Bird
0
0

Given this PeerAuthentication config:

medium📝 Predict Output Q4 of 15
Kubernetes - Service Mesh
Given this PeerAuthentication config:
apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
  name: default
spec:
  mtls:
    mode: STRICT

What happens if a service tries to connect without mTLS?
AConnection is allowed without encryption
BConnection is rejected
CConnection is redirected to HTTP
DConnection is logged but allowed
Step-by-Step Solution
Solution:

  1. Step 1: Understand STRICT mTLS behavior

    STRICT mode requires encrypted and authenticated connections only.

  2. Step 2: Analyze connection without mTLS

    Without mTLS, connection does not meet policy and is rejected.

  3. Final Answer:

    Connection is rejected -> Option B

  4. Quick Check:

    STRICT mTLS rejects non-mTLS connections [OK]
Quick Trick: STRICT mode blocks non-mTLS traffic [OK]
Common Mistakes:
  • Assuming fallback to plain HTTP
  • Thinking connection is allowed but logged
  • Believing connection is redirected

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Kubernetes Quizzes
Advanced Deployment Patterns - Why advanced patterns matter - Quiz 10hard Advanced Deployment Patterns - FluxCD for continuous delivery - Quiz 7medium Monitoring and Logging - Kubernetes dashboard - Quiz 3easy Monitoring and Logging - Centralized logging (EFK stack) - Quiz 6medium Production Best Practices - etcd backup and recovery - Quiz 8hard RBAC and Security - Roles and ClusterRoles - Quiz 13medium RBAC and Security - Service accounts - Quiz 10hard Troubleshooting - OOMKilled containers - Quiz 4medium Troubleshooting - Why troubleshooting skills are critical - Quiz 5medium Troubleshooting - Pod in CrashLoopBackOff - Quiz 7medium