Oracle Cloud Platform Data Integration 2020 Specialist — Question 21

A pod security policy (PSP) is implemented in your Oracle Cloud Infrastructure Container Engine for Kubernetes cluster.
Which rule can you use to prevent a container from running as root using PSP? (Choose the best answer.)

Answer options

• A. NoPrivilege
• B. RunOnlyAsUser
• C. MustRunAsNonRoot
• D. forbiddenRoot

Correct answer: C

Explanation

The correct answer, MustRunAsNonRoot, specifically ensures that the container cannot be run as the root user. The other options either do not directly prevent root execution or serve different purposes, such as restricting privileges or allowing only specific user IDs.