Valid Professional-Cloud-Security-Engineer Dumps shared by ExamDiscuss.com for Helping Passing Professional-Cloud-Security-Engineer Exam! ExamDiscuss.com now offer the newest Professional-Cloud-Security-Engineer exam dumps, the ExamDiscuss.com Professional-Cloud-Security-Engineer exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com Professional-Cloud-Security-Engineer dumps with Test Engine here:
Your company wants to collect and analyze CVE information for packages in container images, and wants to prevent images with known security issues from running in your Google Kubernetes Engine environment. Which two security features does Google recommend including in a container build pipeline?
Correct Answer: A
A is correct because deployment policies defined in Binary Authorization ensure that only trusted images can be deployed in Google Kubernetes Engine clusters. Binary Authorization can integrate with Container Analysis which scans container images stored in Container Registry for vulnerabilities and stores trusted metadata used in the authorization process. B is not correct because it doesn't address the use case. C is correct because vulnerability scanning can be performed by Container Analysis to discover package vulnerability information in container base images and obtain CVE data from respective Linux distributions. D is not correct because it doesn't address the use case. https://cloud.google.com/binary-authorization/docs/overview https://cloud.google.com/container-registry/docs/container-analysis
