Palo Alto Networks Exam PSE-StrataDC Topic 6 Question 62 Discussion

Actual exam question for Palo Alto Networks's PSE-StrataDC exam

Question #: 62
Topic #: 6

[All PSE-StrataDC Questions]

Is vulnerability analysis against images in the registry sufficient for security?

AYes, containers do not have unique vulnerabilities.

BNo, you should do vulnerability analysis only against the running containers, which are vulnerable.

CYes, you are ensuring that the images the containers are based on are secure.

DNo, you need to do analysis in the CI system, in the registry, and against instantiated containers

Show Suggested Answer

Suggested Answer: C

by Dierdre at Jun 24, 2024, 03:12 PM

Limited Time Offer

25%

Off

Get Premium PSE-StrataDC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Quentin

3 months ago

Well, I'm no security expert, but it seems to me that you can't just rely on the registry. You've got to check the containers themselves too. D all the way!

upvoted 0 times

...

Loren

3 months ago

Ha! Good one. 'Containers don't have unique vulnerabilities' - that's a real knee-slapper. Definitely going with D on this one.

upvoted 0 times

Oretha

2 months ago

Agreed, it's important to cover all bases for security.

upvoted 0 times

...

Gennie

2 months ago

Yes, you need to do analysis in the CI system, in the registry, and against instantiated containers.

upvoted 0 times

...

Gussie

2 months ago

'Containers don't have unique vulnerabilities' - that's a real knee-slapper.

upvoted 0 times

...

Devon

2 months ago

Agreed, it's important to cover all bases for security.

upvoted 0 times

...

Dylan

2 months ago

Yes, you need to do analysis in the CI system, in the registry, and against instantiated containers.

upvoted 0 times

...

Donette

3 months ago

Containers don't have unique vulnerabilities.

upvoted 0 times

...

Maurine

4 months ago

I believe we need to do analysis in the CI system, registry, and against instantiated containers for comprehensive security.

upvoted 0 times

...

Laine

4 months ago

But by analyzing images, we are ensuring the containers are based on secure images.

upvoted 0 times

...

Luann

4 months ago

I disagree, we should do analysis against running containers too.

upvoted 0 times

...

Loise

4 months ago

I'd have to say C is the correct answer. If the images in the registry are secure, then the containers should be too, right?

upvoted 0 times

Brande

3 months ago

I agree, if the images in the registry are secure, then the containers should be secure as well.

upvoted 0 times

...

Coral

3 months ago

I think C is the best option, it ensures the security of the images which the containers are based on.

upvoted 0 times

...

Glory

4 months ago

Hmm, I think option D is the way to go. You really need to cover all your bases when it comes to security.

upvoted 0 times

Kenneth

3 months ago

But what about potential vulnerabilities in the CI system? Option D seems more comprehensive.

upvoted 0 times

...

Kathryn

3 months ago

I'm leaning towards option B, focusing on running containers seems more practical.

upvoted 0 times

...

Emelda

3 months ago

I think option C is sufficient, as long as the images are secure, the containers should be too.

upvoted 0 times

...

Theodora

4 months ago

I agree, option D covers all the necessary areas for security.

upvoted 0 times

...

Laine

5 months ago

I think vulnerability analysis against images in the registry is sufficient.

upvoted 0 times

...