During a security audit, you discover that a container running as root inside a pod has been compromised. The pod uses the default service account. Which two measures should you implement to harden the cluster? (Select TWO)
Select all that apply:
CNCF often tests the distinction between disabling token mounting at the service account level versu...