Docker Registry Image Scanning Language Collocations
Practise the standard verbs for scanning container images before they reach production.
0 / 5 completed
1 / 5
Fill in: 'We ___ every image for known vulnerabilities before it's allowed to be pulled from the registry into production.'
We 'scan an image' — the standard, established container security collocation for checking layers against a vulnerability database. The other options aren't the recognised term here.
2 / 5
Fill in: 'Skipping scanning on base image updates can ___ a known CVE shipped silently into every downstream service.'
We say skipped scanning will 'leave' a vulnerability shipped — the standard, natural collocation here. The other options aren't idiomatic here.
3 / 5
Fill in: 'We ___ a severity threshold in CI so a critical CVE blocks the push while a low-severity finding only warns.'
We 'set a threshold' — the standard, simple collocation for configuring a policy cutoff. The other options are less idiomatic here.
4 / 5
Fill in: 'We ___ untagged and unscanned images from the registry on a schedule so storage doesn't fill with stale artefacts.'
We 'purge' images — the standard, established registry collocation for removing old or unused artefacts. The other options aren't the recognised term here.
5 / 5
Fill in: 'We ___ a scan report against the previous build so a genuinely new vulnerability stands out from ones already accepted.'
We 'compare a report' — the standard, simple collocation for contrasting two results. The other options are less idiomatic here.