🔥 3-day streak
Certified Kubernetes Administrator (CKA)75 / 125
Question 75 of 125

A backend Deployment exposes a Pod with label app=payments listening on TCP 8080. Currently all traffic to these Pods is permitted. The security team requires that only Pods labeled role=frontend within the same namespace may reach the payments Pods, and only on port 8080. All other ingress must be blocked. Which NetworkPolicy correctly enforces this requirement?

Reviewed for accuracy · Report an issueNext question