A financial services company is deploying a private cloud using OpenStack Zed. The security policy mandates that all administrative actions performed via the OpenStack APIs must be auditable and tied to a specific user identity. Which OpenStack component is primarily responsible for enforcing this policy by managing user authentication and service catalogs?
A cloud administrator is configuring an overlay network for a multi-tenant environment and requires the ability to carry both Layer 2 MAC and Layer 3 IP information within the control plane. The solution must be highly scalable and use a standards-based protocol for advertising network reachability. Which technology combination best fulfills these requirements?
A DevOps team is using an OpenShift 4.10 cluster for their CI/CD pipeline. They need to run specialized build tools that have high resource requirements and should not compete for resources with regular application workloads. Additionally, these build pods need to be scheduled on specific nodes that have been provisioned with extra CPU and memory. Which two OpenShift node types should be used to achieve this separation? (Select TWO).
True or False: In a Software-Defined Networking (SDN) architecture, the control plane is distributed across all networking devices, and each device makes independent forwarding decisions based on its local configuration.
A developer is writing a YAML manifest for an application deployment on a Kubernetes 1.24 cluster. The application needs a persistent storage volume that survives pod restarts. The cluster administrator has already provisioned several backend storage options via the StorageClass API. Which Kubernetes API object must the developer define in their manifest to request storage from a pre-defined StorageClass?
A startup is launching a new web application and wants to minimize initial capital expenditure on hardware and reduce the burden of infrastructure management. Their development team is small and prefers to focus solely on writing and deploying application code, without managing the underlying operating systems, patches, or server scaling. Which cloud service model is the most appropriate choice for this startup?
During the deployment of a Virtual Network Function (VNF) such as a virtual firewall, an administrator observes high latency and packet loss. The VNF is running on a KVM hypervisor. The administrator suspects that the performance issue is related to how the VNF interacts with the physical network interface card (NIC). Which technology would provide the most significant performance improvement by allowing the VNF to bypass the hypervisor's virtual switch and interact directly with the physical NIC?
A cloud architect is designing a solution that requires flexible metadata to be carried within network overlay packets to signal information to different network functions and endpoints. The existing overlay solution, VXLAN, is too rigid as its header is fixed. The architect needs an encapsulation protocol designed for extensibility. Which network virtualization encapsulation technology should be selected?
A systems administrator is tasked with deploying a containerized application on a Linux host using Docker. The application inside the container needs to bind to port 80, but the host's port 80 is already in use by another service. The administrator wants to map port 8080 on the host to port 80 in the container. Which Docker networking mode and command flag should be used to achieve this?
An organization uses OpenStack Heat templates written in YAML to automate the deployment of multi-tier applications. A junior administrator is reviewing a template and needs to understand how one resource, like a virtual machine instance, can be configured to use a network port that is defined elsewhere in the same template. Which section of the Heat template is used to establish this kind of relationship and dependency?