
















































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
This certification exam guide prepares developers to build, deploy, and manage applications using the Cloud Foundry platform. Topics include Cloud Foundry architecture, application lifecycle management, service bindings, scaling, logging, monitoring, and troubleshooting. Candidates gain hands-on knowledge to leverage Cloud Foundry for efficient cloud-native development.
Typology: Exams
1 / 88
This page cannot be seen from the preview
Don't miss anything!

















































































Question 1. Which command logs you into a Cloud Foundry API endpoint? A) cf login B) cf target C) cf auth D) cf connect Answer: A Explanation: cf login prompts for API endpoint, username, and password, establishing a session with the Cloud Controller. Question 2. What does the cf target command display? A) List of services in the marketplace B) Current API endpoint, org, and space C) All applications in the target space D) Available buildpacks Answer: B Explanation: cf target shows the API endpoint, selected organization, and space, indicating the current context for subsequent commands. Question 3. In Cloud Foundry, which entity provides multi‑tenancy isolation? A) Buildpacks B) Organizations and Spaces C) Service Brokers D) Routes Answer: B Explanation: Organizations separate groups of users, and Spaces further isolate applications and services, enabling multi‑tenant isolation.
Question 4. Which CLI flag forces the use of a specific buildpack during cf push? A) -b B) -c C) -m D) -s Answer: A Explanation: The -b option specifies a buildpack name or URL, overriding automatic detection. Question 5. What is the purpose of a stack in Cloud Foundry? A) To define the routing domain for an app B) To provide the base root filesystem for containers C) To manage service credentials D) To configure memory limits Answer: B Explanation: A stack (e.g., cflinuxfs4) is the base root filesystem image used to run application containers. Question 6. Which health‑check type verifies that an application is listening on its assigned port? A) process B) http C) port D) tcp Answer: C
Answer: B Explanation: VCAP_SERVICES is a JSON‑encoded environment variable injected into the app container containing credentials for all bound services. Question 10. Which command generates a service key for a service instance? A) cf create-service-key B) cf service‑key‑create C) cf bind-service-key D) cf add-key Answer: A Explanation: cf create-service-key SERVICE_INSTANCE KEY_NAME [-c PARAMETERS] creates a key that can be used by external tools. Question 11. What is a user‑provided service instance (UPSI) used for? A) To provision a managed database from the marketplace B) To represent an external service not in the marketplace C) To create a custom buildpack D) To define a private domain Answer: B Explanation: UPSIs allow developers to bind credentials for services that exist outside Cloud Foundry, such as third‑party APIs. Question 12. Which role can create and delete spaces within an organization? A) Org Manager B) Space Developer C) Org Auditor
D) Space Manager Answer: A Explanation: The Org Manager has permission to manage spaces (create, delete, rename) inside the organization. Question 13. What does an Application Security Group (ASG) control? A) Inbound traffic to the app’s route B) Egress traffic from app containers to external endpoints C) Authentication of users to the CF CLI D) Allocation of memory quotas Answer: B Explanation: ASGs define egress firewall rules, allowing or denying outbound network connections from app containers. Question 14. How can you view real‑time logs of an application? A) cf logs APP_NAME --recent B) cf logs APP_NAME --tail C) cf app APP_NAME --logs D) cf stream APP_NAME Answer: B Explanation: cf logs APP_NAME --tail streams logs live as they are emitted by the app. Question 15. Which command enables SSH access to an application container? A) cf enable-ssh APP_NAME B) cf ssh APP_NAME C) cf allow-ssh APP_NAME
B) Via Container‑to‑Container (C2C) networking C) By writing to a shared file system D) Using FTP transfers Answer: B Explanation: C2C networking allows apps in the same space to talk directly over internal routes, avoiding external traffic. Question 19. Which command lists all routes currently mapped to an application? A) cf routes APP_NAME B) cf app APP_NAME --guid C) cf map-route APP_NAME DOMAIN HOST D) cf curl /v2/apps/APP_GUID/routes Answer: D Explanation: cf curl directly queries the Cloud Controller API; /v2/apps/APP_GUID/routes returns mapped routes. (The CLI does not have a dedicated cf routes subcommand.) Question 20. What is the default health‑check type for a Java buildpack? A) process B) http C) port D) none Answer: C Explanation: The Java buildpack defaults to a port health check, verifying that the JVM is listening on the assigned port.
Question 21. Which manifest attribute specifies the amount of memory allocated to each instance? A) disk_quota B) memory C) instances D) health-check-type Answer: B Explanation: The memory field in manifest.yml defines the memory limit per app instance (e.g., memory: 512M). Question 22. How can you increase the number of instances of an app without pushing a new version? A) cf scale APP_NAME - i NEW_COUNT B) cf restart APP_NAME - i NEW_COUNT C) cf push APP_NAME - i NEW_COUNT D) cf set-instances APP_NAME NEW_COUNT Answer: A Explanation: cf scale APP_NAME - i NEW_COUNT changes the instance count on the fly. Question 23. Which command removes a service binding from an application? A) cf unbind-service APP_NAME SERVICE_INSTANCE B) cf delete-service-binding APP_NAME SERVICE_INSTANCE C) cf detach-service APP_NAME SERVICE_INSTANCE D) cf remove-service APP_NAME SERVICE_INSTANCE Answer: A
D) Disable health checks Answer: B Explanation: OOM indicates the app exceeded its memory quota; raising the memory limit allows it to run without being killed. Question 27. Which command lists all service instances in the current space? A) cf services B) cf service‑list C) cf marketplace D) cf service‑instances Answer: A Explanation: cf services displays a table of all service instances bound or unbound in the targeted space. Question 28. What is the effect of setting no-route: true in a manifest? A) The app will not be started automatically after push B) The app will not be assigned any HTTP routes C) The app will use TCP routing exclusively D) The app will be scoped to a private domain only Answer: B Explanation: no-route: true tells Cloud Foundry not to map any routes; the app can still be accessed via internal C2C networking. Question 29. Which command retrieves the GUID of an organization? A) cf org ORG_NAME --guid B) cf org GUID ORG_NAME
C) cf get-org-guid ORG_NAME D) cf target --org ORG_NAME --guid Answer: A Explanation: Adding --guid to cf org outputs the organization’s unique identifier. Question 30. In Cloud Foundry, what does the term droplet refer to? A) The source code repository URL B) A compiled, staged artifact ready to run in a container C) The set of routes bound to an app D) The environment variable payload Answer: B Explanation: A droplet is the result of the staging process, containing the compiled app and its dependencies. Question 31. Which of the following is the correct order of steps when pushing a new app version with zero downtime? A) cf push → cf scale → cf map-route → cf unmap-route B) cf push (no route) → cf test → cf map-route → cf delete old route C) cf push → cf restart → cf delete old app → cf map-route D) cf push → cf restage → cf bind-service → cf unbind-service Answer: B Explanation: Deploy the new version without a route, verify it works, then map the route to the new version and unmap the old one (blue‑green pattern). Question 32. Which CLI option allows you to specify the number of instances in the push command?
Question 35. A developer needs to run a custom script after staging but before the app starts. Which feature should they use? A) Buildpack detection phase B) Pre‑start command in the manifest (command) C) Post‑start hook in the buildpack D) cf ssh and run manually Answer: C Explanation: Buildpacks can define a post-start script that runs after staging but before the app process begins. Question 36. Which command removes an entire application, including its routes and service bindings? A) cf delete APP_NAME – r – f B) cf unmap-route APP_NAME DOMAIN HOST C) cf purge-service-instance SERVICE_INSTANCE D) cf destroy APP_NAME Answer: A Explanation: cf delete APP_NAME - r - f deletes the app, removes its routes (-r), and forces deletion without confirmation (-f). Question 37. When using TCP routing, which component must be configured in addition to the route? A) A shared domain with a TCP router group B) An HTTP health check C) A Docker image as the app source D) A custom buildpack Answer: A
Explanation: TCP routing requires a shared domain mapped to a TCP router group that forwards traffic to the app’s container port. Question 38. Which of the following is a valid reason to use a private domain? A) To expose the app to the public internet B) To avoid DNS conflicts with shared domains C) To enable automatic scaling of instances D) To simplify service binding syntax Answer: B Explanation: Private domains are owned by a specific organization, preventing naming collisions with shared domains. Question 39. What does the cf enable-service-access command do? A) Grants all orgs permission to create instances of a service plan B) Enables a service instance for an app C) Starts a stopped service broker D) Creates a new service plan in the marketplace Answer: A Explanation: cf enable-service-access SERVICE PLAN makes a service plan visible and provisionable to organizations. Question 40. How can you view the current memory usage of an app instance? A) cf app APP_NAME --stats B) cf memory APP_NAME C) cf ssh APP_NAME - c "top - b - n 1" D) cf logs APP_NAME --recent
D) cf spaces --orgs Answer: A Explanation: cf orgs displays a table of organizations accessible to the logged‑in user. Question 44. What is the default instance count when an app is first pushed without specifying instances? A) 0 B) 1 C) 2 D) 3 Answer: B Explanation: Cloud Foundry starts an app with a single instance unless a different count is defined. Question 45. Which of the following best describes a service broker? A) A component that routes HTTP traffic to apps B) An API that provisions and manages external services on behalf of Cloud Foundry C) A buildpack that compiles source code D) A CLI plugin for managing orgs Answer: B Explanation: Service brokers implement the Open Service Broker API, enabling CF to create, bind, and manage services. Question 46. How does the Loggregator Firehose differ from cf logs? A) Firehose streams logs for all apps in the foundation, while cf logs is app‑specific B) Firehose only provides error logs, cf logs provides all logs
C) Firehose requires SSH access, cf logs does not D) Firehose is a UI tool, cf logs is CLI‑based Answer: A Explanation: The Firehose is a high‑throughput stream of all platform logs and metrics; cf logs is a per‑app tail. Question 47. Which option disables health checks for an app during push? A) --no-health-check B) --health-check-type none C) --skip-health-check D) --disable-health Answer: B Explanation: --health-check-type none tells Cloud Foundry not to perform any health checks for the app. Question 48. What does the cf apps command display? A) All services in the current space B) A list of applications with their state, instances, and routes C) The current API endpoint URL D) Buildpack versions available Answer: B Explanation: cf apps provides a summary table of apps in the targeted space, including status, instance count, and URLs. Question 49. Which of the following is a valid use case for a Docker image as an app source in Cloud Foundry?
Question 52. Which of the following is NOT a built‑in Cloud Foundry role? A) Org Auditor B) Space Supporter C) Space Manager D) Org Manager Answer: B Explanation: “Space Supporter” is not a standard role; the built‑in roles are Org Manager, Org Auditor, Space Manager, Space Developer, and Space Auditor. Question 53. When you run cf push with a manifest.yml that includes services: [my- db], what does CF do? A) Creates a new service instance named my-db B) Binds the existing service instance my-db to the app C) Deletes the service instance my-db after push D) Ignores the entry because services must be added manually Answer: B Explanation: The manifest’s services list tells CF to bind the specified existing service instances to the app during push. Question 54. Which command creates a new private domain for an organization? A) cf create-domain ORG_NAME DOMAIN_NAME B) cf add-domain ORG_NAME DOMAIN_NAME C) cf domain-create ORG_NAME DOMAIN_NAME D) cf register-domain ORG_NAME DOMAIN_NAME Answer: A
Explanation: cf create-domain registers a private domain under the given organization. Question 55. What is the purpose of the cf map-route command? A) To bind a service to an app B) To associate a hostname/domain with an app so it can receive traffic C) To create a new space within an org D) To enable SSH access for an app Answer: B Explanation: cf map-route adds a route (host + domain) to an app, making it reachable via that URL. Question 56. Which of the following statements about service plans is true? A) All plans are visible to every organization by default B) Plans can be disabled for an org using cf disable-service-access C) A plan can only have one service instance per org D) Plans are defined in the app manifest file Answer: B Explanation: cf disable-service-access SERVICE PLAN hides a plan from orgs, preventing further provisioning. Question 57. How does a buildpack determine which language runtime to provide? A) By reading the buildpack.yml file in the repository B) By detecting specific files (e.g., package.json for Node.js) in the app source C) By consulting the Cloud Controller’s configuration API D) By requiring the developer to specify --runtime flag on push Answer: B