Difficulty: Easy

Average Score: 80%

A company plans to secure its systems by: Removing users from sending sensitive data over corporate email. Restricting access to potentially harmful websites.

Which of the following hardening techniques must be applied on a container image before deploying it to a production environment? (Select two).

Rationale

Remove default applications and disable Telnet must be applied on a container image before deploying it to a production environment.

Both of these hardening techniques enhance the security of the container by minimizing potential attack surfaces and eliminating unnecessary services that could be exploited by malicious actors.

A (Remove default applications.) CORRECT

Default applications often come pre-installed in container images and can introduce vulnerabilities if not properly secured or if they are not actively used. By removing these applications, the image is streamlined, reducing the risk of exploitation and ensuring that only necessary components are included, which is essential for a production environment.

B (Install a NIPS.) YOUR ANSWER

While installing a Network Intrusion Prevention System (NIPS) is beneficial for monitoring and protecting network traffic, it is not a direct hardening technique applied to the container image itself. NIPS operates at the network level rather than modifying the container's applications or configuration, making it less relevant for the specific context of image hardening before deployment.

C (Disable Telnet.) CORRECT

Disabling Telnet is a crucial hardening step because Telnet transmits data unencrypted, making it susceptible to interception and attacks. By ensuring that Telnet is disabled in the container image, you enhance security by preventing unauthorized access through this insecure protocol.

D (Reconfigure the DNS.) YOUR ANSWER

Reconfiguring DNS settings does not directly relate to hardening the container image itself. While appropriate DNS configurations are important for overall network security, they do not specifically contribute to the security posture of the container prior to deployment.

E (Add an SFTP server.) YOUR ANSWER

Adding an SFTP server introduces additional complexity and potential vulnerabilities to the container image. Since this is not a hardening measure and may expose the image to more attack vectors, it is not a suitable choice for securing the container before deployment.

F (Delete the public certificate.) YOUR ANSWER

Deleting a public certificate is not a valid hardening technique; rather, it may hinder secure communications. Public certificates are essential for establishing trusted connections and should not be removed as part of the hardening process.

Conclusion

Hardening a container image before deploying it to production is critical for ensuring security. By removing default applications and disabling Telnet, you effectively minimize vulnerabilities and strengthen the container's defense against potential threats. Other choices either do not pertain directly to image hardening or could inadvertently introduce security risks, emphasizing the importance of targeted hardening strategies in production environments.

Which of the following hardening techniques must be applied on a container image before deploying it to a production environment? (Select two).

Remove default applications and disable Telnet must be applied on a container image before deploying it to a production environment.

Related Questions

Related Quizzes

How familiar were you with this question?

Report an Issue

Rate this Practice Test