To improve the security of a GKE cluster, an architect wants to ensure that all pods are forbidden from running as the 'root' user and that they cannot access the host's filesystem. Which Kubernetes resource handles these security constraints?

Your company is running a stateful application on GKE. You need to ensure that when a pod is rescheduled to a different node, it can still access its persistent data. What must you use?

A global enterprise needs to implement a Disaster Recovery (DR) solution for their multi-region GKE deployment. They want to ensure that in the event of a regional failure, user traffic is automatically rerouted to the secondary region with minimal latency. What is the key component?

To prevent unauthorized lateral movement in a GKE cluster if a pod is compromised, what security feature should you implement?

Scenario: To secure a GKE cluster for a HIPAA-compliant workload, an architect wants to ensure that all administrative actions (e.g., creating a deployment) are logged. Which tool is essential?

How can you securely store and retrieve secrets in GKE without hardcoding them in your application code or Dockerfile?