New Year Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Discussions
  3. Linux Foundation
  4. Kubernetes Security Specialist
  5. CKS Discussions
  6. CKS Exam Topic 1 Question 3 Discussion

Linux Foundation Certified Kubernetes Security Specialist (CKS) CKS Question # 3 Topic 1 Discussion

 Linux Foundation Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Linux Foundation Certified Kubernetes Security Specialist (CKS) CKS Question # 3 Topic 1 Discussion

CKS Exam Topic 1 Question 3 Discussion:
Question #: 3
Topic #: 1

Create a PSP that will only allow the persistentvolumeclaim as the volume type in the namespace restricted.

Create a new PodSecurityPolicy named prevent-volume-policy which prevents the pods which is having different volumes mount apart from persistentvolumeclaim.

Create a new ServiceAccount named psp-sa in the namespace restricted.

Create a new ClusterRole named psp-role, which uses the newly created Pod Security Policy prevent-volume-policy

Create a new ClusterRoleBinding named psp-role-binding, which binds the created ClusterRole psp-role to the created SA psp-sa.

Hint:

Also, Check the Configuration is working or not by trying to Mount a Secret in the pod maifest, it should get failed.

POD Manifest:

    apiVersion: v1

    kind: Pod

    metadata:

    name:

    spec:

    containers:

    - name:

    image:

    volumeMounts:

    - name:

    mountPath:

    volumes:

    - name:

    secret:

    secretName:

Get Premium CKS Questions
Actual exam question for Linux Foundation CKS exam by Sage58437 at Nov 10, 2025, 7:25:07 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next