Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

Linux Foundation Updated CKS Exam Questions and Answers by hidayah

Page: 4 / 4

Linux Foundation CKS Exam Overview :

Exam Name: Certified Kubernetes Security Specialist (CKS)
Exam Code: CKS Dumps
Vendor: Linux Foundation Certification: Kubernetes Security Specialist
Questions: 64 Q&A's Shared By: hidayah
Question 16

Secrets stored in the etcd is not secure at rest, you can use the etcdctl command utility to find the secret value

for e.g:-

ETCDCTL_API=3 etcdctl get /registry/secrets/default/cks-secret --cacert="ca.crt" --cert="server.crt" --key="server.key"

Output

Questions 16

Using the Encryption Configuration, Create the manifest, which secures the resource secrets using the provider AES-CBC and identity, to encrypt the secret-data at rest and ensure all secrets are encrypted with the new configuration.

Options:

Discussion
Question 17

Use the kubesec docker images to scan the given YAML manifest, edit and apply the advised changes, and passed with a score of 4 points.

kubesec-test.yaml

    apiVersion: v1

    kind: Pod

    metadata:

    name: kubesec-demo

    spec:

    containers:

    - name: kubesec-demo

    image: gcr.io/google-samples/node-hello:1.0

    securityContext:

    readOnlyRootFilesystem: true

Hint: docker run -i kubesec/kubesec:512c5e0 scan /dev/stdin < kubesec-test.yaml

Options:

Discussion
Miley
Hey, I tried Cramkey Dumps for my IT certification exam. They are really awesome and helped me pass my exam with wonderful score.
Megan Jun 26, 2026
That’s great!!! I’ll definitely give it a try. Thanks!!!
Hassan
Highly Recommended Dumps… today I passed my exam! Same questions appear. I bought Full Access.
Kasper Jun 4, 2026
Hey wonderful….so same questions , sounds good. Planning to write this week, I will go for full access today.
Madeleine
Passed my exam with my dream score…. Guys do give these dumps a try. They are authentic.
Ziggy Jun 8, 2026
That's really impressive. I think I might give Cramkey Dumps a try for my next certification exam.
Lois
I passed my exam with wonderful score. Their dumps are 100% valid and I felt confident during the exam.
Ernie May 31, 2026
Absolutely. The best part is, the answers in the dumps were correct. So, I felt confident and well-prepared for the exam.
Esmae
I highly recommend Cramkey Dumps to anyone preparing for the certification exam.
Mollie Jun 25, 2026
Absolutely. They really make it easier to study and retain all the important information. I'm so glad I found Cramkey Dumps.
Question 18

Create a Pod name Nginx-pod inside the namespace testing, Create a service for the Nginx-pod named nginx-svc, using the ingress of your choice, run the ingress on tls, secure port.

Options:

Discussion
Question 19

Enable audit logs in the cluster, To Do so, enable the log backend, and ensure that

1. logs are stored at /var/log/kubernetes-logs.txt.

2. Log files are retained for 12 days.

3. at maximum, a number of 8 old audit logs files are retained.

4. set the maximum size before getting rotated to 200MB

Edit and extend the basic policy to log:

1. namespaces changes at RequestResponse

2. Log the request body of secrets changes in the namespace kube-system.

3. Log all other resources in core and extensions at the Request level.

4. Log "pods/portforward", "services/proxy" at Metadata level.

5. Omit the Stage RequestReceived

All other requests at the Metadata level

Options:

Discussion
Page: 4 / 4

CKS
PDF

$36.75  $104.99

CKS Testing Engine

$43.75  $124.99

CKS PDF + Testing Engine

$57.75  $164.99