Labour Day Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

Page: 1 / 1

Kubernetes Security Specialist Certified Kubernetes Security Specialist (CKS)

Certified Kubernetes Security Specialist (CKS)

Last Update Apr 25, 2024
Total Questions : 48

To help you prepare for the CKS Linux Foundation exam, we are offering free CKS Linux Foundation exam questions. All you need to do is sign up, provide your details, and prepare with the free CKS practice questions. Once you have done that, you will have access to the entire pool of Certified Kubernetes Security Specialist (CKS) CKS test questions which will help you better prepare for the exam. Additionally, you can also find a range of Certified Kubernetes Security Specialist (CKS) resources online to help you better understand the topics covered on the exam, such as Certified Kubernetes Security Specialist (CKS) CKS video tutorials, blogs, study guides, and more. Additionally, you can also practice with realistic Linux Foundation CKS exam simulations and get feedback on your progress. Finally, you can also share your progress with friends and family and get encouragement and support from them.

Questions 4

You can switch the cluster/configuration context using the following command:

[desk@cli] $ kubectl config use-context test-account 

Task: Enable audit logs in the cluster.

To do so, enable the log backend, and ensure that:

1. logs are stored at  /var/log/Kubernetes/logs.txt

2. log files are retained for 5 days

3. at maximum, a number of 10 old audit log files are retained 

A basic policy is provided at /etc/Kubernetes/logpolicy/audit-policy.yaml. It only specifies what not to log.

Note: The base policy is located on the cluster's master node. 

Edit and extend the basic policy to log:

1.  Nodes changes at RequestResponse level

2. The request body of persistentvolumes changes in the namespace frontend

3. ConfigMap and Secret changes in all namespaces at the Metadata level

Also, add a catch-all rule to log all other requests at the Metadata level

Note: Don't forget to apply the modified policy.

Options:

Discussion 0
Questions 5

Cluster: dev

Master node: master1

Worker node: worker1

You can switch the cluster/configuration context using the following command:

[desk@cli] $ kubectl config use-context dev 

Task:

Retrieve the content of the existing secret named adam in the safe namespace.

Store the username field in a file names /home/cert-masters/username.txt, and the password field in a file named /home/cert-masters/password.txt.

1. You must create both files; they don't exist yet.

2. Do not use/modify the created files in the following steps, create new temporary files if needed. 

Create a new secret names newsecret in the safe namespace, with the following content:

Username: dbadmin

Password: moresecurepas

Finally, create a new Pod that has access to the secret newsecret via a volume:

  • Namespace:safe
  • Pod name:mysecret-pod
  • Container name:db-container
  • Image:redis
  • Volume name:secret-vol
  • Mount path:/etc/mysecret

Options:

Discussion 0
River
Hey, I used Cramkey Dumps to prepare for my recent exam and I passed it.
Lewis (not set)
Yeah, I used these dumps too. And I have to say, I was really impressed with the results.
Melody
My experience with Cramkey was great! I was surprised to see that many of the questions in my exam appeared in the Cramkey dumps.
Colby (not set)
Yes, In fact, I got a score of above 85%. And I attribute a lot of my success to Cramkey's dumps.
Vienna
I highly recommend them. They are offering exact questions that we need to prepare our exam.
Jensen (not set)
That's great. I think I'll give Cramkey a try next time I take a certification exam. Thanks for the recommendation!
Lennie
I passed my exam and achieved wonderful score, I highly recommend it.
Emelia (not set)
I think I'll give Cramkey a try next time I take a certification exam. Thanks for the recommendation!
Alaya
Best Dumps among other dumps providers. I like it so much because of their authenticity.
Kaiden (not set)
That's great. I've used other dump providers in the past and they were often outdated or had incorrect information. This time I will try it.
Questions 6

Create a new ServiceAccount named backend-sa in the existing namespace default, which has the capability to list the pods inside the namespace default.

Create a new Pod named backend-pod in the namespace default, mount the newly created sa backend-sa to the pod, and Verify that the pod is able to list pods.

Ensure that the Pod is running.

Options:

Discussion 0
CKS Exam Syllabus CKS Free YouTube Course Get Premium Access

CKS
PDF

$35  $99.99
 Add to Cart

CKS Testing Engine

$42  $119.99
 Add to Cart

CKS PDF + Testing Engine

$56  $159.99
 Add to Cart