🔥 3-day streak
CompTIA CySA+ (CS0-003)114 / 147
Question 114 of 147
A DevOps team at a financial services company builds microservices deployed as containers. Their CI/CD pipeline pulls base images from a public registry, layers in application code, and pushes the resulting images to a private registry before deployment to Kubernetes. The security analyst wants to detect vulnerable OS packages and outdated libraries in the built artifacts as early as possible, before they reach production. Where in this workflow should the analyst integrate vulnerability scanning to best meet this goal?
Reviewed for accuracy · Report an issueNext question