CCCS-203B · Question #142
CCCS-203B Question #142: Real Exam Question with Answer & Explanation
The correct answer is B. Using a minimal base image with only the necessary dependencies.. Option A: While using the latest version is generally good practice, it must be from a verified source and appropriately reviewed. Blindly trusting the latest version can still introduce unnecessary dependencies or vulnerabilities. Option B: This is the correct answer because min
Question
Options
- AUsing the latest version of the base image without modification.
- BUsing a minimal base image with only the necessary dependencies.
- CRelying solely on runtime security tools to mitigate risks.
- DBuilding a custom base image with multiple utility tools pre-installed.
Explanation
Option A: While using the latest version is generally good practice, it must be from a verified source and appropriately reviewed. Blindly trusting the latest version can still introduce unnecessary dependencies or vulnerabilities. Option B: This is the correct answer because minimal base images reduce the attack surface by limiting the included software to only what is necessary for the application to run. This approach minimizes potential vulnerabilities and simplifies vulnerability management. Option C: Runtime tools are important but are not a substitute for secure image practices. Images must be secured at the build and review stages to prevent vulnerabilities from reaching runtime. Option D: This increases the attack surface because each additional tool or dependency introduces more potential vulnerabilities. Custom images should be minimal and tailored to application requirements.
Community Discussion
No community discussion yet for this question.