Bird
0
0

What will be the effect of running this command?

medium📝 Command Output Q13 of 15
Docker - Security
What will be the effect of running this command?
docker run --cap-drop ALL --cap-add CHOWN alpine id
AThe container has only the CHOWN capability enabled
BThe container has all capabilities except CHOWN
CThe container runs with full root privileges
DThe container will fail to start due to conflicting options
Step-by-Step Solution
Solution:

  1. Step 1: Analyze --cap-drop ALL

    This removes all Linux capabilities from the container, making it very restricted.

  2. Step 2: Analyze --cap-add CHOWN

    This adds back the CHOWN capability, allowing the container to change file ownership.

  3. Final Answer:

    The container has only the CHOWN capability enabled -> Option A

  4. Quick Check:

    Drop all then add one = only that one capability [OK]
Quick Trick: Drop ALL then add one = only that one capability [OK]
Common Mistakes:
  • Thinking --cap-add adds on top without drop effect
  • Assuming container runs with full privileges
  • Believing conflicting options cause failure

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Docker Quizzes
Docker Security - Read-only filesystem containers - Quiz 11easy Docker Swarm - Why orchestration matters - Quiz 2easy Docker Swarm - Swarm mode initialization - Quiz 9hard Image Optimization - Reducing image size strategies - Quiz 9hard Logging and Monitoring - Why monitoring containers matters - Quiz 15hard Logging and Monitoring - Container metrics collection - Quiz 12easy Production Patterns - Sidecar container pattern - Quiz 5medium Production Patterns - Backup and restore strategies - Quiz 8hard Production Patterns - Container orchestration in production - Quiz 3easy Resource Management - CPU limits and reservations - Quiz 10hard