0
0
Kubernetesdevops~20 mins

Image security scanning in Kubernetes - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Image Security Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
💻 Command Output
intermediate
2:00remaining
Output of Trivy scan on a vulnerable image
You run the command trivy image alpine:3.12 to scan the Alpine Linux image for vulnerabilities. What is the expected output type?
Kubernetes
trivy image alpine:3.12
AA syntax error indicating invalid command usage
BA list of detected vulnerabilities with severity levels and CVE IDs
CAn empty output with no vulnerabilities found
DA runtime error due to missing Docker daemon
Attempts:
2 left
💡 Hint
Trivy scans images and reports vulnerabilities found inside them.
🧠 Conceptual
intermediate
1:30remaining
Purpose of image security scanning in Kubernetes
What is the main purpose of performing image security scanning before deploying containers in Kubernetes?
ATo detect and report known security vulnerabilities in container images
BTo monitor container resource usage during runtime
CTo automatically update images to the latest version
DTo speed up container startup time by preloading images
Attempts:
2 left
💡 Hint
Think about why security scanning is important before running containers.
🔀 Workflow
advanced
2:30remaining
Correct order of steps for integrating image scanning in CI/CD
Arrange the following steps in the correct order to integrate image security scanning into a Kubernetes CI/CD pipeline.
A1,3,2,4
B2,1,3,4
C1,2,3,4
D3,1,2,4
Attempts:
2 left
💡 Hint
Think about when scanning should happen relative to building and pushing images.
Troubleshoot
advanced
2:00remaining
Troubleshooting failed image scan due to missing permissions
A Trivy scan fails with the error: failed to initialize image source: unauthorized: authentication required. What is the most likely cause?
AThe Docker registry requires authentication and credentials are missing or incorrect
BThe image does not exist in the registry
CTrivy is not installed on the system
DThe Kubernetes cluster is not reachable
Attempts:
2 left
💡 Hint
Consider what 'authentication required' means when accessing images.
Best Practice
expert
3:00remaining
Best practice for automating image security scanning in Kubernetes environments
Which approach is considered best practice for automating image security scanning in Kubernetes environments?
AManually scan images on developer machines before pushing
BScan images only after deployment to detect runtime vulnerabilities
CIgnore scanning and rely on Kubernetes network policies for security
DIntegrate scanning into the CI pipeline to block builds with critical vulnerabilities
Attempts:
2 left
💡 Hint
Think about how automation and early detection improve security.