Différences
Ci-dessous, les différences entre deux révisions de la page.
| Les deux révisions précédentesRévision précédenteProchaine révision | Révision précédente | ||
| elearning:workbooks:docker3:en:dre07 [2023/12/17 06:23] – admin | elearning:workbooks:docker3:en:dre07 [2024/12/17 13:46] (Version actuelle) – admin | ||
|---|---|---|---|
| Ligne 1: | Ligne 1: | ||
| ~~PDF: | ~~PDF: | ||
| - | Version : **2023.01** | + | Version : **2024.01** |
| Last update : ~~LASTMOD~~ | Last update : ~~LASTMOD~~ | ||
| Ligne 27: | Ligne 27: | ||
| =====What this course covered===== | =====What this course covered===== | ||
| + | |||
| + | * **DOE600 - Course Presentation** | ||
| + | * Prerequisites | ||
| + | * Hardware | ||
| + | * Software | ||
| + | * Internet | ||
| + | * Use of the Infrastructure | ||
| + | * Curriculum | ||
| * **DOE601 - Virtualisation by Isolation** | * **DOE601 - Virtualisation by Isolation** | ||
| Ligne 181: | Ligne 189: | ||
| * LAB #3 - The docker-bench-security.sh script | * LAB #3 - The docker-bench-security.sh script | ||
| * LAB #4 - Securing the Docker Host Configuration | * LAB #4 - Securing the Docker Host Configuration | ||
| - | * 4.1 - [WARN] 1.2.1 - Ensure a separate partition for containers has been created | ||
| - | * 4.2 - [WARN] 1.2.3 - Ensure auditing is configured for the Docker daemon | ||
| * LAB #5 - Securing the Docker daemon configuration | * LAB #5 - Securing the Docker daemon configuration | ||
| - | * 5.1 - [WARN] 2.1 - Ensure network traffic is restricted between containers on the default bridge | + | * 5.1 - The / |
| - | * 5.2 - [WARN] 2.8 - Enable user namespace support | + | |
| - | * 5.3 - [WARN] 2.11 - Ensure that authorization for Docker client commands is enabled | + | |
| - | * 5.4 - [WARN] 2.12 - Ensure centralized and remote logging is configured | + | |
| - | * 5.5 - [WARN] 2.14 - Ensure Userland Proxy is Disabled | + | |
| - | * 5.6 - [WARN] 2.17 - Ensure containers are restricted from acquiring new privileges | + | |
| - | * 5.7 - The / | + | |
| * LAB #6 - Securing Images and Build Files | * LAB #6 - Securing Images and Build Files | ||
| - | * 6.1 - [WARN] 4.1 - Ensure a user for the container has been created | ||
| - | * 6.2 - [WARN] 4.5 - Ensure Content trust for Docker is Enabled | ||
| - | * 6.3 - [WARN] 4.6 - Ensure that HEALTHCHECK instructions have been added to container images | ||
| * LAB #7 - Securing the Container Runtime | * LAB #7 - Securing the Container Runtime | ||
| - | * 7.1 - [WARN] 5.1 - Ensure AppArmor Profile is Enabled | ||
| - | * 7.2 - [WARN] 5.2 - Ensure SELinux security options are set, if applicable | ||
| - | * 7.3 - [WARN] 5.10 - Ensure memory usage for container is limited | ||
| - | * 7.4 - [WARN] 5.11 - Ensure CPU priority is set appropriately on the container | ||
| - | * 7.5 - [WARN] 5.12 - Ensure the container' | ||
| - | * 7.6 - [WARN] 5.14 - Ensure ' | ||
| - | * 7.7 - [WARN] 5.25 - Ensure the container is restricted from acquiring additional privileges | ||
| - | * 7.8 - [WARN] 5.26 - Ensure container health is checked at runtime | ||
| - | * 7.9 - [WARN] 5.28 - Ensure PIDs cgroup limit is used | ||
| * LAB #8 - Securing Images with Docker Content Trust | * LAB #8 - Securing Images with Docker Content Trust | ||
| * 8.1 - DOCKER_CONTENT_TRUST | * 8.1 - DOCKER_CONTENT_TRUST | ||
| Ligne 223: | Ligne 211: | ||
| * Course Materials | * Course Materials | ||
| * What this course covered | * What this course covered | ||
| - | * Validation of Acquired Knowledge | + | * Validation of acquired knowledge |
| * Course Evaluation | * Course Evaluation | ||
| Ligne 232: | Ligne 220: | ||
| ----- | ----- | ||
| - | Copyright © 2023 Hugh Norris - Non-contractual document. The programme is subject to change without notice. | + | Copyright © 2024 Hugh Norris - Non-contractual document. The programme is subject to change without notice. |
