A customer is deploying Defenders to a Fargate environment. It wants to understand the vulnerabilities in the image it is deploying. How should the customer automate vulnerability scanning for images deployed to Fargate?
A.
Set up a vulnerability scanner on the registry
B.
Embed a Fargate Defender to automatically scan for vulnerabilities
C.
Designate a Fargate Defender to serve a dedicated image scanner
D.
Use Cloud Compliance to identify misconfigured AWS accounts
If you use services providing containers on demand, you can run containers, but the service abstracts away the underlying cluster, host, operating system, and software modules. Without access to those hooks, container Defenders can’t monitor and protect resources in those environments. Instead, embed an app-embedded Defender directly inside your workload running in the container to establish a point of control. You can manually embed the Defenders or use automated workflows to embed Defenders using Fargate or Dockerfile.
Using Dockerfile, you deploy one app-embedded Defender per container. Using Fargate, you deploy one app-embedded Defender per task.
This is about vulnerabilities, not defend runtime.
https://docs.prismacloud.io/en/classic/compute-admin-guide/vulnerability-management/registry-scanning/configure-registry-scanning
This section is not available anymore. Please use the main Exam Page.PCCSE Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Cosmonauta
10 months agoLeonel01
10 months, 1 week agoFS9
1 year, 1 month agoFS9
1 year, 1 month agoSpippolo
1 year, 11 months agoRedrum702
2 years, 2 months agoHARRY
2 years, 3 months agoJoe27
3 years ago