Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Linux Foundation Exam CKS Topic 1 Question 56 Discussion

Actual exam question for Linux Foundation's CKS exam
Question #: 56
Topic #: 1
[All CKS Questions]

Context

A PodSecurityPolicy shall prevent the creation of privileged Pods in a specific namespace.

Task

Create a new PodSecurityPolicy named prevent-psp-policy,which prevents the creation of privileged Pods.

Create a new ClusterRole named restrict-access-role, which uses the newly created PodSecurityPolicy prevent-psp-policy.

Create a new ServiceAccount named psp-restrict-sa in the existing namespace staging.

Finally, create a new ClusterRoleBinding named restrict-access-bind, which binds the newly created ClusterRole restrict-access-role to the newly created ServiceAccount psp-restrict-sa.

Show Suggested Answer Hide Answer
Suggested Answer: A

Contribute your Thoughts:

Johnetta
5 months ago
Ah, the classic 'prevent privileged Pods' task. I've done this a few times before, so I'm feeling confident. Let's crush this!
upvoted 0 times
Clare
4 months ago
I'll create the new ClusterRole named restrict-access-role next.
upvoted 0 times
...
Catarina
4 months ago
I'm ready to create the new PodSecurityPolicy named prevent-psp-policy.
upvoted 0 times
...
Christiane
5 months ago
I'll create the new ClusterRole named restrict-access-role next.
upvoted 0 times
...
Evangelina
5 months ago
I'm ready to create the new PodSecurityPolicy named prevent-psp-policy.
upvoted 0 times
...
...
Selene
6 months ago
Wait, do we need to include any specific configurations in the PSP? I don't want to miss anything important. Time to review the docs again.
upvoted 0 times
...
Leonida
6 months ago
Hold up, is that a trick question? I feel like there's a hidden catch somewhere. Better double-check everything before submitting.
upvoted 0 times
Lauran
5 months ago
I agree, we should double-check everything before submitting to avoid any hidden catches.
upvoted 0 times
...
Shawn
5 months ago
Yeah, let's make sure we don't miss any steps to prevent the creation of privileged Pods.
upvoted 0 times
...
Gladys
5 months ago
I think we need to carefully follow the instructions to create the new PodSecurityPolicy.
upvoted 0 times
...
...
Anthony
6 months ago
This looks straightforward. Create the PSP, ClusterRole, ServiceAccount, and ClusterRoleBinding. Shouldn't be too difficult.
upvoted 0 times
Salley
5 months ago
I created the ServiceAccount psp-restrict-sa and the ClusterRoleBinding restrict-access-bind.
upvoted 0 times
...
Temeka
6 months ago
I created the ClusterRole restrict-access-role.
upvoted 0 times
...
Dante
6 months ago
I created the PodSecurityPolicy prevent-psp-policy.
upvoted 0 times
...
...
Dominque
6 months ago
I agree, it requires a good understanding of security policies in Kubernetes.
upvoted 0 times
...
Edna
6 months ago
I think the question about PodSecurityPolicy is quite challenging.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77