Google Exam Professional Cloud Security Engineer Topic 3 Question 15 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam

Question #: 15
Topic #: 3

[All Professional Cloud Security Engineer Questions]

For compliance reasons, an organization needs to ensure that in-scope PCI Kubernetes Pods reside on ''in- scope'' Nodes only. These Nodes can only contain the ''in-scope'' Pods.

How should the organization achieve this objective?

AAdd a nodeSelector field to the pod configuration to only use the Nodes labeled inscope: true.

BCreate a node pool with the label inscope: true and a Pod Security Policy that only allows the Pods to run on Nodes with that label.

CPlace a taint on the Nodes with the label inscope: true and effect NoSchedule and a toleration to match in the Pod configuration.

DRun all in-scope Pods in the namespace ''in-scope-pci''.

Show Suggested Answer

Suggested Answer: C

by Antione at May 08, 2022, 12:51 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!