AZ-400 Develop security and compliance plan

For cost and security, the team must scan container images in CI. What is the recommended approach?

Multiple choice — select one answer

Answer choices

  1. a. Defender for Cloud container scanning
  2. b. Latest tag only (not recommended for production workloads)
  3. c. No base updates (not recommended for production workloads)
  4. d. Microsoft Defender for Cloud

Architectural breakdown & explanation

Image scanning finds known vulnerabilities.

Correct answer(s): a. Defender for Cloud container scanning

Exam domain: Develop security and compliance plan (10% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the Microsoft Azure DevOps Engineer Expert bank. Run a full timed practice exam with domain-weighted random questions in your browser.