CompTIA CASP+ (CAS-004) — Question 448

A security engineer needs to ensure production containers are automatically scanned for vulnerabilities before they are accepted into the production environment. Which of the following should the engineer use to automatically incorporate vulnerability scanning on every commit?

Answer options

• A. Code repository
• B. CI/CD pipeline
• C. Integrated development environment
• D. Container orchestrator

Correct answer: B

Explanation

The correct answer is B, as a CI/CD pipeline automates the process of building, testing, and deploying applications, which can include automated vulnerability scanning at each commit. The other options, such as a Code repository (A), Integrated development environment (C), and Container orchestrator (D), do not inherently provide the automation needed for scanning vulnerabilities during the commit process.