Topic 1 Question 139
Your company’s development teams want to use various open source operating systems in their Docker builds. When images are created in published containers in your company’s environment, you need to scan them for Common Vulnerabilities and Exposures (CVEs). The scanning process must not impact software development agility. You want to use managed services where possible. What should you do?
Enable the Vulnerability scanning setting in the Container Registry.
Create a Cloud Function that is triggered on a code check-in and scan the code for CVEs.
Disallow the use of non-commercially supported base images in your development environment.
Use Cloud Monitoring to review the output of Cloud Build to determine whether a vulnerable version has been used.
ユーザの投票
コメント(3)
- 正解だと思う選択肢: A
A is the answer.
https://cloud.google.com/container-analysis/docs/os-overview
👍 1zellck2022/12/17 https://docs.docker.com/engine/scan/ Answer A
👍 1TNT872022/12/25- 正解だと思う選択肢: A
A. Enable the Vulnerability scanning setting in the Container Registry would be the best solution in this case.
It would allow you to automatically scan images for known vulnerabilities and detect any issues as soon as they're pushed to the registry. This will help to identify vulnerabilities early in the development cycle, allowing the development teams to take action before images are deployed to production. This approach is automated, does not impact development agility and since it is a built-in feature of the Container Registry, it is a managed service and therefore, it does not require additional maintenance and management.
👍 1omermahgoub2023/01/11
シャッフルモード