nerdexam
Microsoft

AZ-400 · Question #29

Your company deploys applications in Docket containers. You want to detect known exploits in the Docket images used to provision the Docker containers. You need to integrate image scanning into the ap

The correct answer is C. a task executed in the continuous integration pipeline and a scheduled task that analyzes the. You can use the Docker task to sign into ACR and then use a subsequent script to pull an image and scan the container image for vulnerabilities. Use the docker task in a build or release pipeline. This task can be used with Docker or Azure Container registry. https://docs.microso

Submitted by satoshi_tk· Mar 6, 2026Design and implement build and release pipelines

Question

Your company deploys applications in Docket containers. You want to detect known exploits in the Docket images used to provision the Docker containers. You need to integrate image scanning into the application lifecycle. The solution must expose the exploits as early as possible during the application lifecycle. What should you configure?

Options

  • Aa task executed in the continuous deployment pipeline and a scheduled task against a running
  • Ba task executed in the continuous integration pipeline and a scheduled task that analyzes the
  • Ca task executed in the continuous integration pipeline and a scheduled task that analyzes the
  • Dmanual tasks performed during the planning phase and the deployment phase

How the community answered

(55 responses)
  • A
    4% (2)
  • B
    2% (1)
  • C
    85% (47)
  • D
    9% (5)

Explanation

You can use the Docker task to sign into ACR and then use a subsequent script to pull an image and scan the container image for vulnerabilities. Use the docker task in a build or release pipeline. This task can be used with Docker or Azure Container registry. https://docs.microsoft.com/en-us/azure/devops/articles/security-validation-cicd- pipeline?view=vsts

Community Discussion

No community discussion yet for this question.

Full AZ-400 Practice