New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

CKS Certified Kubernetes Security Specialist (CKS) Questions and Answers

Questions 4

use the Trivy to scan the following images,

1.  amazonlinux:1

2.  k8s.gcr.io/kube-controller-manager:v1.18.6

Look for images with HIGH or CRITICAL severity vulnerabilities and store the output of the same in /opt/trivy-vulnerable.txt

Options:

Buy Now
Questions 5

Context

A CIS Benchmark tool was run against the kubeadm-created cluster and found multiple issues that must be addressed immediately.

Task

Fix all issues via configuration and restart the affected components to ensure the new settings take effect.

Fix all of the following violations that were found against the API server:

Fix all of the following violations that were found against the Kubelet:

Fix all of the following violations that were found against etcd:

Options:

Buy Now
Questions 6

A container image scanner is set up on the cluster.

Given an incomplete configuration in the directory

/etc/kubernetes/confcontrol and a functional container image scanner with HTTPS endpoint https://test-server.local.8081/image_policy

1. Enable the admission plugin.

2. Validate the control configuration and change it to implicit deny.

Finally, test the configuration by deploying the pod having the image tag as latest.

Options:

Buy Now
Questions 7

Create a new ServiceAccount named backend-sa in the existing namespace default, which has the capability to list the pods inside the namespace default.

Create a new Pod named backend-pod in the namespace default, mount the newly created sa backend-sa to the pod, and Verify that the pod is able to list pods.

Ensure that the Pod is running.

Options:

Buy Now
Exam Code: CKS
Exam Name: Certified Kubernetes Security Specialist (CKS)
Last Update: Dec 22, 2024
Questions: 48

PDF + Testing Engine

$134.99

Testing Engine

$99.99

PDF (Q&A)

$84.99