Container Hardening: Task 1-5 : DevSecOps : TryHackMe : Walk through 16.0

Container Hardening: Task 1-5 : DevSecOps : TryHackMe : Walk through 16.0 Room: https://tryhackme.com/r/room/containerhardening Learn how to implement the mechanisms designed to secure your Docker containers. What would the command be if we wanted to create a Docker profile? docker context create What would the command be if we wanted to switch to a Docker profile? What argument would we provide when running a Docker container to enforce how many CPU cores the container can utilise? What would the command be if we wanted to inspect a docker container named "Apache"? What is the name of the capability that allows services to bind to ports (specifically those under 1024)? What argument would we provide when starting a Docker container to add a capability? Finally, what command (with argument) would we use to print the capabilities assigned to a process? If we wanted to enforce the container to only be able to read files located in /home/tryhackme, what type of profile would we use? Seccomp or AppArmor? If we wanted to disallow the container from a system call (such as clock_adjtime), what type of profile would we use? Seccomp or AppArmor? Finally, what command would we use if we wanted to list the status of AppArmor? #Container #hardening #devsecops #tryhackme #part1