ISC2 Certified Cloud Security Professional (CCSP) Practice Question
A cloud team is refactoring a monolithic application into several container-based microservices hosted on a managed Kubernetes platform. The security policy requires that each microservice can scale and update independently, support quick automated rollback if problems arise, and enforce least-privilege permissions at runtime through Kubernetes RBAC. Which Kubernetes resource type BEST meets these operational and security objectives for each microservice?
A Kubernetes Deployment encapsulates one or more identical Pods and manages their life-cycle through ReplicaSets. It provides declarative, versioned updates that support rolling upgrades and built-in rollback to previous revisions, allowing each microservice to be deployed and updated independently. RBAC permissions can be bound to the Deployment's ServiceAccount to enforce least privilege at runtime. A standalone Pod cannot manage rollbacks or horizontal scaling. A DaemonSet schedules exactly one Pod per node, which is unnecessary for most microservices. A StatefulSet maintains stable network identities and ordered deployment, features typically required only for stateful workloads, not stateless microservices that need rapid rollout and rollback.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a Kubernetes Deployment?
Open an interactive chat with Bash
How does Kubernetes RBAC enforce least-privilege permissions?
Open an interactive chat with Bash
Why is a StatefulSet not suitable for stateless microservices?
Open an interactive chat with Bash
ISC2 Certified Cloud Security Professional (CCSP)
Cloud Application Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .