When architecting a new application that needs to be both secure and scalable, which containerization security best practice should be prioritized to ensure the least privilege and prevent unnecessary access to the host system?
Segmenting container network traffic using virtual networks
Scheduling routine vulnerability scanning for containers and host systems
Implementing strict resource limits on each running container
Running containers with non-privileged users and without unnecessary capabilities
Mounting all host volumes into containers with read-only access