Correct Answer: C
The CrowdStrike Kubernetes Admission Controller is apre-runtime security controldesigned to enforce security policiesbefore workloads are allowed to runin a Kubernetes environment. Its primary purpose is to monitor and enforce security policies in any containerized environmentby intercepting Kubernetes API requests at admission time.
When a deployment, pod, or container is submitted to the Kubernetes API server, the Admission Controller evaluates the request against Falcon Cloud Security policies. These policies can include rules related to image risk posture, vulnerabilities, malware presence, secrets, or compliance violations. If an image violates defined policies, the Admission Controller can block the deployment, preventing insecure or non-compliant workloads from entering the cluster.
This capability is critical for implementing ashift-left security model, ensuring that threats are stoppedbefore runtime, rather than detected after execution. While Falcon also provides runtime protection and visibility across managed Kubernetes platforms such as EKS and AKS, those capabilities are not the primary function of the Admission Controller itself.
The Admission Controller does not forward Kubernetes logs to SIEM platforms; instead, it acts as an enforcement gate. Therefore, the correct answer isMonitors and enforces security policies in any containerized environment.