Question 40
Domain 4: Minimize Microservice VulnerabilitiesA Kubernetes administrator wants a Pod in a multi-tenant cluster to use a specific container runtime sandbox. Which Pod specification field should be set to request that runtime class?
Correct answer: B
Explanation
To request a specific container runtime configuration for a Pod, set the Pod spec's runtimeClassName field. This field is the mechanism used to select the runtime class for that Pod. — cks_syllabus.txt
Why each option is right or wrong
A. schedulerName
schedulerName selects the scheduler for a Pod, not the runtime class.
B. runtimeClassName
The source material identifies runtimeClassName as the Pod spec field used for runtime class selection. In this scenario, setting runtimeClassName is how the administrator requests the specific container runtime sandbox for the Pod.
C. nodeName
nodeName binds a Pod to a node, not to a container runtime class.
D. serviceAccountName
serviceAccountName sets Pod identity for API access, not runtime selection.