CKS Supply Chain Security • Complete Question Bank
Complete CKS Supply Chain Security question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit.
apiVersion: cosigned.sigstore.dev/v1beta1
kind: ClusterImagePolicy
metadata:
name: image-policy
spec:
images:
- glob: registry.example.com/*
authorities:
- keyless:
identities:
- issuer: https://accounts.example.com
subject: https://github.com/example/actions/.github/workflows/release.yml@refs/heads/mainDrag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Enables RBAC authorization
Comma-separated list of admission controllers to enable
Disables anonymous requests to the API server
Path to a CA file for verifying kubelet certificates
File containing PEM-encoded x509 RSA or ECDSA private or public keys for service account token signing
An administrator applies the following Kyverno policy to the cluster. What is the effect of this policy?
apiVersion: kyverno.io/v1 kind: ClusterPolicy metadata: name: require-non-root spec: validationFailureAction: enforce rules: - name: check-runAsNonRoot match: resources: kinds: - Pod validate: message: "Running as root is not allowed." pattern: spec: securityContext: runAsNonRoot: true