What should you configure?
Your company deploys applications m Docket containers.
You want to detect known exploits in the Docket images used to provision the Docker containers.
You need to integrate image scanning into the application lifecycle. The solution must expose the exploits as early as possible during the application lifecycle.
What should you configure?
A . a task executed in the continuous deployment pipeline and a scheduled task against a running production container.
B . a task executed in the continuous integration pipeline and a scheduled task that analyzes the production container.
C . a task executed in the continuous integration pipeline and a scheduled task that analyzes the image registry
D . manual tasks performed during the planning phase and the deployment phase
Answer: C
Explanation:
You can use the Docker task to sign into ACR and then use a subsequent script to pull an image and scan the container image for vulnerabilities.
Use the docker task in a build or release pipeline. This task can be used with Docker or Azure Container registry.
References: https://docs.microsoft.com/en-us/azure/devops/articles/security-validation-cicd-pipeline?view=vsts
Latest AZ-400 Dumps Valid Version with 289 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund