Answer-first summary for fast verification
Answer: Adopt Container Analysis to detect and report Common Vulnerabilities and Exposures (CVEs).
Container Analysis is the optimal solution as it specializes in scanning and reporting CVEs in production-deployed code. It offers insights into the security and patch status of the pipeline's code, enabling the early detection and remediation of vulnerabilities. Additionally, it features automated scanning and alerts for swift vulnerability management.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your organization has recently transitioned to a container-based workflow for application development, with frequent releases to production via an automated pipeline. A security audit revealed potential vulnerabilities in the production code, noting that current VM vulnerability assessment tools are incompatible with the containerized environment. What step should you take to ensure the security and patch-level of all code deployed through the pipeline?
A
Update the containers in the build pipeline to the latest version before each release.
B
Modify existing operating system vulnerability software to function within containers.
C
Implement static code analysis tools on the Docker files used for container creation.
D
Adopt Container Analysis to detect and report Common Vulnerabilities and Exposures (CVEs).