BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks Exam PSE-StrataDC Topic 1 Question 56 Discussion

Actual exam question for Palo Alto Networks's PSE-StrataDC exam
Question #: 56
Topic #: 1
[All PSE-StrataDC Questions]

Why are containers uniquely suitable for whitelist-based runtime security?

Show Suggested Answer Hide Answer
Suggested Answer: A

Contribute your Thoughts:

Lanie
5 months ago
Operations teams can also easily monitor and control what processes are running within a container.
upvoted 0 times
...
Avery
6 months ago
Containers also have limited processes, which makes it easier to manage and secure.
upvoted 0 times
...
Carolann
6 months ago
I agree, having defined processes makes it easier to whitelist only what's necessary.
upvoted 0 times
...
Kristel
6 months ago
I think containers are suitable for whitelist-based security because developers define processes in Dockerfile.
upvoted 0 times
...
Dell
7 months ago
Haha, yeah, that's a good point. Docker's always trying to make our lives easier, so I wouldn't be surprised if they had some kind of runtime security feature up their sleeve. But then again, I feel like the operations teams would also know what processes are supposed to be running in the containers, so option D could also be a contender.
upvoted 0 times
...
Jerilyn
7 months ago
Ooh, good point. Maybe we should just lock ourselves in a room and write Dockerfiles all day long. That way, we can be absolutely sure we've got the right processes defined. *laughs* Just kidding, but you know what they say, 'an ounce of prevention is worth a pound of cure.'
upvoted 0 times
Gregg
6 months ago
Operations teams typically know what processes are used within a container.
upvoted 0 times
...
Rory
6 months ago
Developers typically define the processes used in their containers within the Dockerfile.
upvoted 0 times
...
...
Carol
7 months ago
Hmm, I'm not so sure about that. I mean, doesn't Docker have some kind of built-in runtime analysis feature that could help with whitelisting? I feel like option B might be the way to go here.
upvoted 0 times
...
Cassie
7 months ago
Yeah, I agree with that. Plus, as the question mentions, developers usually define the processes in the Dockerfile, so it's not like there's a ton of mystery around what should be running in the container. I'd say that's a pretty solid rationale for why containers are well-suited for whitelist-based security.
upvoted 0 times
...
Rodolfo
7 months ago
True, true. But I'm still a little worried about the whole 'only a few defined processes' thing. What if I accidentally define one too many in my Dockerfile? *shudders* That's a security nightmare waiting to happen.
upvoted 0 times
...
Cory
7 months ago
Haha, yeah, that would be nice. But you know what they say, 'If you want something done right, you gotta do it yourself.' And hey, at least the operations teams typically know what processes are used within a container, right? That's gotta count for something.
upvoted 0 times
Tamesha
6 months ago
D) Operations teams typically know what processes are used within a container
upvoted 0 times
...
Alyce
6 months ago
C) Containers typically have only a few defined processes that should ever be executed.
upvoted 0 times
...
Shaun
6 months ago
A) Developers typically define the processes used in their containers within the Dockerfile
upvoted 0 times
...
...
Roslyn
7 months ago
Whoa, this question is pretty tricky! I think the answer might be C - containers typically have a limited set of defined processes that should be running, which makes it easier to create a whitelist of approved processes. That way, you can be more confident that anything outside that whitelist is potentially malicious.
upvoted 0 times
...
Jeannine
7 months ago
Yeah, you're both right. But I have to say, I'm a little disappointed that Docker doesn't have a built-in runtime analysis capability to help with whitelisting. That would be a real game-changer, wouldn't it? *sighs* Guess we'll have to do it the old-fashioned way.
upvoted 0 times
...
Sol
7 months ago
Absolutely! And don't forget, containers usually only have a few defined processes that should ever be executed. That makes it really easy to create a whitelist and enforce it during runtime.
upvoted 0 times
...
Wilda
7 months ago
This is a great question! Containers are really well-suited for whitelist-based runtime security because of their inherent nature. You know, the fact that we typically define the processes within the Dockerfile means we have a clear understanding of what should be running in that container.
upvoted 0 times
...

Save Cancel