Security in Containers Interview Question-Answer

Q.1 While securing applications deployed with container approach, security at Kernel level is enforced by using ________.

       A. Seccomp

       B. Anchore

       C. CIS Docker CE benchmark

       D. Clair

Ans : Seccomp

Q.2 We can add or drop capabilities on a Docker container by using which of the following flags?

       A. –cap-a and –cap-d

       B. –cap-add and –cap-drop

       C. –doc-add and –doc-drop

       D. –docker-add and –docker-drop

Ans : –doc-add and –doc-drop

Q.3 While securing applications deployed with container approach, Docker images are scanned by using _________.

       A. Anchore

       B. SELinux

       C. CIS Docker CE benchmark

       D. Seccomp

Ans : CIS Docker CE benchmark

Q.4 OWASP Zed Attack Proxy (ZAP) is a tool used to find vulnerabilities in ________.

       A. Libraries

       B. Running applications

       C. Source code

       D. Docker images

Ans : Running applications

Q.5 While securing applications deployed with the traditional (non-container) approach, application runtime is tested for vulnerabilities by using _________.

       A. Sonar

       B. Burp Suite

       C. OWASP Dependency Check

       D. OWASP Dependency Track

Ans : Burp Suite

Q.6 Which of the following file is updated in a Linux machine to enable SELinux?

       A. /etc/selinux/config

       B. /bin/linux/config

       C. /bin/selinux/config

       D. /etc/linux/config

Ans : /etc/selinux/config

Q.7 Which of the following is not a valid action performed by Anchore (based on evaluation criteria)?

       A. TERMINATE

       B. STOP

       C. WARN

       D. GO

Ans : TERMINATE

Q.8 Which of the following is not an alternative for Docker?

       A. Hyper-V

       B. Unikernels

       C. Kubernetes

       D. CoreOS rkt

Ans : Unikernels

Q.9 Tern is a tool used to find vulnerabilities in ___________.

       A. Source code

       B. Docker images

       C. Running application

       D. Libraries

Ans : Docker images

Q.10 While securing applications deployed with the traditional (non-container) approach, the source code is tested for vulnerabilities by using __________.

       A. OWASP Dependency Track

       B. Burp Suite

       C. OWASP Dependency Check

       D. Sonar

Ans : OWASP Dependency Track

Q.11 Docker uses which Linux Kernel feature to provide resource allocation functionality?

       A. SELinux

       B. Cgroups

       C. Namespaces

       D. Seccomp

Ans : Cgroups

Q.12 Which of the following cloud service providers does not use Docker?

       A. Microsoft Azure

       B. OpenStack

       C. IBM Softlayer

       D. VMware Cloud

Ans : IBM Softlayer

Q.13 Which of the following is not a default Linux namespace?

       A. INet

       B. PID

       C. XID

       D. Uts

Ans : XID

Leave a Comment

 

© 2023 Smartanswer • All Rights Reserved! 

About Us

Contact Us

Disclaimer

Privacy Policy

Terms & Condition