Google Professional Cloud Developer
Get started today
Ultimate access to all questions.
You are updating your Cloud Build pipeline to follow best practices. The current steps are:
- Pull source code from a repository
- Build a container image
- Push the image to Artifact Registry
You need to introduce a vulnerability scanning step for the built container image and make the scan results accessible to your Google Cloud deployment pipeline, while minimizing impact on other teams' workflows. What is the recommended approach?
You are updating your Cloud Build pipeline to follow best practices. The current steps are:
- Pull source code from a repository
- Build a container image
- Push the image to Artifact Registry
You need to introduce a vulnerability scanning step for the built container image and make the scan results accessible to your Google Cloud deployment pipeline, while minimizing impact on other teams' workflows. What is the recommended approach?
Exam-Like
A
Enable Binary Authorization, and configure it to attest that no vulnerabilities exist in a container image.
23.8%
B
Upload the built container images to your Docker Hub instance, and scan them for vulnerabilities.
0.0%
Comments
Loading comments...