1 / 5
Fill in: 'We ___ container images against a vulnerability database before shipping.'
-
-
-
-
We 'scan images' — the standard, established security collocation. The other options aren't idiomatic here.
2 / 5
Fill in: 'We ___ the base image to the smallest footprint that still runs the app.'
-
-
-
-
We 'trim' an image — the standard collocation for reducing its size and attack surface. The other options are less idiomatic here.
3 / 5
Fill in: 'We ___ unnecessary packages so they can't be exploited if compromised.'
-
-
-
-
We 'remove' packages — the standard, simple collocation. The other options are less idiomatic here.
4 / 5
Fill in: 'We ___ images to run as a non-root user by default.'
-
-
-
-
We 'configure' images — the standard collocation for setting runtime behaviour. The other options aren't idiomatic here.
5 / 5
Fill in: 'A critical CVE will ___ the pipeline until the base image is patched.'
-
-
-
-
We 'block the pipeline' — the standard CI/CD collocation for a failing gate. The other options are less idiomatic here.