Security Questions
Practice questions for Security topic in Kubernetes and Cloud Native Associate. 12 questions covering this domain.
A developer should be able to read Pods only within one namespace, not across the whole cluster. Which RBAC combination is the best fit?
A security team wants to restrict which Pods may communicate with a payment service. Which Kubernetes feature is designed for this?
A namespace enforces the Restricted Pod Security Standard. Which Pod setting would violate that policy for a Linux workload?
A cluster adopts Pod Security Standards. An application Pod needs to mount the host network namespace for performance reasons. Under which Pod Securit...
Which Kubernetes API resource defines a set of permissions (verbs on resources) that can be granted to users or service accounts within a namespace?
A container in production is observed making outbound calls to unexpected external endpoints. The security team wants to prevent future containers in ...
A team wants Pods to meet the Restricted Pod Security Standard. Which option matches that profile?
A support engineer needs broad read only access but must not be able to read Secrets. Which default ClusterRole best matches that requirement?
A RoleBinding in the dev namespace references a ClusterRole named edit. What scope does that grant?
A namespace is enforcing the Baseline Pod Security Standard. Which Pod setting would violate that policy immediately?
A Pod spec explicitly sets seccompProfile to Unconfined in a Baseline namespace. Which statement is correct?
A vendor manifest requests a privileged container under Baseline enforcement. What is the expected outcome?
Sign in to see all 12 questions
Create a free account to browse all questions — completely free during our launch phase.