Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Linux Foundation Exam CKS Topic 1 Question 57 Discussion

Actual exam question for Linux Foundation's CKS exam
Question #: 57
Topic #: 1
[All CKS Questions]

Context

A default-deny NetworkPolicy avoids to accidentally expose a Pod in a namespace that doesn't have any other NetworkPolicy defined.

Task

Create a new default-deny NetworkPolicy named defaultdeny in the namespace testing for all traffic of type Egress.

The new NetworkPolicy must deny all Egress traffic in the namespace testing.

Apply the newly created default-deny NetworkPolicy to all Pods running in namespace testing.

Show Suggested Answer Hide Answer
Suggested Answer: A

by Noe at Jun 20, 2024, 02:02 PM

Limited Time Offer

25%

Off

Get Premium CKS Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Percy
11 months ago
Well, well, well, looks like we've got a sneaky little network policy question here. But I'm not falling for it - C is the way to go, folks!
upvoted 0 times
Lashaunda
10 months ago
Great, C it is for the default-deny NetworkPolicy in the testing namespace.
upvoted 0 times
...
Kenneth
10 months ago
Let's go with C then, it seems like the safest choice for this scenario.
upvoted 0 times
...
Louann
10 months ago
I agree, C seems like the best option to deny all Egress traffic.
upvoted 0 times
...
Veronica
11 months ago
I think C is the correct choice for this network policy.
upvoted 0 times
...
...
Magnolia
11 months ago
Haha, I love how they're trying to trick us with the 'default-allow' option. Nice try, but I'm too smart for that. C all the way!
upvoted 0 times
Jules
10 months ago
We're too smart for their tricks.
upvoted 0 times
...
Ria
10 months ago
Definitely, option C is the way to go.
upvoted 0 times
...
Veronika
11 months ago
I agree, they can't fool us with that 'default-allow' option.
upvoted 0 times
...
Reita
11 months ago
Sanjuana: Agreed, C all the way!
upvoted 0 times
...
Sanjuana
11 months ago
Definitely, option C is the way to go.
upvoted 0 times
...
Dudley
11 months ago
I know right, they can't fool us with that 'default-allow' option.
upvoted 0 times
...
...
Gilberto
11 months ago
Oh boy, this one's a toughie. But I'll trust my gut and go with C. Gotta keep those Pods locked down, you know?
upvoted 0 times
...
Glenn
11 months ago
Hmm, I'm not sure. The question mentions a 'default-deny NetworkPolicy', but option A shows a 'default-allow' policy. I think I'll go with C just to be safe.
upvoted 0 times
Detra
11 months ago
I agree, let's go with C.
upvoted 0 times
...
Therese
11 months ago
I think C is the safest option.
upvoted 0 times
...
...
Elly
11 months ago
I think the correct answer is C. The question clearly states that the new NetworkPolicy must deny all Egress traffic in the namespace testing, and the image for option C shows the correct configuration for that.
upvoted 0 times
Ma
10 months ago
Let's go with option C then. It aligns with the task of denying all Egress traffic in the namespace testing.
upvoted 0 times
...
Loise
10 months ago
The image for option C matches the requirements specified in the question for denying all Egress traffic.
upvoted 0 times
...
Justine
11 months ago
Yes, option C is the best choice for creating a default-deny NetworkPolicy in this scenario.
upvoted 0 times
...
Cammy
11 months ago
I agree, option C is the correct answer. It denies all Egress traffic in the namespace testing.
upvoted 0 times
...
...
Crista
11 months ago
That makes sense. It's important to have strict controls in place for Egress traffic.
upvoted 0 times
...
Marjory
12 months ago
I believe the purpose is to avoid accidentally exposing a Pod in a namespace without any other NetworkPolicy.
upvoted 0 times
...
Crista
12 months ago
Yes, we need to create a new default-deny NetworkPolicy named defaultdeny in the namespace testing.
upvoted 0 times
...
Marjory
12 months ago
I think the question is about creating a default-deny NetworkPolicy.
upvoted 0 times
...

Save Cancel