ITGSS Certified DevOps Engineer Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the ITGSS Certified DevOps Engineer Test. Review with flashcards and multiple-choice questions, each featuring hints and explanations. Achieve exam success with our tools!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What must be ensured about secrets in Kubernetes to prevent security issues?

They should be made public
They should only be shared with other pods
They should not be passed as environment variables
They should be stored in the same location as images

The correct answer is: They should not be passed as environment variables

Ensuring that secrets in Kubernetes are not passed as environment variables is crucial to preventing security issues. When secrets are passed as environment variables, they can inadvertently be exposed in application logs, process lists, or through misconfigured access controls. Unauthorized individuals or services might gain visibility into sensitive information, increasing the risk of data breaches. Using Kubernetes' native secrets management capabilities, administrators can store sensitive data securely and limit access. Access policies can be defined through role-based access control (RBAC), ensuring that only authorized entities can access the secrets. Moreover, utilizing volume mounts for secrets allows applications to access sensitive information without exposing it in the environment variables, thereby promoting better security practices. In contrast, making secrets public would directly contradict security principles, sharing them solely with other pods might not adequately address the potential exposure in logs, and storing secrets in the same location as container images could lead to unintentional access through image vulnerabilities.