IBM Updated C1000-150 Exam Questions and Answers by enya

The two roles that have the permission to connect to an LDAP directory are Cloud Pak Administrator and Cluster Administrator.

• Cloud Pak Administrator is a role that has the highest level of access and can perform all the administrator tasks for the Cloud Pak.
• Cluster Administrator is a role that has the permission to manage the resources of a Kubernetes cluster such as connecting to an LDAP directory, configuring security settings, and managing users and roles.

• https://www.ibm.com/support/knowledgecenter/en/SSYHZ8_20.0.x/com.ibm.dba.baw.rpa/rpa_security_authorization.html
• https://www.ibm.com/support/knowledgecenter/en/SSYHZ8_20.0.x/com.ibm.dba.baw.rpa/rpa_user_manage_users.html
• https://www.ibm.com/support/knowledgecenter/en/SSYHZ8_20.0.x/com.ibm.dba.baw.rpa/rpa_security_permission.html

Secrets on Kubernetes master (API server) are not encrypted by default at rest, extra steps are needed to encrypt them. Kubernetes does not automatically encrypt secrets at rest, it is the responsibility of the user to ensure that the secrets are encrypted. There are several ways to encrypt secrets at rest, such as using Kubernetes native encryption, third-party encryption tools or using a cloud provider's encryption services.