Bird
0
0

You want to ensure all Secrets are encrypted at rest and restrict access. Which two steps should you take?

hard📝 Workflow Q8 of 15
Kubernetes - Secrets
You want to ensure all Secrets are encrypted at rest and restrict access. Which two steps should you take?
AEnable encryption in API server and use RBAC to limit Secret access
BStore Secrets in ConfigMaps and enable encryption in etcd
CUse plain text Secrets and restrict access with network policies
DEnable encryption in kubelet and disable RBAC
Step-by-Step Solution
Solution:

  1. Step 1: Enable encryption in API server

    Configure API server with encryption config to encrypt Secrets in etcd.

  2. Step 2: Use RBAC to restrict access

    Role-Based Access Control limits who can view or modify Secrets.

  3. Final Answer:

    Enable encryption in API server and use RBAC to limit Secret access -> Option A

  4. Quick Check:

    Encryption + RBAC = secure Secrets [OK]
Quick Trick: Combine encryption and RBAC for best Secret security [OK]
Common Mistakes:
  • Using ConfigMaps for Secrets
  • Disabling RBAC weakens security
  • Relying on network policies alone

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Kubernetes Quizzes
ConfigMaps - Creating ConfigMaps from files - Quiz 8hard Health Checks and Probes - Liveness probe concept - Quiz 1easy Health Checks and Probes - HTTP probe configuration - Quiz 13medium Health Checks and Probes - Readiness probe concept - Quiz 6medium Ingress - Ingress controllers (Nginx, Traefik) - Quiz 9hard Networking - Pod-to-Pod communication - Quiz 1easy Resource Management - CPU requests and limits - Quiz 2easy Resource Management - Horizontal Pod Autoscaler - Quiz 6medium Resource Management - CPU requests and limits - Quiz 12easy Secrets - External secret management integration - Quiz 12easy