ExpertHard1 markMultiple Choice
CPA · Question 79 · Area I: Information Systems
A company uses 'Containerization' (e.g., Docker) for its applications. What is a key security benefit of containers compared to traditional virtual machines?
A company uses 'Containerization' (e.g., Docker) for its applications. What is a key security benefit of containers compared to traditional virtual machines?
Answer options:
A.
They are completely immune to malware.
B.
They provide isolation of applications while sharing the OS kernel, though this also presents a shared kernel risk.
C.
They do not require patching.
D.
They encrypt all data by default.
How to approach this question
Containers = Lightweight isolation. Shared Kernel = Risk.
Full Answer
B.They provide isolation of applications while sharing the OS kernel, though this also presents a shared kernel risk.✓ Correct
Containers provide a lightweight mechanism to isolate applications from one another, reducing the attack surface of the application, although the shared kernel remains a single point of failure if compromised.
Common mistakes
Thinking containers are more secure than VMs (VMs have better isolation).
Practice the full CPA ISC Practice Exam 4
82 questions · hints · full answers · grading
More questions from this exam
Q01A CPA is advising a client who is migrating their legacy on-premise ERP system to a cloud environ...HardQ02An auditor is reviewing the Service Level Agreement (SLA) for a client using a public cloud provi...HardQ03A company uses an Infrastructure as a Service (IaaS) model. During an IT audit, the auditor disco...HardQ04An organization is implementing the COSO Enterprise Risk Management (ERM) framework to govern its...HardQ05During a walkthrough of an order-to-cash process, the auditor observes that the sales manager can...Hard