Question 1

In Kubernetes, why is it important to configure Pod Security Admissions to audit mode?

Options :

A : To automatically scale pods based on the detected security risk

B : To evaluate the impact of proposed security policies without enforcing them

C : To enhance the data throughput performance of pods

D : To manage the allocation of persistent storage resources to pods

Answer: B

Question 2

When assessing the security of a cloud-native infrastructure, which of the following would not typically be the direct responsibility of the cloud service provider?

Options :

A : Physical security of data center facilities

B : Patching the host operating system of virtual machines

C : Encrypting data at rest within the customer-s application

D : Ensuring the availability of network infrastructure

Answer: C

Question 3

Why is restricting access to Kubernetes’ cluster-level resources critical in mitigating the risk of privilege escalation?

Options :

A : To enhance the performance of cluster components

B : To optimize resource distribution among different cluster services

C : To prevent unauthorized users or compromised applications from gaining extensive control over the cluster

D : To facilitate seamless communication between cluster services

Answer: C

Question 4

Why is the ‘Restricted’ policy in Kubernetes Pod Security Standards important for handling sensitive workloads?

Options :

A : To optimize resource allocation for sensitive applications

B : To implement strict security constraints that minimize the risk of security breaches in sensitive applications

C : To increase the computational speed of applications handling sensitive data

D : To ensure high availability of sensitive applications in the cluster

Answer: B

Question 5

What is the primary security benefit of isolating Kubernetes service traffic using a Service Mesh like Istio or Linkerd?

Options :

A : To enhance the auto-scaling capabilities of services based on traffic

B : To enable automatic routing and load balancing of service requests

C : To provide encrypted communication and fine-grained access control between services

D : To improve the efficiency of resource utilization among services

Answer: C