Free Linux Foundation KCSA Exam Questions

Question 1

What does the 'cluster-admin' ClusterRole enable when used in a RoleBinding?

A : It gives full control over every resource in the role binding's namespace, not including the namespace object for isolation purposes.

B : It gives full control over every resource in the cluster and in all namespaces.

C : It gives full control over every resource in the role binding's namespace, including the namespace itself.

D : It allows read/write access to most resources in the role binding's namespace. This role does not allow write access to resource quota, to the namespace itself, and to EndpointSlices (or Endpoints).

Answer: B

Question 2

Why is pod isolation crucial in a multi-tenant Kubernetes environment?

A : To optimize the load balancing of network traffic among different tenants

B : To manage the allocation of storage resources to different tenant namespaces

C : To prevent a compromised or malicious pod in one tenant environment from affecting others

D : To ensure uniform resource utilization across different tenant environments

Answer: C

Question 3

What does the 'cluster-admin' ClusterRole enable when used in a RoleBinding?

A : It gives full control over every resource in the role binding's namespace, not including the namespace object for isolation purposes.

B : It gives full control over every resource in the cluster and in all namespaces.

C : It gives full control over every resource in the role binding's namespace, including the namespace itself.

D : It allows read/write access to most resources in the role binding's namespace. This role does not allow write access to resource quota, to the namespace itself, and to EndpointSlices (or Endpoints).

Answer: B

Question 4

Why is it important to enable and configure Kubelet client certificate rotation in a Kubernetes cluster?

A : To improve the performance efficiency of the Kubelet

B : To ensure efficient resource allocation by the Kubelet

C : To facilitate smoother upgrades of Kubelet software

D : To enhance security through regular updating of authentication credentials

Answer: D

Question 5

Given a standard Kubernetes cluster architecture comprising a single control plane node (hosting both etcd and the control plane as Pods) and three worker nodes, which of the following data flows crosses a trust boundary?

A : From kubelet to Container Runtime

B : From kubelet to API Server

C : From kubelet to Controller Manager

D : From API Server to Container Runtime

Answer: B