CKAD Application Environment, Configuration and Security • Complete Question Bank
Complete CKAD Application Environment, Configuration and Security question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit.
```
apiVersion: v1
kind: Pod
metadata:
name: secured-pod
spec:
containers:
- name: app
image: nginx
securityContext:
runAsUser: 1000
runAsGroup: 2000
capabilities:
add: ["NET_ADMIN"]
drop: ["ALL"]
securityContext:
runAsNonRoot: true
```You are a Kubernetes administrator responsible for a production cluster. A development team has deployed a Pod named 'app-pod' that runs a container with a PostgreSQL database. The team reports that the Pod is failing to start with an error: 'Error: container has runAsNonRoot and image will run as root (runtime error)'. The Pod YAML is as follows:
```yaml apiVersion: v1 kind: Pod metadata: name: app-pod spec: containers: - name: db image: postgres:latest securityContext: runAsNonRoot: true ```
The team wants to ensure the container runs securely without running as root. What is the BEST course of action?
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Virtual cluster for resource isolation
Runs one pod per node for system services
Runs a pod to completion; for batch processing
Automatically scales pods based on CPU/memory
Controls traffic flow between pods
Drag a concept onto its matching description — or click a concept then click the description.
Runs a command inside the container; success if exit 0
Performs an HTTP GET request; success if 2xx-3xx
Attempts to open a TCP socket; success if connection established
Performs a gRPC health check (alpha)
Indicates whether the application has started successfully
A developer creates a pod with the following YAML snippet:
securityContext: runAsUser: 1000 runAsGroup: 3000 fsGroup: 2000
The pod mounts an emptyDir volume. What is the owner and group of the mounted directory inside the container?
A pod with the following security context is in CrashLoopBackOff. The container image runs as user 1000.
securityContext: runAsUser: 2000 runAsGroup: 3000 fsGroup: 4000
What is the most likely cause?