A company uses 'Containerization' (e.g., Docker) for its applications. What is a key security benefit of containers compared to traditional virtual machines?

Answer options:

They are completely immune to malware.

They provide isolation of applications while sharing the OS kernel, though this also presents a shared kernel risk.

They do not require patching.

They encrypt all data by default.

How to approach this question

Containers = Lightweight isolation. Shared Kernel = Risk.

Full Answer

B.They provide isolation of applications while sharing the OS kernel, though this also presents a shared kernel risk.✓ Correct

They provide isolation of applications while sharing the OS kernel, though this also presents a shared kernel risk.

Containers provide a lightweight mechanism to isolate applications from one another, reducing the attack surface of the application, although the shared kernel remains a single point of failure if compromised.

Common mistakes

Thinking containers are more secure than VMs (VMs have better isolation).

Question 78 All questions Question 80

Practice the full CPA ISC Practice Exam 4

82 questions · hints · full answers · grading

More questions from this exam

Q01A CPA is advising a client who is migrating their legacy on-premise ERP system to a cloud environ...Hard Q02An auditor is reviewing the Service Level Agreement (SLA) for a client using a public cloud provi...Hard Q03A company uses an Infrastructure as a Service (IaaS) model. During an IT audit, the auditor disco...Hard Q04An organization is implementing the COSO Enterprise Risk Management (ERM) framework to govern its...Hard Q05During a walkthrough of an order-to-cash process, the auditor observes that the sales manager can...Hard

View all 82 questions →