U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Linux Foundation CNPA Exam - Topic 6 Question 9 Discussion

A cloud native application needs to establish secure communication between its microservices. Which mechanism is essential for implementing security in service-to-service communications?
B) mTLS (Mutual TLS)
A) API Gateway
C) Service Mesh
D) Load Balancer

Linux Foundation CNPA Exam - Topic 6 Question 9 Discussion

Actual exam question for Linux Foundation's CNPA exam
Question #: 9
Topic #: 6
[All CNPA Questions]

A cloud native application needs to establish secure communication between its microservices. Which mechanism is essential for implementing security in service-to-service communications?

Show Suggested Answer Hide Answer
Suggested Answer: B

Mutual TLS (mTLS) is the core mechanism for securing service-to-service communication in cloud native environments. Option B is correct because mTLS provides encryption in transit and mutual authentication, ensuring both the client and server verify each other's identity. This prevents unauthorized access, man-in-the-middle attacks, and data leakage.

Option A (API Gateway) manages ingress traffic from external clients but does not secure internal service-to-service communication. Option C (Service Mesh) is a broader infrastructure layer (e.g., Istio, Linkerd) that implements mTLS, but mTLS itself is the mechanism that enforces secure communications. Option D (Load Balancer) distributes traffic but does not handle encryption or authentication.

mTLS is foundational to zero-trust networking inside Kubernetes clusters. Service meshes typically provide automated certificate management and policy enforcement, ensuring seamless adoption of mTLS without requiring developers to modify application code.


--- CNCF Service Mesh Whitepaper

--- CNCF Platforms Whitepaper

--- Cloud Native Platform Engineering Study Guide

by Janey at Jan 05, 2026, 05:16 AM

Limited Time Offer

25%

Off

Get Premium CNPA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Barrett
1 month ago
Load Balancer? No way, that's not for security. mTLS is definitely the right answer.
upvoted 0 times
...
Elvera
2 months ago
Service Mesh could work too, but mTLS is more direct for securing communications.
upvoted 0 times
...
Carri
2 months ago
I agree, mTLS is essential for service-to-service security. API Gateway alone isn't enough.
upvoted 0 times
...
Tamra
2 months ago
I think mTLS is the best choice. It's secure and ensures both ends are verified.
upvoted 0 times
...
Corazon
2 months ago
mTLS? Sounds complicated, are we sure it’s the best option?
upvoted 0 times
...
Jacquelyne
2 months ago
Service Mesh adds a lot of value, but mTLS is essential!
upvoted 0 times
...
Daren
3 months ago
Wait, isn't a Load Balancer also important for security?
upvoted 0 times
...
Maryrose
3 months ago
I thought API Gateway was enough for security?
upvoted 0 times
...
Jonelle
3 months ago
Definitely mTLS is the way to go for secure microservice communication.
upvoted 0 times
...
Sharmaine
3 months ago
Haha, I bet the load balancer won't secure my microservices. B is the one!
upvoted 0 times
...
Timothy
3 months ago
B) mTLS is the answer. Keeps those microservices safe and sound.
upvoted 0 times
...
Sheridan
4 months ago
I'd choose B. mTLS is the industry standard for microservices security.
upvoted 0 times
...
Reuben
4 months ago
Definitely B. mTLS is the security backbone for microservices.
upvoted 0 times
...
Annmarie
4 months ago
B) mTLS (Mutual TLS) is the way to go for secure service-to-service communication.
upvoted 0 times
...
Jesus
4 months ago
Load Balancer seems off for this question; I don't recall it being related to security in microservices.
upvoted 0 times
...
Kindra
5 months ago
Service Mesh sounds familiar, but I feel like mTLS is more specifically focused on securing the connections.
upvoted 0 times
...
Kiley
5 months ago
I remember studying about API Gateways, but I don't think they handle security between microservices directly.
upvoted 0 times
...
Erinn
5 months ago
I think mTLS is the right choice for secure service-to-service communication, but I'm not entirely sure how it compares to a service mesh.
upvoted 0 times
...
Aliza
5 months ago
B) mTLS is definitely the way to go here. It provides mutual authentication and encryption for the services, which is essential for a cloud native app.
upvoted 0 times
...
Viva
5 months ago
Okay, let me break this down. The key is establishing secure communication between the microservices. I think mTLS is the way to go, but I'll double-check the details.
upvoted 0 times
...
Lorrie
5 months ago
I'm a bit confused on this one. Is the service mesh option (C) also a valid choice? I'm not sure how that compares to mTLS.
upvoted 0 times
...
Mica
6 months ago
I'm pretty sure the answer is B) mTLS. That's the standard way to secure service-to-service communication, right?
upvoted 0 times
...
Jennie
6 months ago
Hmm, this seems like a tricky one. I'll need to think through the different options carefully.
upvoted 0 times
Nichelle
1 month ago
I think mTLS is the way to go for secure communication.
upvoted 0 times
...
...

Save Cancel