Bird
0
0

You want to secure communication between microservices using Istio. Which Istio feature should you enable to encrypt traffic automatically?

hard📝 Best Practice Q15 of 15
Kubernetes - Service Mesh
You want to secure communication between microservices using Istio. Which Istio feature should you enable to encrypt traffic automatically?
AIstio Gateway for external traffic routing
BSidecar injection for logging only
CMutual TLS (mTLS) for service-to-service encryption
DPrometheus integration for monitoring
Step-by-Step Solution
Solution:

  1. Step 1: Identify Istio features for security

    Mutual TLS (mTLS) encrypts traffic between services automatically within the mesh.

  2. Step 2: Differentiate other features

    Sidecar injection adds proxies but does not alone encrypt traffic; Gateways route external traffic; Prometheus is for monitoring.

  3. Final Answer:

    Mutual TLS (mTLS) for service-to-service encryption -> Option C

  4. Quick Check:

    mTLS = automatic encryption in Istio [OK]
Quick Trick: Use mTLS to encrypt service traffic automatically [OK]
Common Mistakes:
  • Confusing sidecar injection with encryption
  • Thinking Gateway secures internal traffic
  • Mixing monitoring tools with security features

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Kubernetes Quizzes
Advanced Deployment Patterns - A/B testing with Ingress - Quiz 2easy Helm Package Manager - Chart templates and values.yaml - Quiz 15hard Monitoring and Logging - Why cluster monitoring matters - Quiz 9hard Monitoring and Logging - Resource monitoring best practices - Quiz 4medium Production Best Practices - Cluster upgrade strategies - Quiz 1easy RBAC and Security - Image security scanning - Quiz 14medium Service Mesh - Traffic management with Istio - Quiz 15hard Service Mesh - Traffic management with Istio - Quiz 14medium Troubleshooting - Debugging service connectivity - Quiz 1easy Troubleshooting - Debugging with kubectl debug - Quiz 14medium