Question 1

Why is it important to enable and configure Kubelet client certificate rotation in a Kubernetes cluster?

Options :

A : To improve the performance efficiency of the Kubelet

B : To ensure efficient resource allocation by the Kubelet

C : To facilitate smoother upgrades of Kubelet software

D : To enhance security through regular updating of authentication credentials

Answer: D

Question 2

When assessing the security of a cloud-native infrastructure, which of the following would not typically be the direct responsibility of the cloud service provider?

Options :

A : Physical security of data center facilities

B : Patching the host operating system of virtual machines

C : Encrypting data at rest within the customer-s application

D : Ensuring the availability of network infrastructure

Answer: C

Question 3

Why is pod isolation crucial in a multi-tenant Kubernetes environment?

Options :

A : To optimize the load balancing of network traffic among different tenants

B : To manage the allocation of storage resources to different tenant namespaces

C : To prevent a compromised or malicious pod in one tenant environment from affecting others

D : To ensure uniform resource utilization across different tenant environments

Answer: C

Question 4

In Kubernetes, why is it important to restrict the use of host network and host PID namespaces in pods?

Options :

A : To improve the load balancing of network traffic among pods

B : To enhance the isolation of pods from the underlying host system

C : To facilitate better resource allocation to pods

D : To streamline the deployment process of pods

Answer: B

Question 5

In the context of Kubernetes cluster security, how can the Scheduler component be secured to prevent unauthorized scheduling of pods?

Options :

A : By implementing Horizontal Pod Autoscaling for the Scheduler

B : By applying Network Policies specific to the Scheduler

C : By enforcing Role-Based Access Control (RBAC) for scheduling decisions

D : By using a Service Mesh to manage traffic to the Scheduler

Answer: C