CompTIA Security+ SY0-601 – Question530

A backdoor was detected on the containerized application environment. The investigation detected that a zero-
day vulnerability was introduced when the latest container image version was downloaded from a public
registry. Which of the following is the best solution to prevent this type of incident from occurring again?


A.
Enforce the use of a controlled trusted source of container images.
B. Deploy an IPS solution capable of detecting signatures of attacks targeting containers.
C. Define a vulnerability scan to assess container images before being introduced on the environment.
D. Create a dedicated VPC for the containerized environment.

Correct Answer: A