U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Linux Foundation CKS Exam - Topic 1 Question 16 Discussion

Use the kubesec docker images to scan the given YAML manifest, edit and apply the advised changes, and passed with a score of 4 points.kubesec-test.yamlapiVersion: v1kind: Podmetadata:name: kubesec-demospec:containers:- name: kubesec-demoimage: gcr.io/google-samples/node-hello:1.0securityContext:readOnlyRootFilesystem: true
A) Hint:docker run -i kubesec/kubesec:512c5e0 scan /dev/stdin < kubesec-test.yaml

Linux Foundation CKS Exam - Topic 1 Question 16 Discussion

Actual exam question for Linux Foundation's CKS exam
Question #: 16
Topic #: 1
[All CKS Questions]

Use the kubesec docker images to scan the given YAML manifest, edit and apply the advised changes, and passed with a score of 4 points.

kubesec-test.yaml

apiVersion: v1

kind: Pod

metadata:

name: kubesec-demo

spec:

containers:

- name: kubesec-demo

image: gcr.io/google-samples/node-hello:1.0

securityContext:

readOnlyRootFilesystem: true

Show Suggested Answer Hide Answer
Suggested Answer: A

by Alishia at May 08, 2022, 04:19 PM

Limited Time Offer

25%

Off

Get Premium CKS Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Wilda
8 months ago
Surprised it scored so high with just that change!
upvoted 0 times
...
Raylene
8 months ago
Totally agree with the changes suggested by kubesec!
upvoted 0 times
...
Rose
8 months ago
Wait, you can use readOnlyRootFilesystem? I thought that was risky!
upvoted 0 times
...
Ilona
8 months ago
Nice! I got a 3, need to tweak my YAML.
upvoted 0 times
...
Pedro
8 months ago
Just ran the scan, got a score of 4!
upvoted 0 times
...
Elza
8 months ago
I feel like I should definitely set `readOnlyRootFilesystem` to true, but I wonder if there are other security settings we might need to adjust as well.
upvoted 0 times
...
Val
8 months ago
The hint about using `docker run` is helpful, but I’m a bit confused about how to interpret the scan results correctly.
upvoted 0 times
...
Clarence
8 months ago
I think I’ve seen a similar question in our mock exams, but I can’t recall all the specific security settings we need to apply.
upvoted 0 times
...
Huey
8 months ago
I remember we practiced using kubesec to scan YAML files, but I’m not sure if I set the right security context last time.
upvoted 0 times
...
Rodolfo
9 months ago
Okay, I've got a good handle on the capabilities and limitations of Platform Events. I'm confident I can select the three most relevant considerations for this scenario.
upvoted 0 times
...
Sunshine
9 months ago
Okay, let's think this through. The camera is recognized, but the data won't download. That points to a potential connectivity or compatibility issue. I'd start by checking the drivers and any other system configurations.
upvoted 0 times
...
Georgene
9 months ago
Okay, I've got a good handle on this. The key benefits are simplified disaster recovery, better performance, and common storage/replication with application data. I'll make sure to select those three options.
upvoted 0 times
...
Octavio
9 months ago
I'm leaning toward option D because it includes everything mentioned. It feels comprehensive, but I'm not 100% sure.
upvoted 0 times
...

Save Cancel