CompTIA PenTest+ (PT0-003) — Question 117

A penetration tester performs an assessment on the target company's Kubernetes cluster using kube-hunter. Which of the following types of vulnerabilities could be detected with the tool?

Answer options

• A. Network configuration errors in Kubernetes services
• B. Weaknesses and misconfigurations in the Kubernetes cluster
• C. Application deployment issues in Kubernetes
• D. Security vulnerabilities specific to Docker containers

Correct answer: B

Explanation

The correct answer is B because kube-hunter is specifically designed to find weaknesses and misconfigurations within Kubernetes clusters. Option A is incorrect as it is too narrow, focusing only on network configuration errors, while C addresses application deployment issues, and D relates to Docker container vulnerabilities, neither of which are the primary focus of kube-hunter.