🔥 3-day streak
Professional Cloud Architect63 / 169
Question 63 of 169

A software company is designing the CI/CD foundation for a greenfield migration to Google Cloud. Their build pipeline produces both Docker container images and language-specific packages (Maven and npm). Compliance requires that every artifact be scanned for known vulnerabilities before deployment and that deployments be blocked if an image contains a critical CVE. They want a single Google-managed service that stores all artifact types and integrates natively with vulnerability scanning and admission control. Which design should the architect recommend?

Reviewed for accuracy · Report an issueNext question