Developers in an organization have moved from a standard application deployment to containers. The Security Engineer is tasked with ensuring that containers are secure. Which strategies will reduce the attack surface and enhance the security of the containers? (Choose two.)

Questions › Category: SCS-C01 › Developers in an organization have moved from a standard application deployment to containers. The Security Engineer is tasked with ensuring that containers are secure. Which strategies will reduce the attack surface and enhance the security of the containers? (Choose two.)

0 Vote Up Vote Down

Admin Staff asked 3 months ago

Developers in an organization have moved from a standard application deployment to containers. The Security Engineer is tasked with ensuring that containers are secure.
Which strategies will reduce the attack surface and enhance the security of the containers? (Choose two.)

A. Use the containers to automate security deployments.

B. Limit resource consumption (CPU, memory), networking connections, ports, and unnecessary container libraries.

C. Segregate container by host, function, and data classification.

D. Use Docker Notary framework to sign task definitions.

E. Enable container breakout at the host kernel.






 

Suggested Answer: BD

Community Answer: BC




This question is in SCS-C01 AWS Certified Security – Specialty Exam
For getting AWS Certified Security – Specialty Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exam.

Developers in an organization have moved from a standard application deployment to containers. The Security Engineer is tasked with ensuring that containers are secure. Which strategies will reduce the attack surface and enhance the security of the containers? (Choose two.)

An organizational must establish the ability to delete an AWS KMS Customer Master Key (CMK) within a 24-hour timeframe to keep it from being used for encrypt or decrypt operations. Which of the following actions will address this requirement?

Recommended

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Fortinet NSE 4 – FortiOS 7.2 certificate

Welcome Back!

Create New Account!

Retrieve your password

Developers in an organization have moved from a standard application deployment to containers. The Security Engineer is tasked with ensuring that containers are secure. Which strategies will reduce the attack surface and enhance the security of the containers? (Choose two.)

An organizational must establish the ability to delete an AWS KMS Customer Master Key (CMK) within a 24-hour timeframe to keep it from being used for encrypt or decrypt operations. Which of the following actions will address this requirement?

Related Questions

Recommended

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Fortinet NSE 4 – FortiOS 7.2 certificate

Welcome Back!

Create New Account!

Retrieve your password