1 / 5
A scan reports a 'CVE' in the image. What is a CVE?
-
-
-
-
A CVE (Common Vulnerabilities and Exposures) entry is a publicly identified, catalogued vulnerability.
2 / 5
The scanner flags a 'critical severity' finding. What should typically happen?
-
-
-
-
Critical findings demand prompt remediation before the image is promoted to production.
3 / 5
Most image vulnerabilities are fixed by what action?
-
-
-
-
Patching means rebuilding on an updated base image and dependency versions that resolve the CVEs.
4 / 5
A pipeline has a 'scan gate'. What does it do?
-
-
-
-
A scan gate fails the pipeline when findings exceed a policy threshold, preventing risky images from shipping.
5 / 5
Which sentence correctly uses 'attack surface'?
-
-
-
-
Attack surface is the set of components an attacker could exploit; fewer packages means less surface.