azure – Kubernetes clusters should not grant CAPSYSADMIN security capabilities

In Our AKS, found high severity alerts related to this in Azure Security Center.

What is CAPSYSADMIN meant for?
Is the pods by default enabled with this property?
Because we didnt specifically enabled it in our AKS? Then what will be the reason for this alert ?
And how can we remediate this alert?