Skip to content

Latest commit

 

History

History

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 

Kubernetes and Cloud Native Security Associate (KCSA) example questions

What is a primary security advantage of using a cloud provider’s managed Kubernetes service?

  • A. Automatic scaling of CPU and memory resources.
  • B. Built-in integration with developer IDE tools.
  • C. Regular security patching and updates.
  • D. Unlimited data storage capacities.
Answer

Correct answer: C


Which of the following is a recommended practice to secure Kubernetes infrastructure on a cloud provider?

  • A. Utilize public container images from unverified sources.
  • B. Regularly audit and apply Kubernetes security patches.
  • C. Enable anonymous access to Kubernetes API endpoints.
  • D. Run all pods with root privileges by default.
Answer

Correct answer: B


Which of the following is a primary purpose of security controls in a Kubernetes environment?

  • A. To automate deployment processes.
  • B. To manage network traffic between pods.
  • C. To ensure compliance with legal and regulatory requirements.
  • D. To provide user authentication and authorization.
Answer

Correct answer: C, D


Which of the following are well-known frameworks used for security management in cloud-native environments?

  • A. OWASP
  • B. HIPAA
  • C. MITRE ATTACK
  • D. PCI DSS
Answer

Correct answer: A, C


Which of the following is not one of the 4Cs of Cloud Native Security?

  • A. Code
  • B. Culture
  • C. Cloud
  • D. Cluster
  • E. Container
Answer

Correct answer: B


In the context of the 4Cs of Cloud Native Security, what does the “Cluster” focus on?

  • A. Securing interactions with external APIs.
  • B. Managing container runtime vulnerabilities.
  • C. Protecting the infrastructure that the applications run on.
  • D. Implementing continuous integration pipelines.
Answer

Correct answer: C


What is a namespace in Kubernetes used for?

  • A. Installing additional software packages.
  • B. Isolating resources within a cluster.
  • C. Managing storage volumes.
  • D. Running scheduled tasks.
Answer

Correct answer: B


Which of the following is a technique to provide isolation for applications running within Kubernetes?

  • A. Network policies.
  • B. Storage classes.
  • C. Replica sets.
  • D. Persistent volumes.
Answer

Correct answer: A


Which of the following practices enhance container image security?

  • A. Using the latest version of images without verification.
  • B. Setting up image vulnerability scanning.
  • C. Allowing images from any public repository.
  • D. Identifying a trusted source for base images.
Answer

Correct answer: B, D


What is a key benefit of using an artifact repository in a Kubernetes environment?

  • A. It allows for storing logs from the Kubernetes clusters.
  • B. It helps improve the security and integrity of deployment artifacts.
  • C. It provides automatic scaling of Kubernetes nodes.
  • D. It facilitates communication between microservices.
Answer

Correct answer: B


What is an effective method for securing application code in Kubernetes?

  • A. Using integrated development environments (IDEs).
  • B. Implementing code reviews and static analysis tools.
  • C. Running applications with root privileges.
  • D. Disabling network encryption.
Answer

Correct answer: B


Which approach enhances workload security in Kubernetes clusters?

  • A. Deploying all applications in the default namespace.
  • B. Regularly applying security patches and updates to container images.
  • C. Using privileged containers for all applications.
  • D. Allowing unrestricted network access to pods.
Answer

Correct answer: B


Which of the following can be used to secure communication between the API Server and other Kubernetes components?

  • A. Network policies.
  • B. TLS certificates.
  • C. iptables configuration.
  • D. Role-based access control.
Answer

Correct answer: B


What mechanism does the Kubernetes API Server use to authenticate user requests?

  • A. API Tokens.
  • B. Username and password.
  • C. SSH keys.
  • D. OAuth tokens.
Answer

Correct answer: A, D


What function does the Kubernetes Controller Manager serve in maintaining desired state configurations?

  • A. It handles communication between Pods.
  • B. It manages routine tasks such as node health checks and replication.
  • C. It provides a web interface for monitoring cluster resources.
  • D. It allows direct configuration of the cluster’s network policies.
Answer

Correct answer: B


Which security measure is essential for protecting the Kubernetes Controller Manager?

  • A. Enabling Role-Based Access Control (RBAC) for API authorization.
  • B. Using a firewall to block all external traffic to nodes.
  • C. Running the Controller Manager on a separate physical server.
  • D. Disabling all logging mechanisms to minimize data exposure.
Answer

Correct answer: A


What is the primary function of the Kubernetes Scheduler in a cluster?

  • A. To manage network policies.
  • B. To control access to the Kubernetes API.
  • C. To assign Pods to nodes based on resource availability and constraints.
  • D. To store and manage container images.
Answer

Correct answer: C


Which of the following contributes to Kubernetes Scheduler’s decision when determining node assignment for a Pod?

  • A. Node’s label selectors that match the Pod’s node affinity.
  • B. Network bandwidth usage across the nodes.
  • C. Pod’s image pull policy.
  • D. Node’s hardware specifications that match the Pod’s requests.
Answer

Correct answer: A, D


Which of the following options helps enhance the security of the Kubelet on a Kubernetes node?

  • A. Running the Kubelet under a non-root user account.
  • B. Enabling the read-only port.
  • C. Configuring API Server authentication.
  • D. Using TLS for Kubelet API server communication.
Answer

Correct answer: A, D


What is a potential security risk if the Kubelet’s anonymous-auth is enabled?

  • A. Unauthorized access to sensitive data on the node.
  • B. Increased latency in pod scheduling.
  • C. Debugging and troubleshooting becomes easier.
  • D. Enhancing cluster performance by offloading tasks to the node.
Answer

Correct answer: A


What role does the container runtime play in Kubernetes?

  • A. It manages the cluster networking.
  • B. It schedules pods and other workloads.
  • C. It starts and stops containers on a node.
  • D. It provides persistent storage services.
Answer

Correct answer: C


Which of the following is a common container runtime used in Kubernetes?

  • A. Syslog
  • B. CRI-O
  • C. HDFS
  • D. Nagios
Answer

Correct answer: B


What is the primary role of KubeProxy in a Kubernetes cluster?

  • A. To manage network storage volumes.
  • B. To schedule pod placement on nodes.
  • C. To manage network access for services/interfaces.
  • D. To deploy applications automatically.
Answer

Correct answer: C


Which of the following is a key security concern related to KubeProxy?

  • A. Ensuring communication encryption between nodes.
  • B. Controlling access to the Kubernetes API server.
  • C. Securing service accounts used by proxy services.
  • D. Managing access controls for network policies.
Answer

Correct answer: A


Which of the following is a primary security concern for pods in a Kubernetes cluster?

  • A. Version compatibility with the operating system.
  • B. Network latency between nodes.
  • C. Container vulnerabilities and privilege escalation.
  • D. The graphical user interface performance.
Answer

Correct answer: C


How can you implement security controls to restrict the actions of pods in a Kubernetes cluster?

  • A. By using Network Policies to control pod communication.
  • B. By configuring persistent volume claims.
  • C. By setting high availability for the scheduler.
  • D. By encrypting the kube-proxy logs.
Answer

Correct answer: A


Which of the following best describes the role of etcd in a Kubernetes cluster?

  • A. It serves as the user interface for managing containers.
  • B. It is a database that stores the cluster configuration and state.
  • C. It acts as the scheduler for deploying resources in a cluster.
  • D. It functions as the network load balancer.
Answer

Correct answer: B


How can you secure etcd data to prevent unauthorized access in a Kubernetes cluster?

  • A. By deploying etcd on the same node as the kubelet.
  • B. By enabling HTTP communication between Kubernetes components and etcd.
  • C. By configuring etcd to use TLS encryption for data in transit.
  • D. By restricting etcd access to only the master nodes.
Answer

Correct answer: C, D


Which of the following is a primary security concern when using persistent storage in Kubernetes?

  • A. Storage performance degradation.
  • B. Unauthorized access to sensitive data.
  • C. Lack of storage capacity.
  • D. High storage costs.
Answer

Correct answer: B


How can Kubernetes Secrets improve the security of storage configurations within a cluster?

  • A. By enhancing data encryption.
  • B. By providing a mechanism to store sensitive information, like passwords, in a secure manner.
  • C. By increasing storage space.
  • D. By improving the speed of data retrieval.
Answer

Correct answer: B


What is the purpose of Kubernetes Pod Security Standards?

  • A. To restrict the version of Kubernetes that can be used.
  • B. To provide guidelines for the isolation of Kubernetes workloads to protect the system from malicious pods.
  • C. To ensure that only certain container registries can be used.
  • D. To specify which Kubernetes resources can be accessed by nodes.
Answer

Correct answer: B


Which of the following is a valid enforcement level in Kubernetes Pod Security Standards?

  • A. Restricted
  • B. Basic
  • C. Closed
  • D. Enforced
Answer

Correct answer: A


Which of the following accurately describes the role of Pod Security Admissions in Kubernetes?

  • A. They are responsible for scheduling pods to appropriate nodes.
  • B. They enforce policies that dictate what pods can run and how they can operate within a cluster.
  • C. They manage the lifecycle of Kubernetes nodes.
  • D. They handle communication between pods.
Answer

Correct answer: B


What is a primary benefit of using Pod Security Admissions in a Kubernetes environment?

  • A. They improve the efficiency of networking between pods.
  • B. They ensure compliance with organizational security policies by controlling pod-level access and operations.
  • C. They facilitate the dynamic scaling of pods based on resource usage.
  • D. They provide automatic updates to the Kubernetes version used in the cluster.
Answer

Correct answer: B


What is the primary purpose of a Kubernetes ServiceAccount?

  • A. To monitor network traffic.
  • B. To authenticate nodes to the API server.
  • C. To grant permissions to applications running in a pod.
  • D. To authenticate external users to the cluster.
Answer

Correct answer: C


Which authentication method allows Kubernetes to integrate with an external identity provider?

  • A. Client certificates.
  • B. Service Accounts.
  • C. Integrating with OIDC (OpenID Connect).
  • D. Static Bearer Token.
Answer

Correct answer: C


Which of the following Kubernetes components is responsible for making authorization decisions?

  • A. API Server
  • B. Scheduler
  • C. Controller Manager
  • D. Kubelet
Answer

Correct answer: A


In Kubernetes, which of these is a role-based access control (RBAC) component?

  • A. ClusterRole
  • B. PodSecurityPolicy
  • C. ServiceAccount
  • D. Namespace
Answer

Correct answer: A


What is the primary purpose of Kubernetes Secrets?

  • A. To store sensitive information such as passwords, tokens, and keys.
  • B. To monitor the health of Kubernetes nodes.
  • C. To provide high availability for pods.
  • D. To configure network policies for namespaces.
Answer

Correct answer: A


How can Kubernetes Secrets enhance security compared to storing sensitive data directly in environment variables?

  • A. They offer encryption at rest.
  • B. They provide automatic backup of sensitive data.
  • C. They allow granular access controls to sensitive information.
  • D. They integrate with third-party identity providers.
Answer

Correct answer: A, C


Which Kubernetes feature can be used to limit the scope and traffic within certain namespaces to enhance isolation?

  • A. Network Policies
  • B. ConfigMaps
  • C. Persistent Volumes
  • D. Node Selectors
Answer

Correct answer: A


What is the primary benefit of using Kubernetes namespaces for isolation and segmentation in a cluster?

  • A. They provide high availability for applications.
  • B. They allow you to create new API objects.
  • C. They enable resource and access constraints within a cluster.
  • D. They speed up pod deployment.
Answer

Correct answer: C


Which Kubernetes component is primarily responsible for storing audit logs?

  • A. kube-scheduler
  • B. etcd
  • C. kube-apiserver
  • D. kube-controller-manager
Answer

Correct answer: C


What is the main purpose of Kubernetes audit logs?

  • A. To monitor network traffic
  • B. To track changes in resource usage over time
  • C. To maintain a record of the sequence of activities affecting the cluster
  • D. To store application logs for debugging
Answer

Correct answer: C


Which Kubernetes feature allows you to set policies for logging and monitoring cluster events?

  • A. Role-Based Access Control (RBAC)
  • B. Pod Security Standards
  • C. Audit Policies
  • D. Service Accounts
Answer

Correct answer: C


What is the recommended way to protect sensitive data in Kubernetes logs?

  • A. Enable read-only logging mode.
  • B. Use log redaction to filter sensitive information.
  • C. Store logs in local pod storage.
  • D. Encrypt all logs with public keys.
Answer

Correct answer: B


Which of the following is a key security benefit of implementing Kubernetes network policies?

  • A. Automated container image scanning.
  • B. Restricting traffic between pods based on rules.
  • C. Scaling the cluster automatically.
  • D. Enabling root access for all containers.
Answer

Correct answer: B


What is the primary purpose of implementing Role-Based Access Control (RBAC) in Kubernetes?

  • A. To define quotas for namespaces.
  • B. To grant permissions to users and applications.
  • C. To optimize pod scheduling decisions.
  • D. To manage pod restart policies.
Answer

Correct answer: B


Which Kubernetes resource is used to define permissions in RBAC?

  • A. Namespace
  • B. Role and ClusterRole
  • C. Secret
  • D. PodSecurityPolicy
Answer

Correct answer: B


Which of the following is an effective way to reduce security risks in a Kubernetes environment?

  • A. Running all containers as root.
  • B. Using namespaces for workload isolation.
  • C. Disabling network encryption.
  • D. Allowing unrestricted access to API endpoints.
Answer

Correct answer: B


How can you ensure that only authorized users access the Kubernetes API server?

  • A. Enable Pod Security Standards.
  • B. Use Role-Based Access Control (RBAC).
  • C. Store credentials in a ConfigMap.
  • D. Enable anonymous access to API endpoints.
Answer

Correct answer: B


What is the primary advantage of encrypting etcd data in Kubernetes?

  • A. Faster node scaling.
  • B. Reduced latency for API server requests.
  • C. Protection of sensitive cluster configuration data.
  • D. Easier integration with third-party tools.
Answer

Correct answer: C


Which Kubernetes feature allows you to encrypt Secrets and other sensitive data at rest?

  • A. Network Policies
  • B. Encryption Configuration
  • C. Persistent Volumes
  • D. PodSecurityPolicy
Answer

Correct answer: B


Which of the following contributes to Kubernetes compliance with security best practices?

  • A. Regularly updating cluster components.
  • B. Allowing privileged containers in all namespaces.
  • C. Storing sensitive data directly in environment variables.
  • D. Using the default namespace for all workloads.
Answer

Correct answer: A


What is a PodSecurityPolicy used for in Kubernetes?

  • A. To manage storage classes for pods.
  • B. To define constraints for pod creation and deployment.
  • C. To enable automatic scaling for pods.
  • D. To monitor the health of Kubernetes nodes.
Answer

Correct answer: B


Which Kubernetes feature can be used to restrict access to a specific namespace?

  • A. Network Policies
  • B. RoleBinding
  • C. PodSecurityPolicy
  • D. ConfigMaps
Answer

Correct answer: B


What is the purpose of Kubernetes Admission Controllers?

  • A. To facilitate pod communication.
  • B. To enforce cluster-wide resource quotas.
  • C. To intercept and modify requests to the Kubernetes API server.
  • D. To restart failed nodes.
Answer

Correct answer: C


How can you minimize security risks when using container images in Kubernetes?

  • A. Use a public image registry for all workloads.
  • B. Verify image signatures and scan for vulnerabilities.
  • C. Allow any user to pull images from the cluster.
  • D. Use the latest image tag without verification.
Answer

Correct answer: B


Which of the following is a recommended practice for managing Kubernetes Secrets?

  • A. Store Secrets in plaintext YAML files.
  • B. Use EncryptionConfiguration to encrypt Secrets at rest.
  • C. Allow unrestricted access to all Secrets.
  • D. Share Secrets between multiple namespaces without restrictions.
Answer

Correct answer: B


What is a key benefit of enabling Kubernetes audit logging?

  • A. Reduced resource usage by the API server.
  • B. Real-time monitoring of pod performance.
  • C. Comprehensive record of cluster activity for compliance and debugging.
  • D. Improved scalability for cluster nodes.
Answer

Correct answer: C


Which Kubernetes feature allows you to restrict the IP ranges that can access the cluster's API server?

  • A. Network Policies
  • B. Role-Based Access Control (RBAC)
  • C. API Server IP Whitelisting
  • D. Admission Controllers
Answer

Correct answer: C


What is the primary purpose of Kubernetes ConfigMaps?

  • A. To store sensitive data like passwords and tokens.
  • B. To provide a way to configure application settings without hardcoding them into container images.
  • C. To manage network policies between pods.
  • D. To schedule pods across multiple nodes.
Answer

Correct answer: B


How can you ensure the integrity of Kubernetes workloads when deploying container images?

  • A. Use a trusted container registry.
  • B. Disable image signature verification.
  • C. Store images locally without updates.
  • D. Use deprecated image versions for compatibility.
Answer

Correct answer: A


Which component in Kubernetes is responsible for maintaining desired state through controllers?

  • A. Kubelet
  • B. Controller Manager
  • C. Kube-Proxy
  • D. Scheduler
Answer

Correct answer: B


What is the purpose of Kubernetes PersistentVolumes (PVs)?

  • A. To provide storage for logs generated by pods.
  • B. To abstract the underlying storage and provide a way for pods to use it.
  • C. To store pod configurations for scaling purposes.
  • D. To replicate data across multiple nodes.
Answer

Correct answer: B


How does Kubernetes ensure a pod's DNS resolution within the cluster?

  • A. By using Network Policies.
  • B. Through kube-dns or CoreDNS services.
  • C. By configuring PodSecurityPolicies.
  • D. By using ConfigMaps for IP mapping.
Answer

Correct answer: B


Which feature of Kubernetes allows you to perform rolling updates on deployments?

  • A. StatefulSet
  • B. ReplicaSet
  • C. Deployment
  • D. Job
Answer

Correct answer: C


What is the primary use of Kubernetes StatefulSets?

  • A. To schedule stateless applications.
  • B. To manage applications that require stable network identities and persistent storage.
  • C. To replicate stateless pods across nodes.
  • D. To handle batch jobs efficiently.
Answer

Correct answer: B


Which of the following describes Kubernetes Horizontal Pod Autoscaler (HPA)?

  • A. It adjusts the number of replicas based on CPU or memory usage metrics.
  • B. It manages vertical scaling of nodes.
  • C. It scales cluster resources based on user-defined policies.
  • D. It automatically provisions PersistentVolumes for pods.
Answer

Correct answer: A


What does Kubernetes Cluster Autoscaler do?

  • A. It automatically scales the number of nodes in the cluster based on pending pods.
  • B. It adjusts CPU and memory requests for running pods.
  • C. It scales the number of replicas in a Deployment.
  • D. It manages storage volumes for applications.
Answer

Correct answer: A


Which of the following Kubernetes resource types is used to schedule batch jobs?

  • A. DaemonSet
  • B. CronJob
  • C. StatefulSet
  • D. Deployment
Answer

Correct answer: B


What is the role of a Kubernetes DaemonSet?

  • A. To schedule pods on every node in the cluster.
  • B. To manage the lifecycle of persistent storage.
  • C. To ensure rolling updates for stateless applications.
  • D. To provide high availability for the API server.
Answer

Correct answer: A


Which Kubernetes object is responsible for grouping pods to provide network access to them?

  • A. ConfigMap
  • B. Ingress
  • C. Service
  • D. PersistentVolumeClaim
Answer

Correct answer: C


What is the main purpose of Kubernetes Ingress?

  • A. To provide persistent storage for pods.
  • B. To expose HTTP and HTTPS routes to services within the cluster.
  • C. To manage the deployment of pods on specific nodes.
  • D. To restrict network access between namespaces.
Answer

Correct answer: B


How does Kubernetes manage traffic routing to services?

  • A. By using kube-scheduler to distribute traffic.
  • B. Through kube-proxy, which updates iptables or IPVS rules.
  • C. By leveraging PodSecurityPolicies for access control.
  • D. By configuring ConfigMaps for routing policies.
Answer

Correct answer: B


What is the purpose of Kubernetes Labels?

  • A. To control the scheduling of pods on specific nodes.
  • B. To identify and organize Kubernetes objects.
  • C. To provide external access to pods and services.
  • D. To manage storage allocation for applications.
Answer

Correct answer: B


Which Kubernetes resource allows you to select objects based on their Labels?

  • A. Annotations
  • B. ConfigMaps
  • C. Selectors
  • D. Secrets
Answer

Correct answer: C


What is the primary difference between Labels and Annotations in Kubernetes?

  • A. Labels are used for identifying objects, while Annotations provide metadata that is not used for identification.
  • B. Labels store sensitive information, while Annotations do not.
  • C. Labels control pod scheduling, while Annotations manage storage volumes.
  • D. Labels are for external access, while Annotations are for network policies.
Answer

Correct answer: A


How can Kubernetes Taints and Tolerations be used effectively?

  • A. To ensure specific pods run only on certain nodes.
  • B. To enable automatic scaling of pods.
  • C. To manage persistent storage claims.
  • D. To control API server access.
Answer

Correct answer: A


How can Kubernetes node affinity be used to control pod placement?

  • A. By using labels and selectors to schedule pods on specific nodes.
  • B. By applying taints and tolerations to nodes and pods.
  • C. By configuring the kube-proxy to restrict pod placements.
  • D. By using pod annotations to override node restrictions.
Answer

Correct answer: A


What is the main purpose of Kubernetes Resource Quotas?

  • A. To define the number of nodes in a cluster.
  • B. To limit the number of resources a namespace can consume.
  • C. To enforce network access policies between pods.
  • D. To scale workloads based on resource availability.
Answer

Correct answer: B


Which Kubernetes feature allows automatic scaling of pod replicas based on CPU or memory usage?

  • A. Vertical Pod Autoscaler
  • B. Cluster Autoscaler
  • C. Horizontal Pod Autoscaler
  • D. Taints and Tolerations
Answer

Correct answer: C


How does Kubernetes PersistentVolumeClaims (PVCs) interact with PersistentVolumes (PVs)?

  • A. PVCs are automatically created when pods request storage.
  • B. PVCs dynamically provision PVs without user intervention.
  • C. PVCs bind to PVs to enable pods to use the requested storage.
  • D. PVCs replace PVs when scaling storage.
Answer

Correct answer: C


Which Kubernetes object is used to define network policies for controlling traffic between pods?

  • A. RoleBinding
  • B. ConfigMap
  • C. NetworkPolicy
  • D. ServiceAccount
Answer

Correct answer: C


What is the primary benefit of Kubernetes Namespaces?

  • A. To provide high availability for critical applications.
  • B. To isolate resources and manage multi-tenant environments.
  • C. To enforce logging policies for pods.
  • D. To allow unrestricted access to cluster-wide resources.
Answer

Correct answer: B


How do Kubernetes StatefulSets differ from Deployments?

  • A. StatefulSets are used for stateless applications, while Deployments are for stateful ones.
  • B. StatefulSets provide stable network identities and persistent storage, while Deployments do not.
  • C. Deployments guarantee unique pod names, while StatefulSets do not.
  • D. StatefulSets support rolling updates, while Deployments do not.
Answer

Correct answer: B


Which Kubernetes feature ensures that a specific pod runs on every node in the cluster?

  • A. ReplicaSet
  • B. DaemonSet
  • C. CronJob
  • D. StatefulSet
Answer

Correct answer: B


What is the role of the Kubernetes Service object?

  • A. To scale applications dynamically based on resource usage.
  • B. To expose pods to external networks or other internal services.
  • C. To manage configuration files for applications.
  • D. To provide logging capabilities for workloads.
Answer

Correct answer: B


Which Kubernetes resource is used to schedule periodic jobs?

  • A. StatefulSet
  • B. DaemonSet
  • C. CronJob
  • D. ReplicaSet
Answer

Correct answer: C


How can you enforce resource limits on pods in Kubernetes?

  • A. By using a ResourceQuota in a namespace.
  • B. By applying NodeSelectors to pods.
  • C. By configuring Taints and Tolerations.
  • D. By defining pod annotations.
Answer

Correct answer: A


What is the main function of Kubernetes ConfigMaps?

  • A. To manage sensitive data like passwords and tokens.
  • B. To store and manage configuration data for applications.
  • C. To ensure pod isolation within namespaces.
  • D. To monitor node health and availability.
Answer

Correct answer: B


Which Kubernetes feature allows you to implement fine-grained access control to cluster resources?

  • A. PodSecurityPolicies
  • B. Role-Based Access Control (RBAC)
  • C. Horizontal Pod Autoscaler
  • D. ReplicaSet
Answer

Correct answer: B


How does Kubernetes ensure container isolation within a pod?

  • A. By using Network Policies.
  • B. By sharing the same IP address across all containers in a pod.
  • C. By using namespaces and cgroups at the OS level.
  • D. By encrypting all pod traffic.
Answer

Correct answer: C


What is the purpose of Kubernetes Admission Controllers?

  • A. To authenticate users and applications.
  • B. To enforce policies on API requests before they are processed.
  • C. To manage pod scheduling and placement.
  • D. To provide persistent storage for workloads.
Answer

Correct answer: B