You are designing the security standards for containerized applications onboarded to Azure. You are evaluating the use of Microsoft Defender for Containers. In which two environments can you use Defender for Containers to scan for known vulnerabilities? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

Background Information: The new plan merges the capabilities of the two existing Microsoft Defender for Cloud plans, Microsoft Defender for Kubernetes and Microsoft Defender for container registries. Azure container registries can include both Windows and Linux images. You can use Defender for Containers to scan the container images stored in your Azure Resource Manager-based Azure Container Registry as part of the protections provided within Microsoft Defender for Cloud. To enable scanning of vulnerabilities in containers, you have to enable Defender for Containers. When the scanner, powered by Qualys, reports vulnerabilities, Defender for Cloud presents the findings and related information as recommendations. In addition, the findings include related information such as remediation steps, relevant CVEs, CVSS scores, and more. You can view the identified vulnerabilities for one or more subscriptions, or for a specific registry.

Note: Defender for Containers includes an integrated vulnerability scanner for scanning images in Azure Container Registry registries. The vulnerability scanner runs on an image when you push the image to your registry, weekly on any image that was pulled within the last 30 days, when you import the image to your Azure Container Registry, and continuously in specific situations. View vulnerabilities for running images. The recommendation 'Running container images should have vulnerability findings resolved' shows vulnerabilities for running images by using the scan results from ACR registries and information on running images from the Defender security profile/extension.