1Assessment brief
Overall Context:
As a cloud and virtualization security expert, you're responsible for assessing and strengthening the security of a prototype containerized cloud system. You have been provided with prototype that is intended for deployment within the company's existing Docker production setup. The development team has expertise in system development but lacks experience in virtualization security. Your task is to create a detailed report presenting your evaluation results and security recommendations for the client, a company that develops cloud-based solutions.
This report will:
•Provide recommendations on how they could improve the security of a system, using a technical case study of their work as an example.
TASKS:
1.Define up to 10 test cases to verify the functionality and security of the containers and application.
2.Refine supplied Dockerfiles and any custom files, excluding those from official repositories, to create hardened images capable of running the application.
3.Generate hardened images from the refined Dockerfiles.
4.Determine runtime commands for running containers from the images on the production team's chosen system, ensuring maximum security. Consider commands for:
a.one-time configuration
b.running the container each time
5.Verify the application's correct functionality against the test cases when applying the proposed runtime security to the containers.