Question 38
Domain 5: Supply Chain SecurityAn organization wants to use a commercial product to scan container images for known vulnerabilities. Which tool listed in the syllabus directly fits this purpose?
Correct answer: A
Explanation
For commercial container image vulnerability scanning, select a tool explicitly identified as a commercial scanning product in the syllabus. — cks_syllabus.txt
Why each option is right or wrong
A. Snyk
The source material for Task 5.4 specifically lists Snyk under 'Snyk, Anchore Enterprise for commercial scanning,' so it directly matches a commercial tool used to scan images for known vulnerabilities.
B. Kubelet
Kubelet is not listed as a commercial scanning tool for image vulnerability scanning.
C. etcd
etcd is not identified as a commercial image scanning product in this topic.
D. CoreDNS
CoreDNS is not named as a commercial scanner for container image vulnerabilities.