PCCSE · Question #34
Which three Options are selectable in a CI policy for image scanning with Jenkins or twistcli? (Choose three.)
The correct answer is B. Grace Period C. Failure threshold E. Apply rule only when vendor fixes are available. The three selectable options in a Prisma Cloud CI policy for image scanning with Jenkins or twistcli are Grace Period, Failure Threshold, and the option to apply the rule only when vendor fixes are available.
Question
Which three Options are selectable in a CI policy for image scanning with Jenkins or twistcli? (Choose three.)
Options
- AScope - Scans run on a particular host
- BGrace Period
- CFailure threshold
- DCredential
- EApply rule only when vendor fixes are available
How the community answered
(26 responses)- A8% (2)
- B88% (23)
- D4% (1)
Why each option
The three selectable options in a Prisma Cloud CI policy for image scanning with Jenkins or twistcli are Grace Period, Failure Threshold, and the option to apply the rule only when vendor fixes are available.
Scope based on a particular host is a configuration option for runtime policies applied to deployed workloads, not for CI image scanning policies used with Jenkins or twistcli.
Grace Period is a configurable CI policy option that allows a defined window of time before a newly discovered vulnerability causes a build failure, preventing immediate disruption when new CVEs are published.
Failure Threshold sets the minimum severity level at which a vulnerability will cause the CI job to fail, allowing teams to block builds only when vulnerabilities meet or exceed the defined severity.
Credential configuration is handled at the scanner or integration level such as in Jenkins plugin settings or twistcli command arguments, not as a selectable option within the CI policy definition itself.
The 'Apply rule only when vendor fixes are available' option prevents build failures for vulnerabilities that have no available patch, avoiding blocking development work for issues that cannot yet be remediated.
Concept tested: Prisma Cloud CI policy options for image scanning
Source: https://docs.prismacloud.io/en/enterprise-edition/content-collections/runtime-security/vulnerability-management/ci-cd-scanning
Topics
Community Discussion
No community discussion yet for this question.