ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-100 All Questions

View all questions & answers for the SC-100 exam
Go to Exam

Exam SC-100 topic 3 question 18 discussion

Actual exam question from Microsoft's SC-100
Question #: 18
Topic #: 3
[All SC-100 Questions]

You are designing the security standards for containerized applications onboarded to Azure.
You are evaluating the use of Microsoft Defender for Containers.
In which two environments can you use Defender for Containers to scan for known vulnerabilities? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. Linux containers deployed to Azure Container Instances
  • B. Windows containers deployed to Azure Kubernetes Service (AKS)
  • C. Windows containers deployed to Azure Container Registry
  • D. Linux containers deployed to Azure Container Registry
  • E. Linux containers deployed to Azure Kubernetes Service (AKS)
Show Suggested Answer Hide Answer
Suggested Answer: DE 🗳️
by PlumpyTumbler at Sept. 2, 2022, 3:28 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
PlumpyTumbler
Highly Voted 2 years, 8 months ago
Selected Answer: DE
https://docs.microsoft.com/en-us/learn/modules/design-strategy-for-secure-paas-iaas-saas-services/9-specify-security-requirements-for-containers https://docs.microsoft.com/en-us/azure/defender-for-cloud/defender-for-containers-introduction#view-vulnerabilities-for-running-images
upvoted 21 times
...
Granwizzard
Highly Voted 2 years, 8 months ago
Selected Answer: DE
https://docs.microsoft.com/en-us/azure/defender-for-cloud/supported-machines-endpoint-solutions-clouds-containers?tabs=azure-aks#registries-and-images Windows is on preview. OS Packages Supported • Alpine Linux 3.12-3.15 • Red Hat Enterprise Linux 6, 7, 8 • CentOS 6, 7 • Oracle Linux 6,6,7,8 • Amazon Linux 1,2 • openSUSE Leap 42, 15 • SUSE Enterprise Linux 11,12, 15 • Debian GNU/Linux wheezy, jessie, stretch, buster, bullseye • Ubuntu 10.10-22.04 • FreeBSD 11.1-13.1 • Fedora 32, 33, 34, 35
upvoted 9 times
baliuxas07
1 year, 1 month ago
As of right now: Operating systems Supported • Alpine Linux 3.12-3.19 • Red Hat Enterprise Linux 6-9 • CentOS 6-9 • Oracle Linux 6-9 • Amazon Linux 1, 2 • openSUSE Leap, openSUSE Tumbleweed • SUSE Enterprise Linux 11-15 • Debian GNU/Linux 7-12 • Google Distroless (based on Debian GNU/Linux 7-12) • Ubuntu 12.04-22.04 • Fedora 31-37 • Mariner 1-2 • Windows Server 2016, 2019, 2022
upvoted 2 times
baliuxas07
1 year, 1 month ago
My bad. Supported host operating systems Defender for Containers relies on the Defender sensor for several features. The Defender sensor is supported on the following host operating systems: Amazon Linux 2 CentOS 8 Debian 10 Debian 11 Google Container-Optimized OS Mariner 1.0 Mariner 2.0 Red Hat Enterprise Linux 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04 Ubuntu 22.04 URL: https://learn.microsoft.com/en-us/azure/defender-for-cloud/support-matrix-defender-for-containers?tabs=azure-aks#registries-and-images
upvoted 2 times
...
...
...
steus
Most Recent 7 months ago
Selected Answer: CD
Defender for Containers scans the container images in Azure Container Registry (ACR), Amazon AWS Elastic Container Registry (ECR), Google Artifact Registry (GAR), and Google Container Registry (GCR) to provide agentless vulnerability assessment for your container images, including registry and runtime recommendations, remediation guidance, quick scans of new images, real-world exploit insights, exploitability insights, and more.
upvoted 1 times
...
TomRoute66
8 months ago
Selected Answer: CD
The answer provided is CORRECT. CD / The answer is about the Vulnerability Management Feature. Find here the exact answer for Sep-2024: https://learn.microsoft.com/en-us/azure/defender-for-cloud/support-matrix-defender-for-containers#registries-and-images-support-for-azure---vulnerability-assessment-powered-by-microsoft-defender-vulnerability-management
upvoted 1 times
...
emartiy
11 months ago
Selected Answer: CD
Don't waste time! Read this Defender for Container scans ACR in azure, amazone, google.. It does not says AKS.. So only CD options seem correct! https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-containers-introduction#vulnerability-assessment:~:text=plane%20hardening.-,Vulnerability%20assessment,of%20new%20images%2C%20real%2Dworld%20exploit%20insights%2C%20exploitability%20insights%2C%20and%20more.,-Vulnerability%20information%20powered
upvoted 2 times
...
Mithu94
1 year ago
Selected Answer: CD
n every subscription where this capability is enabled, all images stored in ACR that meet the criteria for scan triggers are scanned for vulnerabilities without any extra configuration of users or registries. Recommendations with vulnerability reports are provided for all images in ACR as well as images that are currently running in AKS that were pulled from an ACR registry or any other Defender for Cloud supported registry (ECR, GCR, or GAR). Images are scanned shortly after being added to a registry, and rescanned for new vulnerabilities once every 24 hours.
upvoted 2 times
...
masby661
1 year, 3 months ago
Selected Answer: CD
Defender for Containers scans the container images in Azure Container Registry (ACR),
upvoted 2 times
...
sehlohomoletsane
1 year, 3 months ago
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-containers-introduction https://learn.microsoft.com/en-us/azure/defender-for-cloud/agentless-vulnerability-assessment-aws https://learn.microsoft.com/en-us/azure/defender-for-cloud/tutorial-enable-containers-azure https://learn.microsoft.com/en-us/azure/defender-for-cloud/faq-defender-for-containers
upvoted 1 times
...
tocane
1 year, 4 months ago
Selected Answer: AB
The correct environments where you can use Defender for Containers to scan for known vulnerabilities are: A. Linux containers deployed to Azure Container Instances B. Windows containers deployed to Azure Kubernetes Service (AKS) So, the correct selections would be A and B.
upvoted 1 times
...
juanpe147
1 year, 5 months ago
D and E are the correct annswers
upvoted 1 times
...
slobav
1 year, 8 months ago
C. Windows containers deployed to Azure Container Registry D. Linux containers deployed to Azure Container Registry https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-containers-introduction "Vulnerability assessment - Vulnerability assessment and management tools for images stored in Azure Container Registry and Elastic Container Registry"
upvoted 2 times
...
sbnpj
1 year, 9 months ago
Selected Answer: DE
https://learn.microsoft.com/en-us/azure/defender-for-cloud/support-matrix-defender-for-containers#registries-and-images-support-for-aks---powered-by-qualys
upvoted 2 times
...
zellck
2 years ago
Selected Answer: DE
DE is the answer. https://learn.microsoft.com/en-us/azure/defender-for-cloud/support-matrix-defender-for-containers?tabs=azure-aks#azure-aks https://learn.microsoft.com/en-us/azure/defender-for-cloud/support-matrix-defender-for-containers?tabs=azure-aks#registries-and-images-support-aks
upvoted 4 times
zellck
2 years ago
Gotten this in May 2023 exam.
upvoted 5 times
...
...
GeVanDerBe
2 years, 1 month ago
C-D, why, see article https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-containers-vulnerability-assessment-azure#faq "Currently, Defender for Containers can scan images in Azure Container Registry (ACR) and AWS Elastic Container Registry (ECR) only. Docker Registry, Microsoft Artifact Registry/Microsoft Container Registry, and Microsoft Azure Red Hat OpenShift (ARO) built-in container image registry are not supported. Images should first be imported to ACR."
upvoted 6 times
...
vitodobra
2 years, 2 months ago
Selected Answer: AD
The two correct options for using Microsoft Defender for Containers to scan for known vulnerabilities are: A. Linux containers deployed to Azure Container Instances D. Linux containers deployed to Azure Container Registry Microsoft Defender for Containers is compatible with Docker containers running on Linux operating systems, so it can scan for known vulnerabilities in Linux containers deployed to Azure Container Instances and Azure Container Registry. However, it cannot scan for known vulnerabilities in Windows containers deployed to Azure Kubernetes Service or Azure Container Registry, as Microsoft Defender for Containers currently only supports Linux operating systems.
upvoted 1 times
...
Ajdlfasudfo0
2 years, 3 months ago
Selected Answer: BD
Now that Defender for Containers also supports Windows containers running in AKS, BDE should be the answer.
upvoted 1 times
Fal991l
2 years, 2 months ago
ChatGTP: Microsoft Defender for Containers can be used to scan for known vulnerabilities in the following environments: A. Linux containers deployed to Azure Container Instances B. Windows containers deployed to Azure Kubernetes Service (AKS) C. Windows containers deployed to Azure Container Registry D. Linux containers deployed to Azure Container Registry E. Linux containers deployed to Azure Kubernetes Service (AKS) Therefore, options A, B, C, D, and E are all correct.
upvoted 1 times
Fal991l
2 years, 2 months ago
Correction: If you choose any of the other options, it would not be the best answer as they are not correct. Option A: This is correct as Microsoft Defender for Containers can scan Linux containers deployed to Azure Container Instances. Option B: This is not correct as Microsoft Defender for Containers can only scan Windows containers if they are deployed to a Windows Server 2019 node in an AKS cluster. Option C: This is not correct as Azure Container Registry is a container registry service, and Microsoft Defender for Containers does not scan container registries. Option D: This is not correct as Microsoft Defender for Containers cannot scan Linux containers deployed to Azure Container Registry. Option E: This is not correct as Microsoft Defender for Containers can only scan Linux containers deployed to AKS if they are deployed to a Linux node pool.
upvoted 1 times
Ramye
1 year, 4 months ago
ChatGPT will confuse you more :-)
upvoted 2 times
...
...
...
...
awssecuritynewbie
2 years, 3 months ago
Selected Answer: DE
Vulnerability assessment: Vulnerability assessment and management tools for images stored in ACR registries and running in Azure Kubernetes Service. Learn more in Vulnerability assessment.
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel