Which statement about container approvals is correct?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the SFPC Information Security Exam. Use flashcards and multiple choice questions, each with hints and explanations. Prepare for your exam efficiently!

Multiple Choice

Which statement about container approvals is correct?

Explanation:
Container approvals ensure that only vetted container images are allowed into production through a formal, auditable process. This means an image must be reviewed and authorized by the right people, and it should meet specific checks before deployment. Key elements typically include verifying image provenance (where the image came from and what it’s built on), running security scans to identify vulnerabilities, ensuring license and compliance constraints are met, and confirming that the image is signed or attested and approved by the responsible stakeholders. If Jo’s statement reflects this approach—that approvals must be documented, tied to concrete criteria, and require appropriate sign-off—then it aligns with best practice. That’s why Jo is the correct choice. Chris’s statement would generally be incorrect if it implies approvals aren’t needed, can be bypassed, or aren’t tied to a formal, auditable process.

Container approvals ensure that only vetted container images are allowed into production through a formal, auditable process. This means an image must be reviewed and authorized by the right people, and it should meet specific checks before deployment. Key elements typically include verifying image provenance (where the image came from and what it’s built on), running security scans to identify vulnerabilities, ensuring license and compliance constraints are met, and confirming that the image is signed or attested and approved by the responsible stakeholders.

If Jo’s statement reflects this approach—that approvals must be documented, tied to concrete criteria, and require appropriate sign-off—then it aligns with best practice. That’s why Jo is the correct choice. Chris’s statement would generally be incorrect if it implies approvals aren’t needed, can be bypassed, or aren’t tied to a formal, auditable process.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy