CompTIA Exam CV0-004 Topic 6 Question 23 Discussion

Actual exam question for CompTIA's CV0-004 exam

Question #: 23
Topic #: 6

A security engineer Identifies a vulnerability m a containerized application. The vulnerability can be exploited by a privileged process to read tie content of the host's memory. The security engineer reviews the following Dockerfile to determine a solution to mitigate similar exploits:

Which of the following is the best solution to prevent similar exploits by privileged processes?

AAdding the USER myappuserinstruction

BPatching the host running the Docker daemon

CChanging FROM alpiner3.17 to FROM alpine:latest

DRunning the container with the ready-only filesystem configuration

Show Suggested Answer

Suggested Answer: A

The output from the 'ps' command indicates there is a process running under the UID (User ID) of 0, which is the root user, and the command that was run is '/var/www/command.py'. Given that the normal Apache processes are running under their own UID (65535), this suggests that a command was executed with root privileges that typically should not have such high-level access. This is a strong indicator of privilege escalation, where an unauthorized user or process gains elevated access to resources that are normally protected from an application or user. Reference: CompTIA Cloud+ Certification Study Guide (Exam CV0-004) by Scott Wilson and Eric Vanderburg

by Erasmo at Sep 14, 2024, 11:10 AM

Limited Time Offer

25%

Off

Get Premium CV0-004 Questions as Interactive Web-Based Practice Test or PDF