CCCS-203B · Question #134
CCCS-203B Question #134: Real Exam Question with Answer & Explanation
The correct answer is A. The sensor is blocked by Kubernetes network policies; verify the namespace and allow necessary. Option A: Kubernetes NetworkPolicies restrict outbound network traffic by default in some environments. If the namespace where the sensor runs has a restrictive policy, it could block egress traffic to the CrowdStrike Cloud, preventing event transmission. Option B: While some sec
Question
Options
- AThe sensor is blocked by Kubernetes network policies; verify the namespace and allow necessary
- BThe sensor DaemonSet is not using a privileged security context; restart with the --privileged flag
- CThe container runtime (e.g., containerd or CRI-O) is misconfigured; reinstall Kubernetes to ensure
- DThe sensor lacks permissions to access container runtime data; check the Kubernetes RBAC
Explanation
Option A: Kubernetes NetworkPolicies restrict outbound network traffic by default in some environments. If the namespace where the sensor runs has a restrictive policy, it could block egress traffic to the CrowdStrike Cloud, preventing event transmission. Option B: While some security sensors may require privileged access, the issue described involves network connectivity, not container runtime access. Lack of privileges would cause failure in collecting logs rather than blocking outbound traffic. Option C: Reinstalling Kubernetes is a drastic and unnecessary step. If the container runtime were misconfigured, containers might fail to start, but the problem described is event transmission failure, not container runtime issues. Option D: RBAC misconfigurations could cause issues in accessing Kubernetes API resources, but they would not typically prevent event transmission to an external service.
Community Discussion
No community discussion yet for this question.