AZ-400 Develop security and compliance plan

Which Azure offering should you use to scan container images in CI?

Multiple choice — select one answer

Answer choices

  1. a. Defender for Cloud container scanning
  2. b. Microsoft Defender for Cloud
  3. c. No base updates (not recommended for production workloads)
  4. d. Latest tag only (not recommended for production workloads)

Architectural breakdown & explanation

Image scanning finds known vulnerabilities.

Correct answer(s): a. Defender for Cloud container scanning

Exam domain: Develop security and compliance plan (10% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the Microsoft Azure DevOps Engineer Expert bank. Run a full timed practice exam with domain-weighted random questions in your browser.