Reddit

Your teammate has deployed a microservice named myapp1 to a Kubernetes cluster using a YAML specification. Part of the YAML is shown below:

apiVersion: apps/v1
spec:
  containers:
  - name: main-container
    image: noonclub.io/company-repo/myapp1:1.7
    env:
    - name: DB_PASSWORD
      value: "tough0password1"
    ports:
    - containerPort: 8080

apiVersion: apps/v1
spec:
  containers:
  - name: main-container
    image: noonclub.io/company-repo/myapp1:1.7
    env:
    - name: DB_PASSWORD
      value: "tough0password1"
    ports:
    - containerPort: 8080

Upon review, you noticed the database password is stored in plain text within the YAML file. What security best practice should you recommend to your teammate?_

Real Exam

Store the database password inside the Docker image of the container, not in the YAML file.

0.0%

Store the database password inside a Kubernetes Secret object.
Update the YAML file to reference the DB_PASSWORD environment variable from the Secret._

83.3%

Store the database password inside a ConfigMap object.
Update the YAML file to reference the DB_PASSWORD environment variable from the ConfigMap._

0.0%

Store the database password in a file within a Kubernetes persistent volume and use a persistent volume claim to mount the volume to the container.

16.7%

Google Associate Cloud Engineer

Comments

Get started today