Developing Applications Using Cisco Core Platforms and APIs (DEVCOR) — Question 345

How should end-to-end encryption of API communications be applied between the microservices containers of the application in a Kubernetes environment?

Answer options

• A. Set up the network policy on the deployment.
• B. Modify the application code to instrument encryption of the API communication endpoints.
• C. Ensure that container pods are deployed with non-root privileges to enforce encryption.
• D. Deploy Istio service mesh and enable mutual TLS for all the container pods.

Correct answer: D

Explanation

The correct answer is D because Istio service mesh can provide mutual TLS, which ensures secure communication between the microservices. Options A, B, and C do not fully address the need for end-to-end encryption as they do not implement a robust solution like mutual TLS provided by Istio.