CKS · Question #37
CKS Question #37: Real Exam Question with Answer & Explanation
Sign in or unlock CKS to reveal the answer and full explanation for question #37. The question stem and answer options stay visible for context.
Question
Question: 32 SIMULATION You can switch the cluster/configuration context using the following command: `[desk@cli] $ kubectl config use-context test-account` Task: Enable audit logs in the cluster. To do so, enable the log backend, and ensure that: 1. logs are stored at /var/log/kubernetes/logs.txt 2. log files are retained for 5 days 3. at maximum, a number of 10 old audit log files are retained A basic policy is provided at /etc/kubernetes/logpolicy/audit-policy.yaml. It only specifies what not to log. Edit and extend the basic policy to log: 1. Nodes changes at RequestResponse level 2. The request body of persistentvolumes changes in the namespace frontend 3. ConfigMap and Secret changes in all namespaces at the Metadata level Also, add a catch-all rule to log all other requests at the Metadata level Note: Don't forget to apply the modified policy.
Unlock CKS to see the answer
You've previewed enough free CKS questions. Unlock CKS for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.