Linux Foundation Exam CKS Topic 1 Question 53 Discussion

Actual exam question for Linux Foundation's CKS exam

Question #: 53
Topic #: 1

[All CKS Questions]

Context

AppArmor is enabled on the cluster's worker node. An AppArmor profile is prepared, but not enforced yet.

Task

On the cluster's worker node, enforce the prepared AppArmor profile located at /etc/apparmor.d/nginx_apparmor.

Edit the prepared manifest file located at /home/candidate/KSSH00401/nginx-pod.yaml to apply the AppArmor profile.

Finally, apply the manifest file and create the Pod specified in it.

AExplanation:

Show Suggested Answer

Suggested Answer: A

by Mable at May 01, 2024, 03:58 PM

Limited Time Offer

25%

Off

Get Premium CKS Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Rosalia

2 days ago

I wonder if the AppArmor profile has a built-in sense of humor. Maybe it'll let me sneak in a few dad jokes.

upvoted 0 times

...

Brett

6 days ago

Oh snap, I almost forgot to enforce the profile! Good thing the question reminded me. Time to get this pod secured!

upvoted 0 times

...

Elouise

12 days ago

This is a nice way to apply security policies to our containers. I wonder if I can create my own custom profiles too.

upvoted 0 times

...

Edna

13 days ago

Exactly, it adds an extra layer of defense against potential attacks.

upvoted 0 times

...

Deangelo

14 days ago

I agree, it helps restrict the actions of the nginx process.

upvoted 0 times

...

Edna

15 days ago

I think enforcing the AppArmor profile is important for security.

upvoted 0 times

...

Helaine

15 days ago

Hmm, I wonder if the profile is actually working correctly. I'll have to test it out once the pod is running.

upvoted 0 times

...

Jill

17 days ago

Looks good, I'll just add the AppArmor profile to the manifest and create the pod. Easy peasy!

upvoted 0 times

...