beginner

What is the purpose of scanning Docker images for vulnerabilities?

Scanning Docker images helps find security weaknesses before using them in production. It protects your applications from known security risks.

Click to reveal answer

beginner

Name a popular tool used to scan Docker images for vulnerabilities.

Trivy is a popular, easy-to-use tool that scans Docker images for known vulnerabilities.

Click to reveal answer

beginner

What does the command trivy image your-image-name do?

It scans the specified Docker image for security vulnerabilities and shows a report with found issues.

Click to reveal answer

intermediate

Why should you scan images regularly, not just once?

New vulnerabilities are discovered all the time. Regular scanning helps catch new risks and keeps your software safe.

Click to reveal answer

intermediate

What is a common output detail in vulnerability scan reports?

Reports usually show vulnerability severity (like LOW, MEDIUM, HIGH), affected packages, and fixed versions if available.

Click to reveal answer

Which tool is commonly used to scan Docker images for vulnerabilities?

AKubernetes

BGit

CTrivy

DDocker Compose

What does a vulnerability scanner check inside a Docker image?

AInstalled packages and their known security issues

BNetwork traffic

CCPU usage

DContainer logs

Why is it important to scan images before deployment?

ATo speed up the container startup

BTo find and fix security risks early

CTo reduce image size

DTo improve network speed

Which severity level indicates the most critical vulnerability in scan reports?

ACRITICAL

BMEDIUM

CHIGH

DLOW

How often should you scan your Docker images for vulnerabilities?

AOnly once when creating the image

BNever, it's not necessary

COnly after deployment

DRegularly, to catch new vulnerabilities

Explain why scanning Docker images for vulnerabilities is important and how it helps keep applications safe.

Describe how to use a tool like Trivy to scan a Docker image and interpret the results.