, enabling multi‑tenant isolation.

Certification Exam Guide

Question 4. Which CLI flag forces the use of a specific buildpack during cf push? A) -b B) -c C) -m D) -s Answer: A Explanation: The -b option specifies a buildpack name or URL, overriding automatic detection. Question 5. What is the purpose of a stack in Cloud Foundry? A) To define the routing domain for an app B) To provide the base root filesystem for containers C) To manage service credentials D) To configure memory limits Answer: B Explanation: A stack (e.g., cflinuxfs4) is the base root filesystem image used to run application containers. Question 6. Which health‑check type verifies that an application is listening on its assigned port? A) process B) http C) port D) tcp Answer: C

Certification Exam Guide

Answer: B Explanation: VCAP_SERVICES is a JSON‑encoded environment variable injected into the app container containing credentials for all bound services. Question 10. Which command generates a service key for a service instance? A) cf create-service-key B) cf service‑key‑create C) cf bind-service-key D) cf add-key Answer: A Explanation: cf create-service-key SERVICE_INSTANCE KEY_NAME [-c PARAMETERS] creates a key that can be used by external tools. Question 11. What is a user‑provided service instance (UPSI) used for? A) To provision a managed database from the marketplace B) To represent an external service not in the marketplace C) To create a custom buildpack D) To define a private domain Answer: B Explanation: UPSIs allow developers to bind credentials for services that exist outside Cloud Foundry, such as third‑party APIs. Question 12. Which role can create and delete spaces within an organization? A) Org Manager B) Space Developer C) Org Auditor

Certification Exam Guide

D) Space Manager Answer: A Explanation: The Org Manager has permission to manage spaces (create, delete, rename) inside the organization. Question 13. What does an Application Security Group (ASG) control? A) Inbound traffic to the app’s route B) Egress traffic from app containers to external endpoints C) Authentication of users to the CF CLI D) Allocation of memory quotas Answer: B Explanation: ASGs define egress firewall rules, allowing or denying outbound network connections from app containers. Question 14. How can you view real‑time logs of an application? A) cf logs APP_NAME --recent B) cf logs APP_NAME --tail C) cf app APP_NAME --logs D) cf stream APP_NAME Answer: B Explanation: cf logs APP_NAME --tail streams logs live as they are emitted by the app. Question 15. Which command enables SSH access to an application container? A) cf enable-ssh APP_NAME B) cf ssh APP_NAME C) cf allow-ssh APP_NAME

Certification Exam Guide

B) Via Container‑to‑Container (C2C) networking C) By writing to a shared file system D) Using FTP transfers Answer: B Explanation: C2C networking allows apps in the same space to talk directly over internal routes, avoiding external traffic. Question 19. Which command lists all routes currently mapped to an application? A) cf routes APP_NAME B) cf app APP_NAME --guid C) cf map-route APP_NAME DOMAIN HOST D) cf curl /v2/apps/APP_GUID/routes Answer: D Explanation: cf curl directly queries the Cloud Controller API; /v2/apps/APP_GUID/routes returns mapped routes. (The CLI does not have a dedicated cf routes subcommand.) Question 20. What is the default health‑check type for a Java buildpack? A) process B) http C) port D) none Answer: C Explanation: The Java buildpack defaults to a port health check, verifying that the JVM is listening on the assigned port.

Certification Exam Guide

Question 21. Which manifest attribute specifies the amount of memory allocated to each instance? A) disk_quota B) memory C) instances D) health-check-type Answer: B Explanation: The memory field in manifest.yml defines the memory limit per app instance (e.g., memory: 512M). Question 22. How can you increase the number of instances of an app without pushing a new version? A) cf scale APP_NAME - i NEW_COUNT B) cf restart APP_NAME - i NEW_COUNT C) cf push APP_NAME - i NEW_COUNT D) cf set-instances APP_NAME NEW_COUNT Answer: A Explanation: cf scale APP_NAME - i NEW_COUNT changes the instance count on the fly. Question 23. Which command removes a service binding from an application? A) cf unbind-service APP_NAME SERVICE_INSTANCE B) cf delete-service-binding APP_NAME SERVICE_INSTANCE C) cf detach-service APP_NAME SERVICE_INSTANCE D) cf remove-service APP_NAME SERVICE_INSTANCE Answer: A

Certification Exam Guide

D) Disable health checks Answer: B Explanation: OOM indicates the app exceeded its memory quota; raising the memory limit allows it to run without being killed. Question 27. Which command lists all service instances in the current space? A) cf services B) cf service‑list C) cf marketplace D) cf service‑instances Answer: A Explanation: cf services displays a table of all service instances bound or unbound in the targeted space. Question 28. What is the effect of setting no-route: true in a manifest? A) The app will not be started automatically after push B) The app will not be assigned any HTTP routes C) The app will use TCP routing exclusively D) The app will be scoped to a private domain only Answer: B Explanation: no-route: true tells Cloud Foundry not to map any routes; the app can still be accessed via internal C2C networking. Question 29. Which command retrieves the GUID of an organization? A) cf org ORG_NAME --guid B) cf org GUID ORG_NAME

Certification Exam Guide

C) cf get-org-guid ORG_NAME D) cf target --org ORG_NAME --guid Answer: A Explanation: Adding --guid to cf org outputs the organization’s unique identifier. Question 30. In Cloud Foundry, what does the term droplet refer to? A) The source code repository URL B) A compiled, staged artifact ready to run in a container C) The set of routes bound to an app D) The environment variable payload Answer: B Explanation: A droplet is the result of the staging process, containing the compiled app and its dependencies. Question 31. Which of the following is the correct order of steps when pushing a new app version with zero downtime? A) cf push → cf scale → cf map-route → cf unmap-route B) cf push (no route) → cf test → cf map-route → cf delete old route C) cf push → cf restart → cf delete old app → cf map-route D) cf push → cf restage → cf bind-service → cf unbind-service Answer: B Explanation: Deploy the new version without a route, verify it works, then map the route to the new version and unmap the old one (blue‑green pattern). Question 32. Which CLI option allows you to specify the number of instances in the push command?

Certification Exam Guide

Question 35. A developer needs to run a custom script after staging but before the app starts. Which feature should they use? A) Buildpack detection phase B) Pre‑start command in the manifest (command) C) Post‑start hook in the buildpack D) cf ssh and run manually Answer: C Explanation: Buildpacks can define a post-start script that runs after staging but before the app process begins. Question 36. Which command removes an entire application, including its routes and service bindings? A) cf delete APP_NAME – r – f B) cf unmap-route APP_NAME DOMAIN HOST C) cf purge-service-instance SERVICE_INSTANCE D) cf destroy APP_NAME Answer: A Explanation: cf delete APP_NAME - r - f deletes the app, removes its routes (-r), and forces deletion without confirmation (-f). Question 37. When using TCP routing, which component must be configured in addition to the route? A) A shared domain with a TCP router group B) An HTTP health check C) A Docker image as the app source D) A custom buildpack Answer: A

Certification Exam Guide

Explanation: TCP routing requires a shared domain mapped to a TCP router group that forwards traffic to the app’s container port. Question 38. Which of the following is a valid reason to use a private domain? A) To expose the app to the public internet B) To avoid DNS conflicts with shared domains C) To enable automatic scaling of instances D) To simplify service binding syntax Answer: B Explanation: Private domains are owned by a specific organization, preventing naming collisions with shared domains. Question 39. What does the cf enable-service-access command do? A) Grants all orgs permission to create instances of a service plan B) Enables a service instance for an app C) Starts a stopped service broker D) Creates a new service plan in the marketplace Answer: A Explanation: cf enable-service-access SERVICE PLAN makes a service plan visible and provisionable to organizations. Question 40. How can you view the current memory usage of an app instance? A) cf app APP_NAME --stats B) cf memory APP_NAME C) cf ssh APP_NAME - c "top - b - n 1" D) cf logs APP_NAME --recent

Certification Exam Guide

D) cf spaces --orgs Answer: A Explanation: cf orgs displays a table of organizations accessible to the logged‑in user. Question 44. What is the default instance count when an app is first pushed without specifying instances? A) 0 B) 1 C) 2 D) 3 Answer: B Explanation: Cloud Foundry starts an app with a single instance unless a different count is defined. Question 45. Which of the following best describes a service broker? A) A component that routes HTTP traffic to apps B) An API that provisions and manages external services on behalf of Cloud Foundry C) A buildpack that compiles source code D) A CLI plugin for managing orgs Answer: B Explanation: Service brokers implement the Open Service Broker API, enabling CF to create, bind, and manage services. Question 46. How does the Loggregator Firehose differ from cf logs? A) Firehose streams logs for all apps in the foundation, while cf logs is app‑specific B) Firehose only provides error logs, cf logs provides all logs

Certification Exam Guide

C) Firehose requires SSH access, cf logs does not D) Firehose is a UI tool, cf logs is CLI‑based Answer: A Explanation: The Firehose is a high‑throughput stream of all platform logs and metrics; cf logs is a per‑app tail. Question 47. Which option disables health checks for an app during push? A) --no-health-check B) --health-check-type none C) --skip-health-check D) --disable-health Answer: B Explanation: --health-check-type none tells Cloud Foundry not to perform any health checks for the app. Question 48. What does the cf apps command display? A) All services in the current space B) A list of applications with their state, instances, and routes C) The current API endpoint URL D) Buildpack versions available Answer: B Explanation: cf apps provides a summary table of apps in the targeted space, including status, instance count, and URLs. Question 49. Which of the following is a valid use case for a Docker image as an app source in Cloud Foundry?

Certification Exam Guide

Question 52. Which of the following is NOT a built‑in Cloud Foundry role? A) Org Auditor B) Space Supporter C) Space Manager D) Org Manager Answer: B Explanation: “Space Supporter” is not a standard role; the built‑in roles are Org Manager, Org Auditor, Space Manager, Space Developer, and Space Auditor. Question 53. When you run cf push with a manifest.yml that includes services: [my- db], what does CF do? A) Creates a new service instance named my-db B) Binds the existing service instance my-db to the app C) Deletes the service instance my-db after push D) Ignores the entry because services must be added manually Answer: B Explanation: The manifest’s services list tells CF to bind the specified existing service instances to the app during push. Question 54. Which command creates a new private domain for an organization? A) cf create-domain ORG_NAME DOMAIN_NAME B) cf add-domain ORG_NAME DOMAIN_NAME C) cf domain-create ORG_NAME DOMAIN_NAME D) cf register-domain ORG_NAME DOMAIN_NAME Answer: A

Certification Exam Guide

Explanation: cf create-domain registers a private domain under the given organization. Question 55. What is the purpose of the cf map-route command? A) To bind a service to an app B) To associate a hostname/domain with an app so it can receive traffic C) To create a new space within an org D) To enable SSH access for an app Answer: B Explanation: cf map-route adds a route (host + domain) to an app, making it reachable via that URL. Question 56. Which of the following statements about service plans is true? A) All plans are visible to every organization by default B) Plans can be disabled for an org using cf disable-service-access C) A plan can only have one service instance per org D) Plans are defined in the app manifest file Answer: B Explanation: cf disable-service-access SERVICE PLAN hides a plan from orgs, preventing further provisioning. Question 57. How does a buildpack determine which language runtime to provide? A) By reading the buildpack.yml file in the repository B) By detecting specific files (e.g., package.json for Node.js) in the app source C) By consulting the Cloud Controller’s configuration API D) By requiring the developer to specify --runtime flag on push Answer: B