Crucial Exams

CompTIA Linux+ XK0-006 (V8) Practice Question

On an SELinux-enforcing host, you are about to launch a container that must write to the host directory /srv/secret, but no other containers must ever be able to read or write that directory. Which volume option supplied to podman or docker accomplishes this goal?

  • Run the container with the --privileged flag and no SELinux volume option.

  • Mount the directory as /srv/secret:/secret:z to share the SELinux label with other containers.

  • Mount the directory read-only with /srv/secret:/secret:ro so other containers cannot write to it.

  • Mount the directory as /srv/secret:/secret:Z so the volume receives a private SELinux label.

CompTIA Linux+ XK0-006 (V8)
Services and User Management
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot