Linux Foundation Certified Kubernetes Security Specialist (CKS) CKS Question # 9 Topic 1 Discussion

CKS Exam Topic 1 Question 9 Discussion:

Question #: 9

Topic #: 1

On the Cluster worker node, enforce the prepared AppArmor profile
#include

profile nginx-deny flags=(attach_disconnected) {
#include <abstractions/base>

file,

# Deny all file writes.
deny /** w,
}
EOF'
Edit the prepared manifest file to include the AppArmor profile.
apiVersion: v1
kind: Pod
metadata:
name: apparmor-pod
spec:
containers:
- name: apparmor-pod
image: nginx
Finally, apply the manifests files and create the Pod specified on it.
Verify: Try to make a file inside the directory which is restricted.

Get Premium CKS Questions

Actual exam question for Linux Foundation CKS exam by Dune99709 at Nov 11, 2025, 4:16:56 AM

Contribute your Thoughts:

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

New Year Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

Linux Foundation Certified Kubernetes Security Specialist (CKS) CKS Question # 9 Topic 1 Discussion

Linux Foundation Certified Kubernetes Security Specialist (CKS) CKS Question # 9 Topic 1 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

New Year Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

Linux Foundation Certified Kubernetes Security Specialist (CKS) CKS Question # 9 Topic 1 Discussion

Linux Foundation Certified Kubernetes Security Specialist (CKS) CKS Question # 9 Topic 1 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Awaiting moderator approval