During a security review of a containerized production environment, analysts discover several high-severity CVEs in the images but still observe unexplained compromise attempts on the underlying host. They suspect that Docker daemon and kernel parameters were never hardened. Which technique will most effectively surface misconfigured host settings that the existing image scans and orchestrator checks have missed?
Auditing system logs for suspicious activities after rollout
Using standard features of the orchestrator for configuration checks
Scanning container images for harmful packages before deployment
Running Docker Bench to ensure host settings meet recommended guidelines
A specialized script that audits host settings is the best approach because it checks configurations that image scanning, orchestrator features, and log reviews do not address. Scanning images might detect software flaws but does not verify host settings. Orchestrator functionality can be limited, and reviewing logs is insufficient for identifying underlying host misconfigurations.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Docker Bench?
Open an interactive chat with Bash
Why is scanning container images insufficient for fixing host misconfigurations?
Open an interactive chat with Bash
What are the limitations of using orchestrator features for configuration checks?