Free Linux Foundation KCSA Exam Braindumps (page: 2)

Which standard approach to security is augmented by the 4C's of Cloud Native security?

  1. Zero Trust
  2. Least Privilege
  3. Defense-in-Depth
  4. Secure-by-Design

Answer(s): C



In a Kubernetes cluster, what are the security risks associated with using ConfigMaps for storing secrets?

  1. Storing secrets in ConfigMaps does not allow for fine-grained access control via RBAC.
  2. Storing secrets in ConfigMaps can expose sensitive information as they are stored in plaintext and can be accessed by unauthorized users.
  3. Using ConfigMaps for storing secrets might make applications incompatible with the Kubernetes cluster.
  4. ConfigMaps store sensitive information in etcd encoded in base64 format automatically, which does not ensure confidentiality of data.

Answer(s): B,D



What is the difference between gVisor and Firecracker?

  1. gVisor is a user-space kernel that provides isolation and security for containers. At the same time, Firecracker is a lightweight virtualization technology for creating and managing secure, multi-tenant container and function-as-a-service (FaaS) workloads.
  2. gVisor is a lightweight virtualization technology for creating and managing secure, multi-tenant container and function-as-a-service (FaaS) workloads. At the same time, Firecracker is a user-space kernel that provides isolation and security for containers.
  3. gVisor and Firecracker are both container runtimes that can be used interchangeably.
  4. gVisor and Firecracker are two names for the same technology, which provides isolation and security for containers.

Answer(s): A



You want to minimize security issues in running Kubernetes Pods. Which of the following actions can help achieve this goal?

  1. Sharing sensitive data among Pods in the same cluster to improve collaboration.
  2. Running Pods with elevated privileges to maximize their capabilities.
  3. Implement Pod Security standards in the Pod's YAML configuration.
  4. Deploying Pods with randomly generated names to obfuscate their identities.

Answer(s): C



What was the name of the precursor to Pod Security Standards?

  1. Container Runtime Security
  2. Kubernetes Security Context
  3. Container Security Standards
  4. Pod Security Policy

Answer(s): D



Viewing page 2 of 13
Viewing questions 6 - 10 out of 59 questions



Post your Comments and Discuss Linux Foundation KCSA exam prep with other Community members:

KCSA Exam Discussions & Posts