ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified DevOps Engineer - Professional DOP-C02 All Questions

View all questions & answers for the AWS Certified DevOps Engineer - Professional DOP-C02 exam
Go to Exam

Exam AWS Certified DevOps Engineer - Professional DOP-C02 topic 1 question 257 discussion

Exam question from Amazon's AWS Certified DevOps Engineer - Professional DOP-C02
Question #: 257
Topic #: 1
[All AWS Certified DevOps Engineer - Professional DOP-C02 Questions]

A company runs its container workloads in AWS App Runner. A DevOps engineer manages the company's container repository in Amazon Elastic Container Registry (Amazon ECR).

The DevOps engineer must implement a solution that continuously monitors the container repository. The solution must create a new container image when the solution detects an operating system vulnerability or language package vulnerability.

Which solution will meet these requirements?

  • A. Use EC2 Image Builder to create a container image pipeline. Use Amazon ECR as the target repository. Turn on enhanced scanning on the ECR repository. Create an Amazon EventBridge rule to capture an Inspector? finding event. Use the event to invoke the image pipeline. Re-upload the container to the repository.
  • B. Use EC2 Image Builder to create a container image pipeline. Use Amazon ECR as the target repository. Enable Amazon GuardDuty Malware Protection on the container workload. Create an Amazon EventBridge rule to capture a GuardDuty finding event. Use the event to invoke the image pipeline.
  • C. Create an AWS CodeBuild project to create a container image. Use Amazon ECR as the target repository. Turn on basic scanning on the repository. Create an Amazon EventBridge rule to capture an ECR image action event. Use the event to invoke the CodeBuild project. Re-upload the container to the repository.
  • D. Create an AWS CodeBuild project to create a container image. Use Amazon ECR as the target repository. Configure AWS Systems Manager Compliance to scan all managed nodes. Create an Amazon EventBridge rule to capture a configuration compliance state change event. Use the event to invoke the CodeBuild project.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by TEC1 at July 12, 2024, 2:28 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
TEC1
Highly Voted 9 months, 3 weeks ago
Selected Answer: A
Turn on enhanced scanning in the Amazon ECR repository settings. This enables Amazon Inspector to scan images for vulnerabilities.
upvoted 6 times
TEC1
9 months, 3 weeks ago
https://docs.aws.amazon.com/inspector/latest/user/scanning-ecr.html#:~:text=To%20configure%20your%20enhanced%20scanning%20settings&text=Open%20the%20Amazon%20ECR%20console,registry%2C%20and%20then%20choose%20Settings.
upvoted 1 times
...
...
jamesf
Highly Voted 9 months ago
Selected Answer: A
Keywords: Enhanced scanning, Amazon ECR, Amazon Inspector, vulnerabilities
upvoted 5 times
...
tgv
Most Recent 9 months, 3 weeks ago
Selected Answer: A
---> A
upvoted 4 times
...
trungtd
9 months, 3 weeks ago
Selected Answer: A
Enhanced scanning provides deep and comprehensive scanning for vulnerabilities in container images using Amazon Inspector.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago