Security · Flashcard

Which three policy levels do the Pod Security Standards define?

  • APrivileged, Baseline, and Restricted — from fully unrestricted to a hardened best-practice policy
  • BTrusted, Limited, and Locked — escalating tiers applied per namespace by the admission webhook
  • COpen, Guarded, and Sealed — three presets that map directly to Linux capability bitmask sets
  • DLow, Medium, and High — severity bands the API server assigns to each Pod's security context

Why this is the answer

The Pod Security Standards define Privileged, Baseline, and Restricted, which Pod Security Admission enforces. Trusted/Limited/Locked, Open/Guarded/Sealed, and Low/Medium/High are all fabricated naming schemes.

Official docs
Study in Gnoseed →