CCA
Service Mesh
hard
Question 5 of 32

A security team applies CiliumNetworkPolicy to external traffic entering through Gateway API, but requests are still blocked unexpectedly. Which policy design matches the documented model?

AAllow only ingress to the backend identity because the world identity is never used for Gateway API
BAllow world to ingress and also ingress to the backend identity
CAllow only traffic from kube-system to the backend
DDisable the ingress identity with a Helm flag

More Service Mesh Questions

32 questions

Full Cilium Certified Associate Practice Test

All topics covered

All Cilium Certified Associate Questions

Browse by topic

Related Questions

What does a service mesh primarily do for distributed applications according to the Cilium docs?...

easy

Which component does Cilium service mesh use for application-layer protocols such as HTTP, Kafka, gR...

easy

A platform team wants traffic splitting and header modification without relying on controller-specif...

medium

Which prerequisite set is required for Cilium Gateway API support?...

medium

A backend application behind Cilium Gateway API needs the client address for HTTP requests. Which st...

medium
View all Service Mesh questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account