- Correct answer: (A) True. OpenID Connect is a standard published by IETF: https://openid.net/specs/openid-connect-core-1_0.html.
- Correct answer: (B)
id_tokencontains claims about the user's identity.
refresh_tokenis used to get a new
access_tokenis used to interact with the identity provider.
- Correct answer: (C) Break-glass-in-case-of-emergency when all other authentication solutions are unavailable. Remember to keep this certificate and key pair under strict controls.
- Correct answer: (D) An immutable ID not based on a user's name. This way, if a user's name ever changes, which happens more often than may be expected, their access isn't changed.
- Correct answer: (D) Set as flags on the Kubernetes API server executable. How you set the flags will depend on your distribution, but ultimately, every distribution sets these flags on the API server's command.
- Correct answer...