ITGSS Certified DevOps Engineer Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Boost your DevOps skills with the ITGSS Certified DevOps Engineer Test. Use flashcards and multiple choice questions with hints and explanations. Be exam-ready!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which of the following is NOT a method of restricting process capabilities in Kubernetes?

  1. SELinux

  2. AppArmor

  3. Role-Based Access Control

  4. Seccomp

The correct answer is: Role-Based Access Control

Role-Based Access Control (RBAC) is primarily used for managing permissions and access control within Kubernetes, rather than restricting the capabilities of individual processes running in a container. It provides a way to define who can perform what actions at the API level, such as creating, deleting, or modifying resources within a Kubernetes cluster. In contrast, SELinux, AppArmor, and Seccomp are all specifically designed to restrict what processes can do at the system level. - SELinux (Security-Enhanced Linux) applies mandatory access control (MAC) policies to limit how processes interact with each other and with the system's resources. - AppArmor provides a similar form of security by allowing administrators to specify that an application can only access a specific set of resources. - Seccomp (Secure Computing Mode) offers a mechanism to restrict the system calls that a containerized application can make, thereby limiting its capabilities and enhancing security. Together, these methods serve to enforce stricter security policies on individual processes within containers, while RBAC focuses on the broader governance of user permissions and roles within the Kubernetes infrastructure.

More Questions Like This