🔥 3-day streak
Professional Cloud Security Engineer26 / 152
Question 26 of 152
A financial services company runs its container build pipeline in Cloud Build, pushing images to Artifact Registry. Auditors require cryptographic proof of how each image was built, including the source commit and build steps, so that downstream Binary Authorization policies can verify that images originate only from the trusted pipeline. The security team wants to enable this evidence with minimal custom tooling. What should they do?
Reviewed for accuracy · Report an issueNext question