PROFESSIONAL-CLOUD-DEVELOPER · Question #230
PROFESSIONAL-CLOUD-DEVELOPER Question #230: Real Exam Question with Answer & Explanation
The correct answer is B: Enable Container Analysis, and upload new container images to Artifact Registry. Review the. Container Analysis is a service that provides vulnerability scanning and metadata storage for containers. The scanning service performs vulnerability scans on images in Container Registry and Artifact Registry, then stores the resulting metadata and makes it available for consump
Question
You are deploying a microservices application to Google Kubernetes Engine (GKE). The application will receive daily updates. You expect to deploy a large number of distinct containers that will run on the Linux operating system (OS). You want to be alerted to any known OS vulnerabilities in the new containers. You want to follow Google-recommended best practices. What should you do?
Options
- AUse the gcloud CLI to call Container Analysis to scan new container images. Review the
- BEnable Container Analysis, and upload new container images to Artifact Registry. Review the
- CEnable Container Analysis, and upload new container images to Artifact Registry. Review the
- DUse the Container Analysis REST API to call Container Analysis to scan new container images.
Explanation
Container Analysis is a service that provides vulnerability scanning and metadata storage for containers. The scanning service performs vulnerability scans on images in Container Registry and Artifact Registry, then stores the resulting metadata and makes it available for consumption through an API. Metadata storage allows storing information from different sources, including vulnerability scanning, other Google Cloud services, and third-party providers. https://cloud.google.com/container-analysis/docs/container-analysis
Topics
Community Discussion
No community discussion yet for this question.