KCNA Kubernetes Certified Network Administrator
#2
1. In the context of cloud native environments, which persona primarily focus- es on optimizing cloud costs and
financial management?: FinOps
2. In Kubernetes, which command is used to run another command within an existing container?: kubectl exec
3. Which of these technologies is incompatible with the Kubernetes Container Runtime Interface (CRI)?:
VirtualBox
4. What is true about Pod-to-Pod communication within the same node in Kubernetes?: Pods use direct, NAT-less
networking for communication on the same node
5. In Kubernetes, which two types of resources are used to expose appli- cations to external traffic,
including options like ClusterIP, NodePort, and LoadBalancer?: Services and Ingress
6. In Kubernetes, which object is most suitable for deploying stateless appli- cations?: Deployment
7. Which of these options is a Service Mesh implementation specifically de- signed for Kubernetes, known for
its simplicity and ease of use?: Linkerd
8. In Kubernetes, which feature is effective for managing costs by allowing for the categorisation and
organisation of resources?: Labels
9. What is the reference implementation of the Open Container Initiative (OCI) runtime specification?: runc
10.For how long is the Kubernetes API guaranteed to be backward compatible following a release?: 1 year
11.What layer of a software architecture is primarily targeted by OpenTracing and OpenTelemetry for
monitoring and observability?: Application
12.In Kubernetes, which component is primarily responsible for managing a Node?: Kubelet
13.In cloud computing, which approach is best suited for simultaneously managing security threats and
optimising costs by identifying unusual activ- ities?: Cloud Anomaly Detection
14.In a Kubernetes cluster, which component is responsible for routing traffic for services and managing IP
rules?: Kube-Proxy
15.What are the three pillars of observability in a software system?: Logs, Metrics, Traces
16.What is the primary function of the kubectl top command in Kubernetes?-
: To display the resource usage of pods and nodes in the cluster
17.What is the primary purpose of kube-state-metrics in a Kubernetes clus- ter?: To generate and expose
cluster state data
18.In telemetry, which entity is primarily used to record and analyse the path that a request takes through
various services in a distributed system?: Traces
, KCNA Kubernetes Certified Network Administrator
#2
19.In a Kubernetes cluster, which component runs on every node to manage the lifecycle of containers?:
Kubelet
20.Which kubectl command is used to view the logs of a terminated container in a multi-container pod in
Kubernetes?: kubectl logs [pod-name] -c [contain-
er-name] -p
21.Which open-source tool is specifically designed for assessing the security posture of Kubernetes clusters
according to NSA and CISA guidelines?: - KubeScape
22.In the context of etcd used in Kubernetes, what is the significance of the
1.5MB size limit for etcd?: It is the recommended maximum size for an individual value stored in etcd
23.In a cloud-native environment, which persona is typically responsible for managing Service Level
Agreements (SLAs), Service Level Indicators (SLIs), and Service Level Objectives (SLOs)?: Site Reliability
Engineer (SRE)
24.Which Kubernetes distribution, known for its minimal resource require- ments and ease of installation, is
particularly well-suited for IoT and edge computing environments?: k3s
25. When a Pod is created in Kubernetes without specifying a Service Account, which default Service
Account is used?: default
26.In the context of Cloud Native Security, what is the correct order for the 4C's framework?: Cloud,
Clusters, Containers, Cloud
27.Which architectural pattern in cloud computing allows you to build and run applications and services
without managing infrastructure, typically billed based on usage rather than pre-allocated capacity?: Serverless
28.Which software is widely used in Kubernetes environments for cloud-na- tive storage orchestration?: Rook
29.In a Kubernetes environment, which software is widely used as a light- weight proxy to handle the traffic
management between microservices?: En- voy
30.In Kubernetes, which security-focused tool is commonly used for runtime security monitoring and detection
of anomalous activities within containers and pods?: Falco
31.Which of the following is a lightweight container runtime specifically de- signed for Kubernetes, conforming
to the Container Runtime Interface (CRI)?-
: CRI-O
32.Which open-source storage platform offers integrated block, file, and ob- ject storage, making it a versatile
choice for distributed environments?: Ceph
33.In Kubernetes, what is Ephemeral Storage with respect to a Pod?: Tempo- rary storage assigned to a Pod,
which is deleted when the Pod is removed
#2
1. In the context of cloud native environments, which persona primarily focus- es on optimizing cloud costs and
financial management?: FinOps
2. In Kubernetes, which command is used to run another command within an existing container?: kubectl exec
3. Which of these technologies is incompatible with the Kubernetes Container Runtime Interface (CRI)?:
VirtualBox
4. What is true about Pod-to-Pod communication within the same node in Kubernetes?: Pods use direct, NAT-less
networking for communication on the same node
5. In Kubernetes, which two types of resources are used to expose appli- cations to external traffic,
including options like ClusterIP, NodePort, and LoadBalancer?: Services and Ingress
6. In Kubernetes, which object is most suitable for deploying stateless appli- cations?: Deployment
7. Which of these options is a Service Mesh implementation specifically de- signed for Kubernetes, known for
its simplicity and ease of use?: Linkerd
8. In Kubernetes, which feature is effective for managing costs by allowing for the categorisation and
organisation of resources?: Labels
9. What is the reference implementation of the Open Container Initiative (OCI) runtime specification?: runc
10.For how long is the Kubernetes API guaranteed to be backward compatible following a release?: 1 year
11.What layer of a software architecture is primarily targeted by OpenTracing and OpenTelemetry for
monitoring and observability?: Application
12.In Kubernetes, which component is primarily responsible for managing a Node?: Kubelet
13.In cloud computing, which approach is best suited for simultaneously managing security threats and
optimising costs by identifying unusual activ- ities?: Cloud Anomaly Detection
14.In a Kubernetes cluster, which component is responsible for routing traffic for services and managing IP
rules?: Kube-Proxy
15.What are the three pillars of observability in a software system?: Logs, Metrics, Traces
16.What is the primary function of the kubectl top command in Kubernetes?-
: To display the resource usage of pods and nodes in the cluster
17.What is the primary purpose of kube-state-metrics in a Kubernetes clus- ter?: To generate and expose
cluster state data
18.In telemetry, which entity is primarily used to record and analyse the path that a request takes through
various services in a distributed system?: Traces
, KCNA Kubernetes Certified Network Administrator
#2
19.In a Kubernetes cluster, which component runs on every node to manage the lifecycle of containers?:
Kubelet
20.Which kubectl command is used to view the logs of a terminated container in a multi-container pod in
Kubernetes?: kubectl logs [pod-name] -c [contain-
er-name] -p
21.Which open-source tool is specifically designed for assessing the security posture of Kubernetes clusters
according to NSA and CISA guidelines?: - KubeScape
22.In the context of etcd used in Kubernetes, what is the significance of the
1.5MB size limit for etcd?: It is the recommended maximum size for an individual value stored in etcd
23.In a cloud-native environment, which persona is typically responsible for managing Service Level
Agreements (SLAs), Service Level Indicators (SLIs), and Service Level Objectives (SLOs)?: Site Reliability
Engineer (SRE)
24.Which Kubernetes distribution, known for its minimal resource require- ments and ease of installation, is
particularly well-suited for IoT and edge computing environments?: k3s
25. When a Pod is created in Kubernetes without specifying a Service Account, which default Service
Account is used?: default
26.In the context of Cloud Native Security, what is the correct order for the 4C's framework?: Cloud,
Clusters, Containers, Cloud
27.Which architectural pattern in cloud computing allows you to build and run applications and services
without managing infrastructure, typically billed based on usage rather than pre-allocated capacity?: Serverless
28.Which software is widely used in Kubernetes environments for cloud-na- tive storage orchestration?: Rook
29.In a Kubernetes environment, which software is widely used as a light- weight proxy to handle the traffic
management between microservices?: En- voy
30.In Kubernetes, which security-focused tool is commonly used for runtime security monitoring and detection
of anomalous activities within containers and pods?: Falco
31.Which of the following is a lightweight container runtime specifically de- signed for Kubernetes, conforming
to the Container Runtime Interface (CRI)?-
: CRI-O
32.Which open-source storage platform offers integrated block, file, and ob- ject storage, making it a versatile
choice for distributed environments?: Ceph
33.In Kubernetes, what is Ephemeral Storage with respect to a Pod?: Tempo- rary storage assigned to a Pod,
which is deleted when the Pod is removed
