IBM Cloud Pak for Data v4.x Solution Architect Advanced Practice Exam: Hard Questions 2025

A regulated enterprise is designing an IBM Cloud Pak for Data (CPD) deployment across two OpenShift clusters in separate data centers for resiliency. They require (1) no single point of failure for platform services, (2) consistent user access and authorization, and (3) the ability to continue ingesting and serving governed data if one site is lost. Which architecture best meets these requirements with minimal operational risk?

After enabling a service on CPD, users report intermittent failures when creating projects that use Spark-based runtimes. The OpenShift cluster shows the CPD namespace frequently hitting CPU throttling, and pod evictions occur due to node pressure. The platform team wants the most effective long-term fix without overprovisioning all nodes. What should the solution architect recommend?

A company must integrate CPD with an enterprise LDAP/AD and also require that service-to-service communication uses short-lived tokens with centralized policy enforcement. During design, security insists that user authentication and authorization should be consistent across all CPD services and any custom apps calling CPD APIs. Which approach best satisfies these requirements?

During an on-prem CPD deployment, the installation of a dependent service repeatedly fails at the final reconciliation step. The operator logs show it cannot reach the configured S3 endpoint, but network tests from the node succeed. A closer look reveals pods cannot resolve the S3 hostname, while other external domains resolve correctly. What is the most likely root cause and best corrective action?

A solution architect must design CPD storage for mixed workloads: metadata services with many small random IOPS, object storage for large datasets, and notebooks requiring POSIX file semantics. The infrastructure team can provide block storage, a managed S3-compatible object store, and one RWX-capable shared file system with limited throughput. Which design is most appropriate for performance and operational resilience?

After a successful CPD install, a team installs an additional service that introduces new CustomResourceDefinitions (CRDs). The install completes, but later an OpenShift upgrade is performed. Post-upgrade, the service operator is crash-looping due to CRD schema validation errors, and rolling back the cluster upgrade is not an option. What should the architect recommend to restore stability with the least disruption?

A bank must ensure that data scientists can discover datasets via the catalog but cannot exfiltrate raw PII. They require row-level filtering and column masking based on user attributes, and they also need auditability of access decisions. Which design best meets these governance and security requirements in CPD?

A multinational company needs to implement a governance model where (1) data ownership is decentralized by domain, (2) a central governance office defines global classifications and policies, and (3) assets must move from 'sandbox' to 'certified' with evidence of checks. They want to minimize policy drift and maintain auditability. Which approach best fits CPD capabilities and best practices?

A healthcare customer requires that only specific workloads in CPD can reach an external API containing PHI, and all such egress must be inspected and logged. They also require that non-PHI workloads cannot reach the internet at all. Which control set is the most robust and aligned with OpenShift/CPD operations?

A retailer wants to operationalize ML models built in CPD so that batch scoring jobs run nightly and real-time scoring serves low-latency predictions to an e-commerce app. They also need model promotion across environments with approval gates, lineage, and the ability to roll back quickly if drift is detected. Which solution architecture best satisfies these requirements?