Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Linux Foundation Exam CKS Topic 1 Question 55 Discussion

Actual exam question for Linux Foundation's Certified Kubernetes Security Specialist exam
Question #: 55
Topic #: 1
[All Certified Kubernetes Security Specialist Questions]

You can switch the cluster/configuration context using the following command: [desk@cli] $kubectl config use-context dev Context: A CIS Benchmark tool was run against the kubeadm created cluster and found multiple issues that must be addressed. Task: Fix all issues via configuration and restart the affected components to ensure the new settings take effect. Fix all of the following violations that were found against the API server: 1.2.7authorization-modeargument is not set toAlwaysAllow FAIL 1.2.8authorization-modeargument includesNode FAIL 1.2.7authorization-modeargument includesRBAC FAIL Fix all of the following violations that were found against the Kubelet: 4.2.1 Ensure that theanonymous-auth argumentis set to false FAIL 4.2.2authorization-modeargument is not set to AlwaysAllow FAIL (UseWebhookautumn/authz where possible) Fix all of the following violations that were found against etcd: 2.2 Ensure that theclient-cert-authargument is set to true

Show Suggested Answer Hide Answer
Suggested Answer: A

by Arminda at May 23, 2024, 11:12 AM

Limited Time Offer

25%

Off

Get Premium CKS Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Bettyann
3 months ago
Wait, we have to fix issues for the API server, Kubelet, and etcd? This is going to be a long one, but I'm feeling confident.
upvoted 0 times
Dottie
2 months ago
User2
upvoted 0 times
...
Darrin
3 months ago
User1
upvoted 0 times
...
...
Krissy
3 months ago
Hmm, authorization modes and anonymous auth settings. Looks like a real brainteaser, but I'm up for the challenge.
upvoted 0 times
...
Leslie
3 months ago
Jokes on the exam writers, I've been waiting for a chance to show off my Kubernetes security chops!
upvoted 0 times
Goldie
3 months ago
A) Explanation
upvoted 0 times
...
Dominga
3 months ago
A) Explanation
upvoted 0 times
...
...
Lezlie
3 months ago
This question covers a lot of important security configurations for the Kubernetes cluster. I think I can handle this one.
upvoted 0 times
Merissa
3 months ago
Finally, I will ensure that the client-cert-auth argument is set to true for etcd to fix the violations found.
upvoted 0 times
...
Merissa
3 months ago
Next, I will address the violations for the Kubelet by setting anonymous-auth to false and changing the authorization-mode.
upvoted 0 times
...
Merissa
3 months ago
I will fix the authorization-mode violations for the API server and restart the affected components.
upvoted 0 times
...
Merissa
3 months ago
I see there are multiple issues that need to be fixed against the API server, Kubelet, and etcd. Let's address them step by step.
upvoted 0 times
...
Merissa
3 months ago
I will start by switching the cluster/configuration context to dev using the command provided.
upvoted 0 times
...
...

Save Cancel