Linux Foundation Certified Cloud Native Platform Engineering Associate CNPA Question # 24 Topic 3 Discussion
CNPA Exam Topic 3 Question 24 Discussion:
Question #: 24
Topic #: 3
A cloud native application needs to establish secure communication between its microservices. Which mechanism is essential for implementing security in service-to-service communications?
Mutual TLS (mTLS) is the core mechanism for securing service-to-service communication in cloud native environments. Option B is correct because mTLS provides encryption in transit and mutual authentication, ensuring both the client and server verify each other’s identity. This prevents unauthorized access, man-in-the-middle attacks, and data leakage.
Option A (API Gateway) manages ingress traffic from external clients but does not secure internal service-to-service communication. Option C (Service Mesh) is a broader infrastructure layer (e.g., Istio, Linkerd) that implements mTLS, but mTLS itself is the mechanism that enforces secure communications. Option D (Load Balancer) distributes traffic but does not handle encryption or authentication.
mTLS is foundational to zero-trust networking inside Kubernetes clusters. Service meshes typically provide automated certificate management and policy enforcement, ensuring seamless adoption of mTLS without requiring developers to modify application code.
[References:— CNCF Service Mesh Whitepaper— CNCF Platforms Whitepaper— Cloud Native Platform Engineering Study Guide, ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit