Question 1

Why is restricting access to Kubernetes’ cluster-level resources critical in mitigating the risk of privilege escalation?

Options :

A : To enhance the performance of cluster components

B : To optimize resource distribution among different cluster services

C : To prevent unauthorized users or compromised applications from gaining extensive control over the cluster

D : To facilitate seamless communication between cluster services

Answer: C

Question 2

What is the primary purpose of enabling mutual TLS (mTLS) authentication on the Kubernetes API Server?

Options :

A : To increase the processing speed of API requests

B : To ensure load balancing of API requests across multiple servers

C : To provide encrypted and authenticated communication between clients and the API server

D : To facilitate automatic scaling of the API server based on traffic

Answer: C

Question 3

Why is pod isolation crucial in a multi-tenant Kubernetes environment?

Options :

A : To optimize the load balancing of network traffic among different tenants

B : To manage the allocation of storage resources to different tenant namespaces

C : To prevent a compromised or malicious pod in one tenant environment from affecting others

D : To ensure uniform resource utilization across different tenant environments

Answer: C

Question 4

In the context of Kubernetes cluster security, how can the Scheduler component be secured to prevent unauthorized scheduling of pods?

Options :

A : By implementing Horizontal Pod Autoscaling for the Scheduler

B : By applying Network Policies specific to the Scheduler

C : By enforcing Role-Based Access Control (RBAC) for scheduling decisions

D : By using a Service Mesh to manage traffic to the Scheduler

Answer: C

Question 5

What is the role of a Certificate Authority (CA) in the PKI setup of a Kubernetes cluster?

Options :

A : To provide load balancing between different Kubernetes services

B : To manage the distribution of secrets within the Kubernetes cluster

C : To issue and manage digital certificates for secure communication within the cluster

D : To optimize network traffic routing within the Kubernetes environment

Answer: C

Higher Test Marks with Free Online KCSA Exam Practice