Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Linux Foundation Exam CKS Topic 1 Question 59 Discussion

Actual exam question for Linux Foundation's Certified Kubernetes Security Specialist exam
Question #: 59
Topic #: 1
[All Certified Kubernetes Security Specialist Questions]

Context

A default-deny NetworkPolicy avoids to accidentally expose a Pod in a namespace that doesn't have any other NetworkPolicy defined.

Task

Create a new default-deny NetworkPolicy named defaultdeny in the namespace testing for all traffic of type Egress.

The new NetworkPolicy must deny all Egress traffic in the namespace testing.

Apply the newly created default-deny NetworkPolicy to all Pods running in namespace testing.

Show Suggested Answer Hide Answer
Suggested Answer: A

by Naomi at Jul 05, 2024, 10:46 AM

Limited Time Offer

25%

Off

Get Premium CKS Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Dominic
20 days ago
I'm glad they included an image to visualize the expected NetworkPolicy. That's super helpful for a hands-on exam like this.
upvoted 0 times
...
Nobuko
22 days ago
Haha, I bet the exam writers had fun coming up with this one. 'Default-deny' - it's like the Grinch of NetworkPolicies!
upvoted 0 times
Arlen
3 days ago
I know right, it's like saying 'you shall not pass' to any unauthorized traffic.
upvoted 0 times
...
Felix
11 days ago
Yeah, default-deny is like the ultimate security guard for your network.
upvoted 0 times
...
...
Fidelia
24 days ago
It might be, but it's better to start with strict rules and then adjust if needed.
upvoted 0 times
...
Floyd
25 days ago
Do you think denying all Egress traffic is too restrictive?
upvoted 0 times
...
Fidelia
26 days ago
I agree, it helps prevent accidental exposure of Pods.
upvoted 0 times
...
Dorothy
1 months ago
I like how the question provides the context and a clear task. It's a good way to test our understanding of NetworkPolicies.
upvoted 0 times
...
Vincenza
1 months ago
This is a straightforward NetworkPolicy question. The correct answer is A because it shows the YAML for the default-deny NetworkPolicy that denies all Egress traffic in the 'testing' namespace.
upvoted 0 times
Francesco
7 days ago
Let's make sure to apply the default-deny NetworkPolicy to all Pods in the 'testing' namespace.
upvoted 0 times
...
Virgie
8 days ago
I agree, it helps prevent accidental exposure of Pods in the namespace.
upvoted 0 times
...
Domonique
18 days ago
Yes, you're right. Answer A is the one that creates the default-deny NetworkPolicy for Egress traffic in the 'testing' namespace.
upvoted 0 times
...
Stefania
19 days ago
I think the correct answer is A, it denies all Egress traffic in the 'testing' namespace.
upvoted 0 times
...
Hoa
29 days ago
Yes, you're right. It's important to have a default-deny NetworkPolicy in place.
upvoted 0 times
...
Isadora
30 days ago
I think the answer is A, it denies all Egress traffic in the 'testing' namespace.
upvoted 0 times
...
...
Floyd
2 months ago
I think creating a default-deny NetworkPolicy is important for security.
upvoted 0 times
...

Save Cancel