Kubernetes MCQs – Kubernetes Security

11.) What command shows all secrets in the current namespace?

A) kubectl get secrets
B) kubectl describe secrets
C) kubectl list secrets
D) kubectl show secrets

Answer: Option A

Explanation: This command displays all defined secrets in the current namespace.

12.) What kind of resource is a RoleBinding?

A) It binds services together
B) It binds users/groups to roles within a namespace
C) It configures secret mounting
D) It connects network policies

Answer: Option B

Explanation: RoleBinding allows assigning a Role to a user, group, or service account in a namespace.

13.) Which field in a Pod definition specifies the user ID the container should run as?

A) userID
B) runUser
C) runAsUser
D) containerUser

Answer: Option C

Explanation: runAsUser is part of the security context that sets the user ID.

14.) How do you define a ClusterRole in YAML?

A) apiVersion: rbac.authorization.k8s.io/v1, kind: ClusterRole
B) apiVersion: core/v1, kind: ClusterRole
C) apiVersion: apps/v1, kind: Role
D) apiVersion: rbac.authorization.k8s.io/v1beta1, kind: ClusterBinding

Answer: Option A

Explanation: apiVersion: rbac.authorization.k8s.io/v1beta1, kind: ClusterBinding

15.) What command applies a Role defined in a YAML file?

A) What command applies a Role defined in a YAML file?
B) kubectl add role -f role.yaml
C) kubectl assign -f role.yaml
D) kubectl create -f role.yaml

Answer: Option D

Explanation: Standard method for creating resources using kubectl.

16.) Which of the following policies restricts external access to a pod?

A) NetworkPolicy
B) PodSecurityPolicy
C) RoleBinding
D) Secret

Answer: Option A

Explanation: NetworkPolicy restricts incoming/outgoing traffic to/from pods.

17.) What is the default behavior of Kubernetes when no NetworkPolicy is applied?

A) All traffic is denied
B) All traffic is allowed
C) Only internal pod traffic is allowed
D) Only external traffic is allowed

Answer: Option B

Explanation: By default, pods can communicate with any other pod unless restricted by a NetworkPolicy.

18.) Which file can you use to mount a secret as a volume in a pod?

A) service.yaml
B) secret.yaml
C) pod.yaml
D) configmap.yaml

Answer: Option C

Explanation: Pod definitions include the configuration for mounting secrets as volumes.

19.) What does TLS stand for in Kubernetes context?

A) Token Login Service
B) Trusted Layer Security
C) Transport Layer Security
D) Terminal Lock Service

Answer: Option C

Explanation: TLS is used to secure communication between components in the Kubernetes cluster.

20.) What Kubernetes feature ensures encrypted communication between nodes?

A) CoreDNS
B) TLS certificates
C) kube-proxy
D) RBAC

Answer: Option B

Explanation: Kubernetes uses TLS for encrypting API communication.

Leave a Reply

Your email address will not be published. Required fields are marked *