-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathsecurity_identity_roles.yaml
More file actions
81 lines (73 loc) · 4.1 KB
/
security_identity_roles.yaml
File metadata and controls
81 lines (73 loc) · 4.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
questions:
- uuid: 3aeb8d79-c346-4f29-95c7-3245ac9c7cb6
question: In UCP (now MKE), what does RBAC stand for?
answers:
- { value: 'Role-Based Access Control', correct: true }
- { value: 'Registry-Based Access Control', correct: false }
- { value: 'Read-Based Access Certification', correct: false }
- { value: 'Resource Binding and ACL Configuration', correct: false }
help: https://docs.mirantis.com/docker-enterprise/v3.1/dockeree-products/ucp/rbac/
- uuid: 6f0a6a9e-3e91-472c-bd1c-8bdf1b179c92
question: Which built-in RBAC role grants read-only access to UCP (now MKE) resources?
answers:
- { value: 'ViewOnly', correct: true }
- { value: 'AuditRead', correct: false }
- { value: 'FullControl', correct: false }
- { value: 'RestrictedControl', correct: false }
help: https://docs.mirantis.com/docker-enterprise/v3.1/dockeree-products/ucp/rbac/default-roles.html
- uuid: 2fa7f0a6-3c4d-4f9c-9b7e-0871a5393b82
question: Which role allows a user to restart a service without modifying its content?
answers:
- { value: 'FullControl', correct: false }
- { value: 'RestrictedControl', correct: true }
- { value: 'ViewOnly', correct: false }
- { value: 'AdminOnly', correct: false }
help: https://docs.mirantis.com/docker-enterprise/v3.1/dockeree-products/ucp/rbac/default-roles.html
- uuid: 4b4ff307-79f0-4e5a-8c87-0ae4b21b1ef4
question: Which UCP (now MKE) role grants full access to resource actions?
answers:
- { value: 'Operator', correct: false }
- { value: 'RestrictedControl', correct: false }
- { value: 'ReadWrite', correct: false }
- { value: 'FullControl', correct: true }
help: https://docs.mirantis.com/docker-enterprise/v3.1/dockeree-products/ucp/rbac/default-roles.html
- uuid: 34781fc8-f57b-48e2-9b0e-4f2bbd54f5da
question: Which entity can be assigned an RBAC role in UCP (now MKE)?
answers:
- { value: 'A container', correct: false }
- { value: 'A volume', correct: false }
- { value: 'A user or a team', correct: true }
- { value: 'A registry', correct: false }
help: https://docs.mirantis.com/docker-enterprise/v3.1/dockeree-products/ucp/rbac/manage-access.html
- uuid: 05818c2f-b3c5-4dbb-939f-0ad5f98112c1
question: What does the scope of a role in UCP (now MKE) define?
answers:
- { value: 'The number of allowed actions', correct: false }
- { value: 'The priority level of the role', correct: false }
- { value: 'The access expiration time', correct: false }
- { value: 'The types of resources the role applies to', correct: true }
help: https://docs.mirantis.com/docker-enterprise/v3.1/dockeree-products/ucp/rbac/
- uuid: 5b3ffcbf-13c5-4e01-b282-601e3a8ce1d3
question: Which role is most appropriate for a read-only user on a namespace?
answers:
- { value: 'NamespaceReader', correct: false }
- { value: 'ViewOnly', correct: true }
- { value: 'Audit', correct: false }
- { value: 'RestrictedControl', correct: false }
help: https://docs.mirantis.com/docker-enterprise/v3.1/dockeree-products/ucp/rbac/use-cases.html
- uuid: 2c5f55b4-83ef-4040-b7c8-1822b0cdad73
question: What is a best practice to simplify role management?
answers:
- { value: 'Assign roles to teams rather than individual users', correct: true }
- { value: 'Create one role per service', correct: false }
- { value: 'Avoid using built-in roles', correct: false }
- { value: 'Give FullControl to everyone', correct: false }
help: https://docs.mirantis.com/docker-enterprise/v3.1/dockeree-products/ucp/rbac/manage-access.html
- uuid: 5a84f5f6-69ca-466b-80f2-d259fd387623
question: Which action is allowed by the `RestrictedControl` role but not by `ViewOnly`?
answers:
- { value: 'List volumes', correct: false }
- { value: 'Restart a container', correct: true }
- { value: 'Read service logs', correct: false }
- { value: 'View cluster status', correct: false }
help: https://docs.mirantis.com/docker-enterprise/v3.1/dockeree-products/ucp/rbac/default-roles.html