ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud DevOps Engineer All Questions

View all questions & answers for the Professional Cloud DevOps Engineer exam
Go to Exam

Exam Professional Cloud DevOps Engineer topic 1 question 55 discussion

Actual exam question from Google's Professional Cloud DevOps Engineer
Question #: 55
Topic #: 1
[All Professional Cloud DevOps Engineer Questions]

Your organization recently adopted a container-based workflow for application development. Your team develops numerous applications that are deployed continuously through an automated build pipeline to the production environment. A recent security audit alerted your team that the code pushed to production could contain vulnerabilities and that the existing tooling around virtual machine (VM) vulnerabilities no longer applies to the containerized environment. You need to ensure the security and patch level of all code running through the pipeline. What should you do?

  • A. Set up Container Analysis to scan and report Common Vulnerabilities and Exposures.
  • B. Configure the containers in the build pipeline to always update themselves before release.
  • C. Reconfigure the existing operating system vulnerability software to exist inside the container.
  • D. Implement static code analysis tooling against the Docker files used to create the containers.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by job_search83 at Oct. 26, 2021, 6:28 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
giammydell
Highly Voted 2 years, 6 months ago
A is correct for me
upvoted 10 times
...
jomonkp
Most Recent 4 months, 4 weeks ago
Selected Answer: A
Option A
upvoted 2 times
...
JonathanSJ
1 year, 3 months ago
Selected Answer: A
A. Set up Container Analysis to scan and report Common Vulnerabilities and Exposures. To ensure the security and patch level of all code running through the pipeline, you should set up Container Analysis to scan and report Common Vulnerabilities and Exposures. Container Analysis is a service on GCP that allows you to scan and analyze container images for vulnerabilities, malware and other issues. This will help you identify vulnerabilities in your container images and take appropriate action to address them.
upvoted 2 times
...
WhyIronMan
1 year, 4 months ago
Selected Answer: A
A) for sure
upvoted 1 times
...
zellck
1 year, 6 months ago
Selected Answer: A
A is the answer. https://cloud.google.com/container-analysis/docs/container-analysis Container Analysis is a service that provides vulnerability scanning and metadata storage for containers.
upvoted 1 times
...
ssmb
1 year, 6 months ago
A is correct.
upvoted 2 times
...
ramzez4815
1 year, 7 months ago
Selected Answer: A
Correct ans is A as per Google's best practices
upvoted 1 times
...
kapara
1 year, 8 months ago
A - correct since this system would have alerted the issue after deployment in stating/dev and before deployment to production. - preventing issues in prod. https://cloud.google.com/container-analysis/docs/container-analysis B - Updates don't prevent vulnerabilities C - Not addressing the root cause. D - Static code analysis against a Docker file is useless since the code does not reside there.
upvoted 1 times
...
zygomar
2 years, 2 months ago
Selected Answer: A
all comments so far agree that A is indeed the answer
upvoted 3 times
...
Sekierer
2 years, 3 months ago
A is correct
upvoted 1 times
...
Alaaelanwr
2 years, 6 months ago
Ans: A
upvoted 3 times
...
job_search83
2 years, 6 months ago
should be A
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago