Crucial Exams

ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

During a security review of a Kubernetes cluster, the team discovers that developers frequently pull container images directly from a public registry. To reduce the risk of running tampered images, which action at the orchestration layer provides the most effective technical safeguard?

  • Define NetworkPolicies that block outbound traffic from pods to untrusted container registries

  • Enable encryption of secrets stored in etcd using a KMS provider

  • Apply a restrictive seccomp profile to all containers in the cluster

  • Configure a validating admission controller to allow only container images that pass signature verification

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Architecture and Design
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot