0
0
Dockerdevops~20 mins

Secrets management in Docker - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Secrets Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
💻 Command Output
intermediate
2:00remaining
Docker Secrets: Inspecting a Secret
What is the output of the command docker secret inspect my_secret if the secret my_secret exists and contains the text password123?
AError: secret my_secret not found
Bpassword123
C[{"ID":"<secret_id>","Version":{"Index":1},"Spec":{"Name":"my_secret","Labels":{}}}]
D[{"ID":"<secret_id>","Spec":{"Name":"my_secret","Data":"password123"}}]
Attempts:
2 left
💡 Hint
The inspect command shows metadata, not the secret content.
🔀 Workflow
intermediate
2:00remaining
Using Docker Secrets in a Service
Which of the following is the correct way to create a Docker service that uses a secret named db_password?
Adocker service create --name my_service --env db_password nginx
Bdocker service create --name my_service --secret db_password nginx
Cdocker service create --name my_service --mount type=secret,source=db_password,target=db_password nginx
Ddocker service create --name my_service --secret-file db_password nginx
Attempts:
2 left
💡 Hint
Docker secrets are added with the --secret flag, not as environment variables or mounts.
Troubleshoot
advanced
2:00remaining
Secret Not Available Inside Container
You created a Docker secret named api_key and attached it to a service. Inside the container, the secret file /run/secrets/api_key is missing. What is the most likely cause?
AThe secret content is empty, so the file is not created.
BThe secret file is located at /etc/secrets/api_key instead of /run/secrets/api_key.
CDocker secrets are only available in Docker Compose, not in services.
DThe secret was not attached to the service using the --secret flag.
Attempts:
2 left
💡 Hint
Check how the secret was added to the service.
🧠 Conceptual
advanced
2:00remaining
Security of Docker Secrets
Which statement best describes how Docker secrets are stored and accessed?
ADocker secrets are encrypted at rest and only decrypted inside the container's memory.
BDocker secrets are stored as plain text files on the host filesystem.
CDocker secrets are embedded in the container image during build time.
DDocker secrets are passed as environment variables to containers.
Attempts:
2 left
💡 Hint
Think about how secrets should be protected on disk and in memory.
Best Practice
expert
3:00remaining
Best Practice for Updating Docker Secrets
What is the recommended way to update a Docker secret named tls_cert without downtime for the service using it?
ACreate a new secret with a different name, update the service to use the new secret, then remove the old secret.
BRemove the old secret, create a new secret with the same name, and update the service to use it.
CDirectly edit the secret content on the host filesystem where Docker stores secrets.
DRestart the Docker daemon to reload the updated secret content.
Attempts:
2 left
💡 Hint
Docker secrets are immutable; think about how to switch secrets safely.