Application Containerization Mechanism

Questions and Answers

What is the purpose of application containerization?

To increase communication between applications

To isolate applications from each other within a running operating system instance (correct)

To combine multiple applications into one container

To remove all dependencies from an application

What is an application container composed of?

Only the application itself

The operating system kernel

The application and its dependencies like libraries and configuration files (correct)

Hardware components only

What risk arises if a malicious actor gains access to the application container environment?

They can delete all container data

They can combine all containers into one

They can only impact the specific container they accessed

Lateral movement is possible, granting access to all containers (correct)

Why is monitoring of application container environments important?

To detect unauthorized connections and malicious traffic

What should an IT auditor review and test when auditing application container deployments?

The host operating system, network, container runtime, and images of application containers

How should the attack surface of the host OS be minimized in application container deployments?

By applying the principle of least privilege

What should be done to mitigate the risk associated with using a shared kernel in application container infrastructure?

Reduce the attack surface

How can compromise of container runtime be prevented in application container deployments?

By leveraging built-in security features and protocols

How should an enterprise minimize security risks related to image downloading in application containers?

By designing and implementing image configuration protocols

What should be maintained throughout the life cycle of containers to ensure integrity?

Minimizing changes so that they occur during production