InterviewStack.io LogoInterviewStack.io

Container and Kubernetes Security Questions

Security for containerized applications and Kubernetes platforms across the full lifecycle: secure image creation and supply chain, image scanning and vulnerability management, secure base images, image signing, runtime protection and intrusion detection, container isolation and least privilege at the container level, secrets management, pod security policies and admission controllers, network policies and microsegmentation, role based access control for cluster access, cluster hardening and configuration management, secure cluster bootstrapping and upgrades, and compliance considerations and audit logging for container environments. Candidates should be able to discuss tooling, threat models specific to cloud native workloads, and operational practices for preventing and responding to container and orchestration security incidents.

MediumTechnical
78 practiced
You notice multiple newly deployed pods showing high CPU and excessive outbound connections shortly after a deploy. Outline an incident response play-by-play to determine if this is a misconfiguration or a malicious cryptomining/command-and-control activity. Include commands and data sources you would consult.
HardTechnical
75 practiced
Compare the security benefits and operational costs of using a service mesh (e.g., Istio) to enforce mTLS and policies versus relying on Kubernetes NetworkPolicies and mTLS at application level. When is a service mesh justified for security?
HardTechnical
98 practiced
Integrate SLOs and error budgets with security operations: propose a policy that allows emergency patching that temporarily consumes error budget, explain how to trigger such an intervention, who approves it, and how to report and compensate for the consumed budget afterward.
EasyTechnical
90 practiced
Describe the purpose of Kubernetes RBAC and Pod Security Standards (PSS). How do they differ in scope and enforcement, and how would you combine them to enforce least privilege and secure pod configuration in a cluster?
EasyTechnical
96 practiced
What is an SBOM (Software Bill of Materials) for a container image? Describe the key elements an SBOM should contain and explain how SRE teams can use SBOMs to reduce supply chain risk.

Unlock Full Question Bank

Get access to hundreds of Container and Kubernetes Security interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.