Security is one of the most critical aspects of using Docker, especially in production environments. Docker Security ensures that containers are isolated, vulnerabilities are minimized, and sensitive information is protected.
Following MCQs will give you the confidence to answer security-related questions effectively and implement best practices in real-world scenarios.
1.) What is the primary reason for setting resource limits in Docker containers?
A) To improve the container’s performance
B) To restrict unauthorized network access
C) To prevent containers from exhausting host resources
D) To enable container orchestration
2.) Which of the following is a best practice to secure Docker containers?
A) Run containers as the root user
B) Use official and verified images
C) Store sensitive data in Dockerfiles
D) Allow unrestricted network access to containers
3.) What does Docker Content Trust (DCT) provide?
A) Image signing and verification
B) Encryption for container logs
C) A logging framework for containers
D) Resource monitoring tools
4.) Which command is used to enable Docker Content Trust?
A) export DOCKER_ENABLE_TRUST=1
B) export DOCKER_CONTENT_TRUST=1
C) docker trust enable
D) docker trust sign
5.) What is the purpose of AppArmor in Docker?
A) To provide network isolation
B) To restrict container resource usage
C) To enforce security profiles for containers
D) To manage container logs
6.) What is the purpose of Docker Bench for Security?
A) To monitor container resource usage
B) To automate container deployments
C) To encrypt container data
D) To evaluate Docker installations against security best practices
7.) Which of the following is NOT a recommended security practice for Docker?
A) Limit container privileges using –cap-drop
B) Use a minimal base image
C) Store secrets in environment variables
D) Regularly update Docker images
8.) What is a dangling image in Docker?
A) An image with no associated tag
B) An image stored in a remote registry
C) An image with vulnerabilities
D) An image with large size
9.) How can Docker images be scanned for vulnerabilities?
A) Using docker image prune
B) Using tools like Trivy or Docker Scan
C) By running the container and checking logs
D) By manually inspecting the Dockerfile
10.) What is the function of the –no-new-privileges flag?
A) Prevents a container from gaining additional privileges
B) Disables network access for the container
C) Restricts the container’s memory usage
D) Prevents the container from being restarted
Related