Question 1

What is the primary security benefit of isolating Kubernetes service traffic using a Service Mesh like Istio or Linkerd?

Options :

A : To enhance the auto-scaling capabilities of services based on traffic

B : To enable automatic routing and load balancing of service requests

C : To provide encrypted communication and fine-grained access control between services

D : To improve the efficiency of resource utilization among services

Answer: C

Question 2

Why is the secure management of secrets in persistent storage important in Kubernetes threat modeling?

Options :

A : To facilitate seamless scaling of applications based on storage demands

B : To prevent unauthorized access to sensitive information like credentials and keys stored as secrets

C : To optimize the load balancing across different storage resources

D : To improve the network communication efficiency between storage volumes and pods

Answer: B

Question 3

Why is the ‘Restricted’ policy in Kubernetes Pod Security Standards important for handling sensitive workloads?

Options :

A : To optimize resource allocation for sensitive applications

B : To implement strict security constraints that minimize the risk of security breaches in sensitive applications

C : To increase the computational speed of applications handling sensitive data

D : To ensure high availability of sensitive applications in the cluster

Answer: B

Question 4

When assessing the security of a cloud-native infrastructure, which of the following would not typically be the direct responsibility of the cloud service provider?

Options :

A : Physical security of data center facilities

B : Patching the host operating system of virtual machines

C : Encrypting data at rest within the customer-s application

D : Ensuring the availability of network infrastructure

Answer: C

Question 5

Why is setting resource limits and requests for Kubernetes pods important to prevent internal Denial of Service scenarios?

Options :

A : To optimize the network performance of the cluster

B : To ensure even distribution of storage resources among pods

C : To prevent a single pod from consuming excessive resources, impacting overall cluster stability

D : To facilitate rapid scaling of applications in response to demand

Answer: C