AZ-400 Develop security and compliance plan

What is the recommended Azure approach to scan container images in CI?

Multiple choice — select one answer

Answer choices

  1. a. No base updates (not recommended for production workloads)
  2. b. Latest tag only (not recommended for production workloads)
  3. c. Defender for Cloud container scanning
  4. d. Microsoft Defender for Cloud

Architectural breakdown & explanation

Image scanning finds known vulnerabilities.

Correct answer(s): c. Defender for Cloud container scanning

Exam domain: Develop security and compliance plan (10% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the Microsoft Azure DevOps Engineer Expert bank. Run a full timed practice exam with domain-weighted random questions in your browser.