I B M C E R T I F I C A T I O N
C0007320 IBM Certified Developer – Cloud Pak for Applications v4.1 PLUS Red Hat Certified Specialist in OpenShift Application Development Practice Exam
Exam Number: 4352 | Last updated April 17, 2026 | 382+ questions across 5 vendor-aligned objectives
App developers who build cloud-native Java on Cloud Pak for Applications v4.1 and deploy it to OpenShift are the audience for the C0007320 bundle. The combined credential validates both IBM Cloud Pak for Applications development skills and the OpenShift application-development track from Red Hat. Candidates should be fluent with MicroProfile, Open Liberty, Kabanero or IBM Application Navigator patterns, and the OpenShift developer experience from source-to-image through deployment.
Crowning the blueprint at 26%, Cloud-Native Application Design covers MicroProfile, Open Liberty configuration, twelve-factor alignment, and the CP4Apps starter-kit approach. At 22%, Build and Deploy covers source-to-image, BuildConfigs, ImageStreams, Helm charts, and Tekton pipelines. A further 20% targets Integration and Service Binding, covering API connections, service bindings, and data-source configuration in cloud-native apps.
Sealing the final domains, Observability and Lifecycle accounts for 18% and spans logging, metrics, tracing, and container lifecycle management. Security and Identity represents 14% and spans service accounts, secrets, and OAuth integration with the OpenShift authentication stack. Because this is a developer-level bundle, questions often reward practical judgment about where configuration should live — application, Helm chart, or cluster-level policy.
Every answer links to the source. Each explanation below includes a hyperlink to the exact IBM documentation page the question was derived from. PowerKram is the only practice platform with source-verified explanations. Learn about our methodology →
742
practice exam users
94%
satisfied users
91%
passed the exam
4.6/5
quality rating
Test your C0007320 cloudpak apps v4 redhat knowledge
10 of 382+ questions
Question #1 - Cloud-Native Application Design
A developer at Briarcrest Financial is building a MicroProfile service on Open Liberty for a v4.1 Cloud Pak for Applications deployment.
Which MicroProfile capability is most appropriate for the service’s configuration needs?
A) Hard-coded configuration baked into the container image
B) MicroProfile Config, reading configuration from Kubernetes ConfigMaps and environment variables rather than embedding values in the image
C) Configuration pulled from a developer’s laptop at runtime
D) No configuration source at all
Show solution
Correct answers: B – Explanation:
MicroProfile Config with ConfigMaps and env vars is the Open Liberty cloud-native config reference. Baked-in values, laptop-sourced configs, and no-config all fail cloud-native principles. Source: Check Source
Question #2 - Cloud-Native Application Design
A twelve-factor review at Penfold Retail finds a service writing session state to local container disk.
Which cloud-native redesign fits?
A) Prevent scaling to one replica only
B) Keep state on local disk and pin traffic to one replica
C) Copy state between replicas manually
D) Make the service stateless by externalizing session data into a managed store (e.g., Redis on IBM Cloud) so multiple replicas can serve any request safely
Show solution
Correct answers: D – Explanation:
Stateless services with external state is the twelve-factor cloud-native reference. Pinned traffic, manual copies, and single-replica pinning all fail scalability. Source: Check Source
Question #3 - Cloud-Native Application Design
A readiness-probe requirement at Glenfield Insurance must prevent traffic from reaching a pod during startup.
Which MicroProfile plus OpenShift pattern fits?
A) Return 200 for every probe regardless of actual readiness
B) Skip readiness probes and send traffic on pod creation
C) Expose MicroProfile Health readiness endpoints and configure OpenShift readiness probes against them, so only ready pods receive traffic
D) Disable probes to simplify manifests
Show solution
Correct answers: C – Explanation:
MicroProfile Health with OpenShift readiness probes is the cloud-native reference. Skipping probes, misleading 200s, and disabling probes all fail startup correctness. Source: Check Source
Question #4 - Build and Deploy
A developer at Rosevale Utilities wants to build container images from a Java source repository without maintaining Dockerfiles.
Which OpenShift capability fits?
A) Use Source-to-Image (S2I) with the appropriate Java builder image to produce container images directly from source
B) Build images on the developer’s laptop and push them to every cluster by hand
C) Skip containers and deploy raw WARs to each node
D) Copy random base images from the internet
Show solution
Correct answers: A – Explanation:
S2I with Java builder images is OpenShift’s source-driven build reference. Laptop builds, raw WARs, and random base images all fail cloud-native build discipline. Source: Check Source
Question #5 - Build and Deploy
An OpenShift BuildConfig at Harrowcreek Bank needs to trigger on each commit to the main branch.
Which configuration fits?
A) Trigger builds on every unrelated repository change
B) Trigger builds only when an admin clicks a button each morning
C) Never trigger builds and deploy manually
D) Configure a Git webhook trigger on the BuildConfig so pushes to main start builds automatically, pushing images to the ImageStream
Show solution
Correct answers: D – Explanation:
Git-webhook-triggered BuildConfigs is the OpenShift reference for commit-driven builds. Manual triggering, no triggering, and unrelated triggers all miss the feature. Source: Check Source
Question #6 - Build and Deploy
A pipeline at Talbrook Finance needs declarative, cloud-native CI/CD for a CP4Apps v4.1 workload.
Which OpenShift cloud-native CI/CD technology fits the CP4Apps v4.1 pipeline?
A) Skip CI/CD and deploy by hand
B) Rely on a single shell script run from a team lead’s laptop
C) Author Tekton pipelines defined in YAML and stored in Git, executing build, test, and deploy tasks as Kubernetes-native resources
D) Use an unrelated build product that does not integrate with OpenShift
Show solution
Correct answers: C – Explanation:
Tekton pipelines stored in Git is OpenShift’s cloud-native CI/CD reference. Laptop scripts, hand deploys, and non-integrated products all miss the pattern. Source: Check Source
Question #7 - Integration and Service Binding
An Open Liberty service at Windermere Insurance must connect to a Db2 on Cloud database managed outside the cluster.
Which OpenShift-native approach fits?
A) Use a Service Binding (or ConfigMap and Secret pattern) so the Liberty application receives connection details via environment variables or files at runtime, keeping credentials out of the image
B) Embed the Db2 connection string in the container image
C) Hard-code the password in the source code
D) Copy the credentials manually into each pod
Show solution
Correct answers: A – Explanation:
Service Bindings or Secret/ConfigMap injection is the OpenShift reference for external service connections. Embedded strings, hard-coded passwords, and manual copies all fail the pattern. Source: Check Source
Question #8 - Integration and Service Binding
A service at Cobblestone Retail must call a third-party API whose endpoint and key vary by environment.
Which cloud-native configuration pattern fits?
A) Ship a single immutable image that only works in one environment
B) Read endpoint and key from MicroProfile Config backed by a ConfigMap (for endpoint) and a Secret (for key), injected by environment
C) Edit the image in each environment after deployment
D) Store the key in the repository’s README
Show solution
Correct answers: B – Explanation:
ConfigMap Secret via MicroProfile Config is the cloud-native per-environment pattern. Single-env images, post-deploy edits, and README secrets all fail the requirement. Source: Check Source
Question #9 - Observability and Lifecycle
A developer at Fernbridge Holdings needs MicroProfile metrics exposed so OpenShift Monitoring can scrape them.
Which MicroProfile capability fits?
A) Enable MicroProfile Metrics on the Liberty service to expose a /metrics endpoint in Prometheus format, and add a ServiceMonitor so OpenShift Monitoring scrapes it
B) Expose no metrics and guess at performance
C) Return only string summaries unreadable by Prometheus
D) Disable metrics because scraping adds load
Show solution
Correct answers: A – Explanation:
MicroProfile Metrics plus ServiceMonitor is the OpenShift observability reference for Liberty. No metrics, non-Prometheus output, and disabled metrics all fail the requirement. Source: Check Source
Question #10 - Security and Identity
A pod at Willowdale Bank needs to authenticate to another IBM Cloud service without embedded API keys.
Which cloud-native identity pattern fits?
A) Embed a permanent API key in a ConfigMap
B) Use an IAM trusted profile bound to the workload identity so the pod obtains short-lived tokens at runtime, eliminating long-lived API keys from the manifest
C) Use the CTO’s personal key
D) Disable authentication entirely
Show solution
Correct answers: B – Explanation:
Trusted profiles with short-lived tokens is the IBM Cloud identity-for-workloads reference. Embedded keys, personal keys, and disabled auth all fail secure identity. Source: Check Source
Get 382+ more questions with source-linked explanations
Every answer traces to the exact IBM documentation page — so you learn from the source, not just memorize answers.
Exam mode & learn mode · Score by objective · Updated April 17, 2026
Learn more...
What the C0007320 cloudpak apps v4 redhat exam measures
- Design and align MicroProfile, Open Liberty, twelve-factor patterns, and CP4Apps starter kits to build apps that feel at home on OpenShift and scale without architectural rewrites
- Build and deploy source-to-image, BuildConfigs, ImageStreams, Helm, and Tekton to move code from commit to running pod through repeatable, observable pipelines
- Integrate and bind API connections, service bindings, and data-source configuration to connect cloud-native applications with managed services without leaking credentials
- Instrument and run logging, metrics, tracing, and container lifecycle management to keep applications observable and well-behaved inside a shared cluster
- Secure and federate service accounts, secrets, and OAuth integration to protect application identities end-to-end without custom glue code
How to prepare for this exam
- Review the official exam guide to understand every objective and domain weight before you begin studying
- Work through the relevant IBM Training learning path — ibm certified developer cloud pak for applications v4 1 plus red hat certified specialist in openshift application development C0007320 — to cover vendor-authored material end-to-end
- Get hands-on inside IBM TechZone or a comparable sandbox so you can practice the console tasks, CLI commands, and APIs the exam expects
- Tackle a real-world project at your workplace, a volunteer role, or an open-source repository where the technology under test is actually in use
- Drill one exam objective at a time, starting with the highest-weighted domain and only moving on once you can teach it to someone else
- Study by objective in PowerKram learn mode, where every explanation links back to authoritative IBM documentation
- Switch to PowerKram exam mode to rehearse under timed conditions and confirm you consistently score above the pass mark
Career paths and salary outlook
Cloud-native Java developers with OpenShift depth remain among the highest-paid application engineers:
- Cloud-Native Application Developer — $110,000–$150,000 per year, building and deploying apps on OpenShift and CP4Apps (Glassdoor salary data)
- Senior Java Developer (Cloud) — $125,000–$165,000 per year, leading Java modernization for enterprise workloads (Indeed salary data)
- Application Platform Engineer — $120,000–$160,000 per year, owning the developer experience across OpenShift estates (Glassdoor salary data)
Official resources
Work through the official IBM Training learning path for this certification, which bundles videos, labs, and skill tasks aligned to every objective. The official exam page lists the full objective breakdown, prerequisite knowledge, and scheduling details.