Valid KCSA Dumps shared by ExamDiscuss.com for Helping Passing KCSA Exam! ExamDiscuss.com now offer the newest KCSA exam dumps, the ExamDiscuss.com KCSA exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com KCSA dumps with Test Engine here:
Given a standard Kubernetes cluster architecture comprising a single control plane node (hosting bothetcdand the control plane as Pods) and three worker nodes, which of the following data flows crosses atrust boundary ?
Correct Answer: B
* Trust boundariesexist where data flows between different security domains. * In Kubernetes: * Communication between thekubelet (node agent)and theAPI Server (control plane)crosses the node-to-control-plane trust boundary. * (A) Kubelet to container runtime is local, no boundary crossing. * (C) Kubelet does not communicate directly with the controller manager. * (D) API server does not talk directly to the container runtime; it delegates to kubelet. * Therefore, (B) is the correct trust boundary crossing flow. References: CNCF Security Whitepaper - Kubernetes Threat Model: identifies node-to-control-plane communications (kubelet # API Server) as crossing trust boundaries. Kubernetes Documentation - Cluster Architecture
