Prisma Certified Cloud Security Engineer (PCCSE) — Question 21

The security auditors need to ensure that given compliance checks are being run on the host.
Which option is a valid host compliance policy?

Answer options

• A. Ensure functions are not overly permissive.
• B. Ensure host devices are not directly exposed to containers.
• C. Ensure images are created with a non-root user.
• D. Ensure compliant Docker daemon configuration.

Correct answer: D

Explanation

The correct answer, D, addresses the configuration settings of the Docker daemon, which is crucial for maintaining compliance. Options A, B, and C, while relevant to security practices, do not specifically pertain to host compliance policies as they focus on different aspects of security rather than compliance checks.