Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Linux Foundation Exam CKS Topic 1 Question 57 Discussion

Actual exam question for Linux Foundation's Certified Kubernetes Security Specialist exam
Question #: 57
Topic #: 1
[All Certified Kubernetes Security Specialist Questions]

Context

A default-deny NetworkPolicy avoids to accidentally expose a Pod in a namespace that doesn't have any other NetworkPolicy defined.

Task

Create a new default-deny NetworkPolicy named defaultdeny in the namespace testing for all traffic of type Egress.

The new NetworkPolicy must deny all Egress traffic in the namespace testing.

Apply the newly created default-deny NetworkPolicy to all Pods running in namespace testing.

Show Suggested Answer Hide Answer
Suggested Answer: A

by Noe at Jun 20, 2024, 02:02 PM

Limited Time Offer

25%

Off

Get Premium CKS Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Percy
29 days ago
Well, well, well, looks like we've got a sneaky little network policy question here. But I'm not falling for it - C is the way to go, folks!
upvoted 0 times
Kenneth
4 days ago
Let's go with C then, it seems like the safest choice for this scenario.
upvoted 0 times
...
Louann
8 days ago
I agree, C seems like the best option to deny all Egress traffic.
upvoted 0 times
...
Veronica
19 days ago
I think C is the correct choice for this network policy.
upvoted 0 times
...
...
Magnolia
1 months ago
Haha, I love how they're trying to trick us with the 'default-allow' option. Nice try, but I'm too smart for that. C all the way!
upvoted 0 times
Ria
10 days ago
User 2: Definitely, option C is the way to go.
upvoted 0 times
...
Veronika
19 days ago
User 1: I agree, they can't fool us with that 'default-allow' option.
upvoted 0 times
...
Reita
22 days ago
Sanjuana: Agreed, C all the way!
upvoted 0 times
...
Sanjuana
23 days ago
User 2: Definitely, option C is the way to go.
upvoted 0 times
...
Dudley
27 days ago
User 1: I know right, they can't fool us with that 'default-allow' option.
upvoted 0 times
...
...
Gilberto
1 months ago
Oh boy, this one's a toughie. But I'll trust my gut and go with C. Gotta keep those Pods locked down, you know?
upvoted 0 times
...
Glenn
1 months ago
Hmm, I'm not sure. The question mentions a 'default-deny NetworkPolicy', but option A shows a 'default-allow' policy. I think I'll go with C just to be safe.
upvoted 0 times
Detra
20 days ago
I agree, let's go with C.
upvoted 0 times
...
Therese
25 days ago
I think C is the safest option.
upvoted 0 times
...
...
Elly
1 months ago
I think the correct answer is C. The question clearly states that the new NetworkPolicy must deny all Egress traffic in the namespace testing, and the image for option C shows the correct configuration for that.
upvoted 0 times
Ma
7 days ago
Let's go with option C then. It aligns with the task of denying all Egress traffic in the namespace testing.
upvoted 0 times
...
Loise
12 days ago
The image for option C matches the requirements specified in the question for denying all Egress traffic.
upvoted 0 times
...
Justine
21 days ago
Yes, option C is the best choice for creating a default-deny NetworkPolicy in this scenario.
upvoted 0 times
...
Cammy
1 months ago
I agree, option C is the correct answer. It denies all Egress traffic in the namespace testing.
upvoted 0 times
...
...
Crista
2 months ago
That makes sense. It's important to have strict controls in place for Egress traffic.
upvoted 0 times
...
Marjory
2 months ago
I believe the purpose is to avoid accidentally exposing a Pod in a namespace without any other NetworkPolicy.
upvoted 0 times
...
Crista
2 months ago
Yes, we need to create a new default-deny NetworkPolicy named defaultdeny in the namespace testing.
upvoted 0 times
...
Marjory
2 months ago
I think the question is about creating a default-deny NetworkPolicy.
upvoted 0 times
...

Save Cancel