PROFESSIONAL-CLOUD-DEVELOPER · Question #269
PROFESSIONAL-CLOUD-DEVELOPER Question #269: Real Exam Question with Answer & Explanation
The correct answer is A: Create an attestor and a policy. After a container image has successfully passed the regression. Kritis Signer is an open source command-line tool that can create Binary Authorization attestations based on a policy that you configure. You can also use Kritis Signer to create attestations after checking an image for vulnerabilities identified by Container Analysis. https://cl
Question
You work for a financial services company that has a container-first approach. Your team develops microservices applications. A Cloud Build pipeline creates the container image, runs regression tests, and publishes the image to Artifact Registry. You need to ensure that only containers that have passed the regression tests are deployed to Google Kubernetes Engine (GKE) clusters. You have already enabled Binary Authorization on the GKE clusters. What should you do next?
Options
- ACreate an attestor and a policy. After a container image has successfully passed the regression
- BDeploy Voucher Server and Voucher Client components. After a container image has
- CSet the Pod Security Standard level to Restricted for the relevant namespaces. Use Cloud Build
- DCreate an attestor and a policy. Create an attestation for the container images that have passed
Explanation
Kritis Signer is an open source command-line tool that can create Binary Authorization attestations based on a policy that you configure. You can also use Kritis Signer to create attestations after checking an image for vulnerabilities identified by Container Analysis. https://cloud.google.com/binary-authorization/docs/creating-attestations-kritis
Topics
Community Discussion
No community discussion yet for this question.