Différences
Ci-dessous, les différences entre deux révisions de la page.
| Prochaine révision | Révision précédente | ||
| elearning:workbooks:docker3:en:start [2023/12/17 05:21] – created admin | elearning:workbooks:docker3:en:start [2024/12/17 13:47] (Version actuelle) – admin | ||
|---|---|---|---|
| Ligne 1: | Ligne 1: | ||
| ~~PDF: | ~~PDF: | ||
| - | Version : **2023.01** | + | Version : **2024.01** |
| Last update : ~~LASTMOD~~ | Last update : ~~LASTMOD~~ | ||
| Ligne 188: | Ligne 188: | ||
| * **DOF606 - Overlay Network Management with Docker in Swarm mode** | * **DOF606 - Overlay Network Management with Docker in Swarm mode** | ||
| - | * Contents | ||
| * The Docker Network Model | * The Docker Network Model | ||
| * LAB #1 - Overlay Network Management | * LAB #1 - Overlay Network Management | ||
| Ligne 200: | Ligne 199: | ||
| * **DOF607 - Docker Security Management** | * **DOF607 - Docker Security Management** | ||
| - | * Contents | ||
| * LAB #1 - Using Docker Secrets | * LAB #1 - Using Docker Secrets | ||
| * LAB #2 - Creating a Trusted User to Control the Docker Daemon | * LAB #2 - Creating a Trusted User to Control the Docker Daemon | ||
| * LAB #3 - The docker-bench-security.sh script | * LAB #3 - The docker-bench-security.sh script | ||
| * LAB #4 - Securing the Docker Host Configuration | * LAB #4 - Securing the Docker Host Configuration | ||
| - | * 4.1 - [WARN] 1.2.1 - Ensure a separate partition for containers has been created | ||
| - | * 4.2 - [WARN] 1.2.3 - Ensure auditing is configured for the Docker daemon | ||
| * LAB #5 - Securing the Docker daemon configuration | * LAB #5 - Securing the Docker daemon configuration | ||
| - | * 5.1 - [WARN] 2.1 - Ensure network traffic is restricted between containers on the default bridge | + | * 5.1 - The / |
| - | * 5.2 - [WARN] 2.8 - Enable user namespace support | + | |
| - | * 5.3 - [WARN] 2.11 - Ensure that authorization for Docker client commands is enabled | + | |
| - | * 5.4 - [WARN] 2.12 - Ensure centralized and remote logging is configured | + | |
| - | * 5.5 - [WARN] 2.14 - Ensure Userland Proxy is Disabled | + | |
| - | * 5.6 - [WARN] 2.17 - Ensure containers are restricted from acquiring new privileges | + | |
| - | * 5.7 - The / | + | |
| * LAB #6 - Securing Images and Build Files | * LAB #6 - Securing Images and Build Files | ||
| - | * 6.1 - [WARN] 4.1 - Ensure a user for the container has been created | ||
| - | * 6.2 - [WARN] 4.5 - Ensure Content trust for Docker is Enabled | ||
| - | * 6.3 - [WARN] 4.6 - Ensure that HEALTHCHECK instructions have been added to container images | ||
| * LAB #7 - Securing the Container Runtime | * LAB #7 - Securing the Container Runtime | ||
| - | * 7.1 - [WARN] 5.1 - Ensure AppArmor Profile is Enabled | ||
| - | * 7.2 - [WARN] 5.2 - Ensure SELinux security options are set, if applicable | ||
| - | * 7.3 - [WARN] 5.10 - Ensure memory usage for container is limited | ||
| - | * 7.4 - [WARN] 5.11 - Ensure CPU priority is set appropriately on the container | ||
| - | * 7.5 - [WARN] 5.12 - Ensure the container' | ||
| - | * 7.6 - [WARN] 5.14 - Ensure ' | ||
| - | * 7.7 - [WARN] 5.25 - Ensure the container is restricted from acquiring additional privileges | ||
| - | * 7.8 - [WARN] 5.26 - Ensure container health is checked at runtime | ||
| - | * 7.9 - [WARN] 5.28 - Ensure PIDs cgroup limit is used | ||
| * LAB #8 - Securing Images with Docker Content Trust | * LAB #8 - Securing Images with Docker Content Trust | ||
| * 8.1 - DOCKER_CONTENT_TRUST | * 8.1 - DOCKER_CONTENT_TRUST | ||
| Ligne 252: | Ligne 230: | ||
| ----- | ----- | ||
| - | Copyright © 2023 Hugh Norris - Non-contractual document. The programme is subject to change without notice. | + | Copyright © 2024 Hugh Norris - Non-contractual document. The programme is subject to change without notice. |
