CCCS-203B · Question #194
CCCS-203B Question #194: Real Exam Question with Answer & Explanation
The correct answer is C. Integrate CrowdStrike's container runtime protection to monitor container activity. Option A: Admission controllers are effective at preventing unauthorized deployments at the admission stage but do not monitor runtime behavior. They cannot detect rogue containers that bypass admission controls or identify configuration drift after deployment. Option B: Kubernet
Question
Options
- AEnable admission controllers to prevent unauthorized deployments
- BUse default Kubernetes logging mechanisms to detect all runtime anomalies
- CIntegrate CrowdStrike's container runtime protection to monitor container activity
- DDeploy static rules to enforce container security policies
Explanation
Option A: Admission controllers are effective at preventing unauthorized deployments at the admission stage but do not monitor runtime behavior. They cannot detect rogue containers that bypass admission controls or identify configuration drift after deployment. Option B: Kubernetes logging mechanisms provide a baseline for auditing but lack the specificity and advanced threat detection capabilities needed to identify rogue containers and configuration drift effectively. Option C: CrowdStrike's container runtime protection provides real-time monitoring of container activity, detecting rogue containers and runtime configuration drift. This approach uses behavioral analysis and IOA detection to identify threats that static policies cannot handle. Option D: Static rules enforce predefined security configurations but are inflexible in identifying runtime anomalies or dynamic threats. They do not adapt to changes in the runtime environment and can miss rogue containers or configuration drift.
Community Discussion
No community discussion yet for this question.