Topic 1 Question 323
2 つ選択A company has a continuous integration pipeline where the company creates container images by using AWS CodeBuild. The created images are stored in Amazon Elastic Container Registry (Amazon ECR).
Checking for and fixing the vulnerabilities in the images takes the company too much time. The company wants to identify the image vulnerabilities quickly and notify the security team of the vulnerabilities.
Which combination of steps will meet these requirements with the LEAST operational overhead?
Activate Amazon Inspector enhanced scanning for Amazon ECR. Configure the enhanced scanning to use continuous scanning. Set up a topic in Amazon Simple Notification Service (Amazon SNS).
Create an Amazon EventBridge rule for Amazon Inspector findings. Set an Amazon Simple Notification Service (Amazon SNS) topic as the rule target.
Activate AWS Lambda enhanced scanning for Amazon ECR. Configure the enhanced scanning to use continuous scanning. Set up a topic in Amazon Simple Email Service (Amazon SES).
Create a new AWS Lambda function. Invoke the new Lambda function when scan findings are detected.
Activate default basic scanning for Amazon ECR for all container images. Configure the default basic scanning to use continuous scanning. Set up a topic in Amazon Simple Notification Service (Amazon SNS).
ユーザの投票
コメント(1)
- 正解だと思う選択肢: AB
It's AB based on this https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning-enhanced.html
👍 4teo21572024/12/17
シャッフルモード