🔥 3-day streak
ISC2 CCSP — Certified Cloud Security Professional97 / 124
Question 97 of 124

A development team ships a containerized microservice built on dozens of open-source libraries pulled from public package registries. After a widely publicized vulnerability was discovered in a transitive dependency, the security team wants a repeatable control that continuously identifies known-vulnerable components and their exact versions across all builds before deployment. Which practice most directly addresses this need?

Reviewed for accuracy · Report an issueNext question