ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-001 All Questions

View all questions & answers for the PT0-001 exam
Go to Exam

Exam PT0-001 topic 1 question 88 discussion

Actual exam question from CompTIA's PT0-001
Question #: 88
Topic #: 1
[All PT0-001 Questions]

In which of the following components is an exploited vulnerability MOST likely to affect multiple running application containers at once?

  • A. Common libraries
  • B. Configuration files
  • C. Sandbox escape
  • D. ASLR bypass
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
Reference:
https://www.stackrox.com/post/2019/02/the-runc-vulnerability-a-deep-dive-on-protecting-yourself/
by mr_robot at April 14, 2020, 6:16 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
boblee
Highly Voted 4 years, 10 months ago
the answer is A.
upvoted 12 times
...
MikeHunt
Highly Voted 5 years ago
Its A. A common library like a DLL can affect multiple programs at one time
upvoted 6 times
...
kloug
Most Recent 2 years, 2 months ago
AAAAAAA
upvoted 1 times
...
miabe
2 years, 9 months ago
Selected Answer: A
looks good to me
upvoted 1 times
...
Cock
3 years, 2 months ago
It was on the exam
upvoted 1 times
...
mecore
4 years, 12 months ago
The question is "what component", not "what attack/exploit art", so it should be A.
upvoted 6 times
...
mr_robot
5 years ago
I believe only C and D are examples of exploited vulnerabilities but maybe just D can affect several running application containers at once? ASLR https://blog.morphisec.com/aslr-what-it-is-and-what-it-isnt/ https://en.wikipedia.org/wiki/Address_space_layout_randomization https://www.abatchy.com/2017/06/exploit-dev-101-bypassing-aslr-on.html https://medium.com/@notsoshant/windows-exploitation-aslr-bypass-ms07-017-8760378e3e84 Sandbox https://unit42.paloaltonetworks.com/making-containers-more-isolated-an-overview-of-sandboxed-container-technologies/ https://www.trendmicro.com/vinfo/us/security/news/security-technology/how-can-advanced-sandboxing-techniques-thwart-elusive-malware
upvoted 1 times
mr_robot
5 years ago
Doing some more research, I would go for C - Sandbox Escape. https://securityboulevard.com/2019/02/container-escape-vulnerability-puts-cloud-infrastructure-at-risk/ "A serious vulnerability in runC, a tool used to spawn and run Linux containers, allows attackers to break out of containerized environments and gain full access to the underlying servers. RunC is a container runtime that makes use of Linux’s built-in capabilities to create sandboxes in which applications can run. A server can have hundreds of applications or microservices, each running in its own container."
upvoted 1 times
mr_robot
5 years ago
Maybe A? https://forums.docker.com/t/question-on-shared-libraries/45515 https://stackoverflow.com/questions/35863608/shared-library-in-containers https://www.netapp.com/us/info/what-are-containers.aspx
upvoted 4 times
deathfrom
5 years ago
I would agree, A.
upvoted 4 times
...
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago