ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Developer All Questions

View all questions & answers for the Professional Cloud Developer exam
Go to Exam

Exam Professional Cloud Developer topic 1 question 158 discussion

Actual exam question from Google's Professional Cloud Developer
Question #: 158
Topic #: 1
[All Professional Cloud Developer Questions]

You are running a containerized application on Google Kubernetes Engine. Your container images are stored in Container Registry. Your team uses CI/CD practices. You need to prevent the deployment of containers with known critical vulnerabilities. What should you do?

  • A. • Use Web Security Scanner to automatically crawl your application
    • Review your application logs for scan results, and provide an attestation that the container is free of known critical vulnerabilities
    • Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed
  • B. • Use Web Security Scanner to automatically crawl your application
    • Review the scan results in the scan details page in the Cloud Console, and provide an attestation that the container is free of known critical vulnerabilities
    • Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed
  • C. • Enable the Container Scanning API to perform vulnerability scanning
    • Review vulnerability reporting in Container Registry in the Cloud Console, and provide an attestation that the container is free of known critical vulnerabilities
    • Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed
  • D. • Enable the Container Scanning API to perform vulnerability scanning
    • Programmatically review vulnerability reporting through the Container Scanning API, and provide an attestation that the container is free of known critical vulnerabilities
    • Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by KlaasvR at Dec. 14, 2022, 8:51 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
d_ella2001
1 year, 1 month ago
Selected Answer: D
D is correct
upvoted 1 times
...
xiaofeng_0226
1 year, 9 months ago
Selected Answer: C
i think c is correct
upvoted 3 times
...
__rajan__
1 year, 10 months ago
Selected Answer: D
D is correct.
upvoted 2 times
...
purushi
2 years ago
Selected Answer: D
Using container scanning API is a better choice.
upvoted 1 times
...
telp
2 years, 7 months ago
Selected Answer: D
Answer is D, use the default tools provided by google like container analysis.
upvoted 1 times
...
TNT87
2 years, 7 months ago
https://cloud.google.com/container-analysis/docs/automated-scanning-howto#view-code https://cloud.google.com/binary-authorization/docs Answer D
upvoted 2 times
...
zellck
2 years, 8 months ago
Selected Answer: D
D is the answer. https://cloud.google.com/binary-authorization/docs/creating-attestations-kritis
upvoted 2 times
...
KlaasvR
2 years, 8 months ago
I would go for D https://cloud.google.com/container-analysis/docs/os-overview
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel