Practice questions and flashcards for the CNCF Certified Kubernetes Security Specialist (CKS) exam. Covers cluster setup, hardening, microservice vulnerabilities, supply chain security, and runtime monitoring.
| Domain | Weight | Items | Coverage |
|---|---|---|---|
Supply Chain Security | 20% | 156 items | |
Cluster Hardening | 15% | 180 items | |
Minimize Microservice Vulnerabilities | 20% | 152 items | |
Cluster Setup | 10% | 135 items | |
Monitoring, Logging, and Runtime Security | 20% | 130 items | |
System Hardening | 15% | 59 items |
Invest in your career with this comprehensive study pack
Correct answer: A default deny all ingress policy with no podSelector to block all incoming traffic to all pods. This is one of 1003 practice questions in the CKS Certified Kubernetes Security Specialist (CKS) pack on ReadRoost.
The CKS Certified Kubernetes Security Specialist (CKS) study pack on ReadRoost includes 1003 practice questions and 420 flashcards, covering 6 exam domains including Supply Chain Security. Every question has a detailed explanation so you understand why each answer is right or wrong.
Yes. The CKS Certified Kubernetes Security Specialist (CKS) pack is mapped to the latest official exam objectives and is maintained by the ReadRoost team. You get flashcards with spaced repetition, timed practice exams, and AI-powered explanations.
CCA-F
540 questions ยท 300 flashcards
PMLE
2037 questions ยท 1009 flashcards
CNPE
549 questions ยท 327 flashcards
PDE
525 questions ยท 321 flashcards
You are setting up a Kubernetes cluster and need to implement network policies to restrict traffic between pods. Your requirement is to deny all ingress traffic by default and only allow specific pods to communicate. What is the first network policy you should create?