Linux Foundation Certified Cloud Native Platform Engineering Associate CNPA Question # 9 Topic 1 Discussion
CNPA Exam Topic 1 Question 9 Discussion:
Question #: 9
Topic #: 1
A company is implementing a service mesh for secure service-to-service communication in their cloud native environment. What is the primary benefit of using mutual TLS (mTLS) within this context?
A.
Allows services to authenticate each other and secure data in transit.
B.
Allows services to bypass security checks for better performance.
C.
Enables logging of all service communications for audit purposes.
D.
Simplifies the deployment of microservices by automatically scaling them.
Mutual TLS (mTLS) is a core feature of service meshes, such as Istio or Linkerd, that enhances security in cloud native environments by ensuring that both communicating services authenticate each other and that the communication channel is encrypted. Option A is correct because mTLS delivers two critical benefits: authentication (verifying the identity of both client and server services) and encryption (protecting data in transit from interception or tampering).
Option B is incorrect because mTLS does not bypass security—it enforces it. Option C is partly true in that service meshes often support observability and logging, but that is not the primary purpose of mTLS. Option D relates to scaling, which is outside the scope of mTLS.
In platform engineering, mTLS is a fundamental security mechanism that provides zero-trust networking between microservices, ensuring secure communication without requiring application-level changes. It strengthens compliance with security and data protection requirements, which are crucial in regulated industries.
[References:— CNCF Service Mesh Whitepaper— CNCF Platforms Whitepaper— Cloud Native Platform Engineering Study Guide, , ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit