Which resource stores sensitive information such as passwords, tokens, and keys?

Prepare for the KCNA Certification Test. Study with flashcards, multiple-choice questions, and detailed explanations to enhance your understanding of Kubernetes Cloud Native concepts. Ace your exam!

Multiple Choice

Which resource stores sensitive information such as passwords, tokens, and keys?

Explanation:
Storing sensitive data safely is essential in Kubernetes, and Secrets are designed specifically for that purpose. A Secret holds sensitive information such as passwords, tokens, and keys, and can be consumed by pods as environment variables or as mounted files. This separation from ordinary configuration helps reduce exposure and allows tighter access control through RBAC and namespace boundaries. Also, while Secrets are stored in etcd, they are base64-encoded by default and can be configured to be encrypted at rest for added protection, which is important for protecting credentials. In contrast, a PersistentVolume is about providing durable storage for application data, not about storing secret credentials. A ConfigMap stores non-sensitive configuration data and environment variables, which are not encrypted. A Service is only a networking abstraction for exposing a set of pods and does not store data. So the correct choice for storing passwords, tokens, and keys is a Secret.

Storing sensitive data safely is essential in Kubernetes, and Secrets are designed specifically for that purpose. A Secret holds sensitive information such as passwords, tokens, and keys, and can be consumed by pods as environment variables or as mounted files. This separation from ordinary configuration helps reduce exposure and allows tighter access control through RBAC and namespace boundaries. Also, while Secrets are stored in etcd, they are base64-encoded by default and can be configured to be encrypted at rest for added protection, which is important for protecting credentials.

In contrast, a PersistentVolume is about providing durable storage for application data, not about storing secret credentials. A ConfigMap stores non-sensitive configuration data and environment variables, which are not encrypted. A Service is only a networking abstraction for exposing a set of pods and does not store data. So the correct choice for storing passwords, tokens, and keys is a Secret.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy