nerdexam
Palo_Alto_Networks

PCCSE · Question #129

When would a policy apply if the policy is set under Defend > Vulnerability > Images > Deployed?

The correct answer is B. when a Container is started form an Image. The 'Deployed' category under Defend > Vulnerability > Images applies to images that are already running as containers in the environment. The policy is evaluated when a container is started from an image (B). 'Deployed' is distinct from 'CI' (which applies during the build/pipel

Container Security

Question

When would a policy apply if the policy is set under Defend > Vulnerability > Images > Deployed?

Options

  • Awhen a serverless repository is scanned
  • Bwhen a Container is started form an Image
  • Cwhen the Image is built and when a Container is started form an Image
  • Dwhen the Image is built

How the community answered

(37 responses)
  • A
    3% (1)
  • B
    86% (32)
  • C
    3% (1)
  • D
    8% (3)

Explanation

The 'Deployed' category under Defend > Vulnerability > Images applies to images that are already running as containers in the environment. The policy is evaluated when a container is started from an image (B). 'Deployed' is distinct from 'CI' (which applies during the build/pipeline stage) and registry scanning (which applies when images are pushed to registries). It does not apply during the image build step alone (D), and it is not related to serverless repositories (A).

Topics

#Prisma Cloud Policies#Container Runtime Security#Image Vulnerability Management#Policy Enforcement Points

Community Discussion

No community discussion yet for this question.

Full PCCSE Practice