Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks Exam PSE-StrataDC Topic 1 Question 56 Discussion

Actual exam question for Palo Alto Networks's Palo Alto Networks System Engineer - Strata Data Center exam
Question #: 56
Topic #: 1
[All Palo Alto Networks System Engineer - Strata Data Center Questions]

Why are containers uniquely suitable for whitelist-based runtime security?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Kimberlie at Apr 11, 2024, 07:37 PM

Limited Time Offer

25%

Off

Get Premium PSE-StrataDC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Dell
4 hours ago
Haha, yeah, that's a good point. Docker's always trying to make our lives easier, so I wouldn't be surprised if they had some kind of runtime security feature up their sleeve. But then again, I feel like the operations teams would also know what processes are supposed to be running in the containers, so option D could also be a contender.
upvoted 0 times
...
Jerilyn
6 hours ago
Ooh, good point. Maybe we should just lock ourselves in a room and write Dockerfiles all day long. That way, we can be absolutely sure we've got the right processes defined. *laughs* Just kidding, but you know what they say, 'an ounce of prevention is worth a pound of cure.'
upvoted 0 times
...
Carol
1 days ago
Hmm, I'm not so sure about that. I mean, doesn't Docker have some kind of built-in runtime analysis feature that could help with whitelisting? I feel like option B might be the way to go here.
upvoted 0 times
...
Cassie
2 days ago
Yeah, I agree with that. Plus, as the question mentions, developers usually define the processes in the Dockerfile, so it's not like there's a ton of mystery around what should be running in the container. I'd say that's a pretty solid rationale for why containers are well-suited for whitelist-based security.
upvoted 0 times
...
Rodolfo
2 days ago
True, true. But I'm still a little worried about the whole 'only a few defined processes' thing. What if I accidentally define one too many in my Dockerfile? *shudders* That's a security nightmare waiting to happen.
upvoted 0 times
...
Cory
3 days ago
Haha, yeah, that would be nice. But you know what they say, 'If you want something done right, you gotta do it yourself.' And hey, at least the operations teams typically know what processes are used within a container, right? That's gotta count for something.
upvoted 0 times
...
Roslyn
3 days ago
Whoa, this question is pretty tricky! I think the answer might be C - containers typically have a limited set of defined processes that should be running, which makes it easier to create a whitelist of approved processes. That way, you can be more confident that anything outside that whitelist is potentially malicious.
upvoted 0 times
...
Jeannine
4 days ago
Yeah, you're both right. But I have to say, I'm a little disappointed that Docker doesn't have a built-in runtime analysis capability to help with whitelisting. That would be a real game-changer, wouldn't it? *sighs* Guess we'll have to do it the old-fashioned way.
upvoted 0 times
...
Sol
6 days ago
Absolutely! And don't forget, containers usually only have a few defined processes that should ever be executed. That makes it really easy to create a whitelist and enforce it during runtime.
upvoted 0 times
...
Wilda
8 days ago
This is a great question! Containers are really well-suited for whitelist-based runtime security because of their inherent nature. You know, the fact that we typically define the processes within the Dockerfile means we have a clear understanding of what should be running in that container.
upvoted 0 times
...

Save Cancel