How can you ensure that containers with known critical vulnerabilities are not deployed when running a containerized application on Google Kubernetes Engine, using images stored in Container Registry and following CI/CD practices?

Exam-Like

• Use Web Security Scanner to automatically crawl your application • Review your application logs for scan results, and provide an attestation that the container is free of known critical vulnerabilities • Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed

5.3%

• Use Web Security Scanner to automatically crawl your application • Review the scan results in the scan details page in the Cloud Console, and provide an attestation that the container is free of known critical vulnerabilities • Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed

7.9%

• Enable the Container Scanning API to perform vulnerability scanning • Review vulnerability reporting in Container Registry in the Cloud Console, and provide an attestation that the container is free of known critical vulnerabilities • Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed

26.3%

• Enable the Container Scanning API to perform vulnerability scanning • Programmatically review vulnerability reporting through the Container Scanning API, and provide an attestation that the container is free of known critical vulnerabilities • Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed

60.5%

Google Professional Cloud Developer

Get started today

Comments

How can you ensure that containers with known critical vulnerabilities are not deployed when running a containerized application on Google Kubernetes Engine, using images stored in Container Registry and following CI/CD practices?