Valid CKS Dumps shared by ExamDiscuss.com for Helping Passing CKS Exam! ExamDiscuss.com now offer the newest CKS exam dumps, the ExamDiscuss.com CKS exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CKS dumps with Test Engine here:
SIMULATION Create a new NetworkPolicy named deny-all in the namespace testing which denies all traffic of type ingress and egress traffic
Correct Answer:
You can create a "default" isolation policy for a namespace by creating a NetworkPolicy that selects all pods but does not allow any ingress traffic to those pods. --- apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: default-deny-ingress spec: podSelector: {} policyTypes: - Ingress You can create a "default" egress isolation policy for a namespace by creating a NetworkPolicy that selects all pods but does not allow any egress traffic from those pods. --- apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: allow-all-egress spec: podSelector: {} egress: - {} policyTypes: - Egress Default deny all ingress and all egress traffic You can create a "default" policy for a namespace which prevents all ingress AND egress traffic by creating the following NetworkPolicy in that namespace. --- apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: default-deny-all spec: podSelector: {} policyTypes: - Ingress - Egress This ensures that even pods that aren't selected by any other NetworkPolicy will not be allowed ingress or egress traffic.
