Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Linux Foundation Exam CKS Topic 1 Question 57 Discussion

Actual exam question for Linux Foundation's CKS exam
Question #: 57
Topic #: 1
[All CKS Questions]

Context

A default-deny NetworkPolicy avoids to accidentally expose a Pod in a namespace that doesn't have any other NetworkPolicy defined.

Task

Create a new default-deny NetworkPolicy named defaultdeny in the namespace testing for all traffic of type Egress.

The new NetworkPolicy must deny all Egress traffic in the namespace testing.

Apply the newly created default-deny NetworkPolicy to all Pods running in namespace testing.

Show Suggested Answer Hide Answer
Suggested Answer: A

Contribute your Thoughts:

Percy
4 months ago
Well, well, well, looks like we've got a sneaky little network policy question here. But I'm not falling for it - C is the way to go, folks!
upvoted 0 times
Lashaunda
3 months ago
Great, C it is for the default-deny NetworkPolicy in the testing namespace.
upvoted 0 times
...
Kenneth
4 months ago
Let's go with C then, it seems like the safest choice for this scenario.
upvoted 0 times
...
Louann
4 months ago
I agree, C seems like the best option to deny all Egress traffic.
upvoted 0 times
...
Veronica
4 months ago
I think C is the correct choice for this network policy.
upvoted 0 times
...
...
Magnolia
5 months ago
Haha, I love how they're trying to trick us with the 'default-allow' option. Nice try, but I'm too smart for that. C all the way!
upvoted 0 times
Jules
3 months ago
We're too smart for their tricks.
upvoted 0 times
...
Ria
4 months ago
Definitely, option C is the way to go.
upvoted 0 times
...
Veronika
4 months ago
I agree, they can't fool us with that 'default-allow' option.
upvoted 0 times
...
Reita
4 months ago
Sanjuana: Agreed, C all the way!
upvoted 0 times
...
Sanjuana
4 months ago
Definitely, option C is the way to go.
upvoted 0 times
...
Dudley
4 months ago
I know right, they can't fool us with that 'default-allow' option.
upvoted 0 times
...
...
Gilberto
5 months ago
Oh boy, this one's a toughie. But I'll trust my gut and go with C. Gotta keep those Pods locked down, you know?
upvoted 0 times
...
Glenn
5 months ago
Hmm, I'm not sure. The question mentions a 'default-deny NetworkPolicy', but option A shows a 'default-allow' policy. I think I'll go with C just to be safe.
upvoted 0 times
Detra
4 months ago
I agree, let's go with C.
upvoted 0 times
...
Therese
4 months ago
I think C is the safest option.
upvoted 0 times
...
...
Elly
5 months ago
I think the correct answer is C. The question clearly states that the new NetworkPolicy must deny all Egress traffic in the namespace testing, and the image for option C shows the correct configuration for that.
upvoted 0 times
Ma
4 months ago
Let's go with option C then. It aligns with the task of denying all Egress traffic in the namespace testing.
upvoted 0 times
...
Loise
4 months ago
The image for option C matches the requirements specified in the question for denying all Egress traffic.
upvoted 0 times
...
Justine
4 months ago
Yes, option C is the best choice for creating a default-deny NetworkPolicy in this scenario.
upvoted 0 times
...
Cammy
5 months ago
I agree, option C is the correct answer. It denies all Egress traffic in the namespace testing.
upvoted 0 times
...
...
Crista
5 months ago
That makes sense. It's important to have strict controls in place for Egress traffic.
upvoted 0 times
...
Marjory
5 months ago
I believe the purpose is to avoid accidentally exposing a Pod in a namespace without any other NetworkPolicy.
upvoted 0 times
...
Crista
5 months ago
Yes, we need to create a new default-deny NetworkPolicy named defaultdeny in the namespace testing.
upvoted 0 times
...
Marjory
6 months ago
I think the question is about creating a default-deny NetworkPolicy.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77