From Azure Security Center, you enable Azure Container Registry vulnerability scanning of the images in Registry1.
You perform the following actions:
-> Push a Windows image named Image1 to Registry1.
-> Push a Linux image named Image2 to Registry1.
-> Push a Windows image named Image3 to Registry1.
-> Modify Image1 and push the new image as Image4 to Registry1.
-> Modify Image2 and push the new image as Image5 to Registry1.
Which two images will be scanned for vulnerabilities? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
Click on the arrows to vote for the correct answer
A. B. C. D. E.BE
Only Linux images are scanned. Windows images are not scanned.
https://docs.microsoft.com/en-us/azure/security-center/azure-container-registry-integrationAzure Security Center provides vulnerability scanning capabilities for container images stored in Azure Container Registry. When you enable container image scanning in Azure Security Center, it will scan all the container images in the registry to identify known vulnerabilities and provide recommendations for remediation.
In this scenario, the following actions were performed:
The question asks which images will be scanned for vulnerabilities. The answer is A. Image4 and E. Image5.
The reason for this is that container image scanning is a one-time process that occurs when the image is first pushed to the registry. Any subsequent modifications to the image will not trigger another vulnerability scan. Therefore, Image1, Image2, and Image3 will not be scanned for vulnerabilities. Image4 and Image5, however, are new images that were pushed to the registry and will be scanned for vulnerabilities.
It's worth noting that enabling vulnerability scanning in Azure Security Center is a best practice for ensuring the security of container images used in your environment. By scanning container images for known vulnerabilities, you can identify and remediate security issues before they can be exploited by attackers.