Your organization uses Cloud Run for containerized applications, with Cloud Build for building images and Artifact Registry for storing them. You need to prevent the deployment of any container to production if it contains vulnerabilities with a CVSS score higher than "medium." What should you do?

Exam-Like

Implement vulnerability scanning as part of the Cloud Build process. If any medium or higher vulnerabilities are detected, manually rebuild the image with updated components.

0.0%

Perform manual vulnerability checks post-build, but before Cloud Run deployment. Implement a manual security-engineer-driven remediation process.

0.0%

Configure Binary Authorization on Cloud Run to enforce image signatures. Create policies to allow deployment only for images passing a defined vulnerability threshold.

50.0%

Utilize a vulnerability scanner during the Cloud Build stage and set Artifact Registry permissions to block images containing vulnerabilities above "medium."

50.0%

Google Professional Cloud Security Engineer

Get started today

Comments

Your organization uses Cloud Run for containerized applications, with Cloud Build for building images and Artifact Registry for storing them. You need to prevent the deployment of any container to production if it contains vulnerabilities with a CVSS score higher than "medium." What should you do?