Linux Foundation KCSA Exam Practice Test Instant Access

Question 1

When using a cloud provider's managed Kubernetes service, who is responsible for maintaining the etcd cluster?

AKubernetes administrator

BNamespace administrator

CCloud provider

DApplication developer

Answer : C

Question 2

Which security knowledge-base focuses specifically on offensive tools, techniques, and procedures?

AMITRE ATT&CK

BOWASP Top 10

CCIS Controls

DNIST Cybersecurity Framework

Answer : A

Question 3

Which of the following statements best describe container image signing and verification in the cloud environment?

AContainer image signatures and their verification ensure their authenticity and integrity against tampering.

BContainer image signatures are concerned with defining developer ownership of applications within multi-tenant environments.

CContainer image signatures are mandatory in cloud environments, as cloud providers would deny the execution of unsigned container images.

DContainer image signatures affect the performance of containerized applications, as they increase the size of images with additional metadata.

Answer : A

Question 4

What does the 'cluster-admin' ClusterRole enable when used in a RoleBinding?

AIt gives full control over every resource in the role binding's namespace, not including the namespace object for isolation purposes.

BIt gives full control over every resource in the cluster and in all namespaces.

CIt gives full control over every resource in the role binding's namespace, including the namespace itself.

DIt allows read/write access to most resources in the role binding's namespace. This role does not allow write access to resource quota, to the namespace itself, and to EndpointSlices (or Endpoints).

Answer : B

Question 5

Which of the following statements is true concerning the use of microVMs over user-space kernel implementations for advanced container sandboxing?

AMicroVMs allow for easier container management and orchestration than user-space kernel implementation.

BMicroVMs offer higher isolation than user-space kernel implementations at the cost of a higher per-instance memory footprint.

CMicroVMs provide reduced application compatibility and higher per-system call overhead than user-space kernel implementations.

DMicroVMs offer lower isolation and security compared to user-space kernel implementations.

Answer : B

Question 6

An attacker has successfully overwhelmed the Kubernetes API server in a cluster with a single control plane node by flooding it with requests.

How would implementing a high-availability mode with multiple control plane nodes mitigate this attack?

ABy implementing network segmentation to isolate the API server from the rest of the cluster, preventing the attack from spreading.

BBy distributing the workload across multiple API servers, reducing the load on each server.

CBy increasing the resources allocated to the API server, allowing it to handle a higher volume of requests.

DBy implementing rate limiting and throttling mechanisms on the API server to restrict the number of requests allowed.

Answer : B

Question 7

What is Grafana?

AA cloud-native distributed tracing system for monitoring microservices architectures.

BA container orchestration platform for managing and scaling applications.

CA platform for monitoring and visualizing time-series data.

DA cloud-native security tool for scanning and detecting vulnerabilities in Kubernetes clusters.

Answer : C

Linux Foundation Kubernetes and Cloud Native Security Associate KCSA Exam Practice Test