DOP-C02 · Question #253
DOP-C02 Question #253: Real Exam Question with Answer & Explanation
Sign in or unlock DOP-C02 to reveal the answer and full explanation for question #253. The question stem and answer options stay visible for context.
Question
A company is migrating its container-based workloads to an AWS Organizations multi-account environment. The environment consists of application workload accounts that the company uses to deploy and run the containerized workloads. The company has also provisioned a shared services account for shared workloads in the organization. The company must follow strict compliance regulations. All container images must receive security scanning before they are deployed to any environment. Images can be consumed by downstream deployment mechanisms after the images pass a scan with no critical vulnerabilities. Pre-scan and post-scan images must be isolated from one another so that a deployment can never use pre-scan images. A DevOps engineer needs to create a strategy to centralize this process. Which combination of steps will meet these requirements with the LEAST administrative overhead? (Choose two.)
Options
- ACreate Amazon Elastic Container Registry (Amazon ECR) repositories in the shared services
- BCreate pre-scan Amazon Elastic Container Registry (Amazon ECR) repositories in each account
- CConfigure image replication for each image from the image's pre-scan repository to the image's
- DCreate a pipeline in AWS CodePipeline for each pre-scan repository. Create a source stage that
- ECreate an AWS Lambda function. Create an Amazon EventBridge rule that reacts to image
Unlock DOP-C02 to see the answer
You've previewed enough free DOP-C02 questions. Unlock DOP-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.