ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-005 All Questions

View all questions & answers for the CAS-005 exam
Go to Exam

Exam CAS-005 topic 1 question 70 discussion

Actual exam question from CompTIA's CAS-005
Question #: 70
Topic #: 1
[All CAS-005 Questions]

A security engineer needs to ensure production containers are automatically scanned for vulnerabilities before they are accepted into the production environment. Which of the following should the engineer use to automatically incorporate vulnerability scanning on every commit?

  • A. Code repository
  • B. CI/CD pipeline
  • C. Integrated development environment
  • D. Container orchestrator
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by vicbersong at May 6, 2025, 12:43 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
vicbersong
1 month, 2 weeks ago
Selected Answer: C
Why B. CI/CD pipeline is correct: The CI/CD (Continuous Integration/Continuous Deployment) pipeline automates various stages of the development and deployment process. It allows you to hook in vulnerability scanning tools (e.g., Trivy, Clair, Anchore, Snyk) that scan container images after they're built. Scanning can be triggered automatically on every commit, merge, or build — ensuring insecure containers never make it to production. Why the others are incorrect: A. Code repository: While it stores the code and can trigger actions (like webhooks), it doesn’t itself perform scanning. That happens in the pipeline. C. Integrated development environment (IDE): An IDE helps developers write and test code locally. It's not designed for automated scanning on commits. D. Container orchestrator: Tools like Kubernetes manage containers in production but are not responsible for scanning them pre-deployment.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel