Kubernetes Threat Model Questions
Practice questions for Kubernetes Threat Model topic in Kubernetes and Cloud Native Security Associate. 32 questions covering this domain.
A security reviewer sees that a user has get access on nodes/proxy. Why is this more dangerous than it first appears?
Why is granting permission to create Pods or workload resources in a namespace considered a privilege-escalation risk?
In normal Kubernetes operation, which control plane component do nodes and Pods talk to remotely when using the cluster API?
A multi-tenant cluster allows semi-trusted users to create many objects, and the operator is worried about object-creation denial of service. Which bu...
Which RBAC grant is enough to reveal Secret contents even if get permission was never granted?
Why do Kubernetes RBAC good practices strongly advise against adding ordinary users to the system:masters group?
Which permission is risky because it allows issuing tokens for existing ServiceAccounts?
A namespace editor can patch Namespace labels in a cluster that uses Pod Security Admission. What is the main security concern?
A threat reviewer notices that a low-privilege user has `create` access to Pods in a namespace and the namespace allows `hostPath` volumes. Why is thi...
An organization is mapping cloud native attacks to a structured framework so it can plan detections per technique. Which framework explicitly enumerat...
A threat actor includes a hidden malicious binary in a base image used by a public team. Where in the supply chain is this risk introduced?
Granting a user the `pods/exec` subresource verb appears innocuous because it does not grant `create pods`. Why is it nevertheless a high-risk privile...
An attacker deploys an unauthorized Pod that consumes large amounts of CPU and memory to mine cryptocurrency. Which threat category does this represen...
A reviewer sees that a low-privilege user can create DaemonSets in a namespace. From a threat-model perspective, why is this effectively cluster-wide ...
An attacker who has stolen credentials with broad permissions registers a MutatingAdmissionWebhook that injects a sidecar into every new Pod. Which th...
An attacker compromises the credentials of a CI/CD service account that can push images to the production registry. Which mitigation most directly con...
A developer can create Pods in a namespace but cannot read Secrets there. Why is this still risky?
Which access path can let a caller bypass admission and audit if it is reached directly?
Why is running kube-controller-manager with use-service-account-credentials a useful hardening measure?
Which statement about static Pods is relevant to the cluster threat model?
Sign in to see all 32 questions
Create a free account to browse all questions — completely free during our launch phase.