Linux Foundation Kubernetes and Cloud Native KCSA Question # 17 Topic 2 Discussion
KCSA Exam Topic 2 Question 17 Discussion:
Question #: 17
Topic #: 2
As a Kubernetes and Cloud Native Security Associate, a user can set upaudit loggingin a cluster. What is the risk of logging every event at the fullRequestResponselevel?
A.
No risk, as it provides the most comprehensive audit trail.
B.
Increased storage requirements and potential impact on performance.
C.
Improved security and easier incident investigation.
D.
Reduced storage requirements and faster performance.
Audit loggingrecords API server requests and responses for security monitoring.
TheRequestResponse levellogs the full request and response bodies, which can:
Significantly increasestorage and performance overhead.
Potentially log sensitive data (including Secrets).
Therefore, while comprehensive, it introduces risks of performance degradation and excessive log volume.
[References:, Kubernetes Documentation – Auditing, CNCF Security Whitepaper – Logging and monitoring: trade-offs between verbosity, storage, and security., ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit