Test Case for FEA406

Test Case description	Harden all of the docker containers to increase security.
Test Case ID	TESTCASE406
Author/Designer	Rasmus Vasara
Date of creation	8.3.2024
Class	Security

Test description / objective

This test case should verify that all Docker containers used in the application environment are appropriately hardened to enhance security

Links to requirements or other sources

• Requirements: ReqId
• Use case: Use Case ?
• Feature: Feature

Test pre-state

Docker containers are running.
Web application environment is up.

Test steps

1. Review Docker container configurations and ensure that security best practices are implemented.
2. Inspect container images for known vulnerabilities and apply necessary patches or updates.
3. Verify that unnecessary services, ports, and privileges are disabled or restricted within the Docker containers.
4. Implement access controls and least privilege principles for containerized applications and services.
5. Check for compliance with industry standards and guidelines for Docker security.
6. Perform security testing on Docker containers, such as vulnerability scanning and penetration testing.

Test end-state

Docker containers are hardened with enhanced security measures.

To be taken into account during test

• Notion 1
• Notion 2

Test result (Pass/Fail Criteria)

• PASS condition: Docker containers hardened to increase security

• FAIL condition: Docker containers remain vulnerable or fail to implement security best practices