Register
90:58
Stop
CEH - Cloud Computing
Master
1/91
A DevOps engineer at a financial services company is transitioning their infrastructure to Docker containers. During a security review, they discover that several of their containers are communicating with unexpected external IP addresses. After investigation, they determine that a malicious actor has likely placed a backdoor in one of the custom container images they're using. Which approach should they implement to prevent this type of compromise in the future?
a.
Configure the Docker daemon to only pull images during business hours when IT staff can monitor network traffic
b.
Implement a network monitoring tool that alerts when containers communicate with IP addresses not on an approved list
c.
Implement image signing with Docker Content Trust to verify image authenticity before deployment
d.
Add an additional layer of firewall rules that blocks all container traffic except to explicitly permitted destinations
Master