CompTIA Cloud+ (CV0-004) — Question 47

A cloud security analyst is concerned about security vulnerabilities in publicly available container images. Which of the following is the most appropriate action for the analyst to recommend?

Answer options

• A. Using CIS-hardened images
• B. Using watermarked images
• C. Using digitally signed images
• D. Using images that have an application firewall

Correct answer: A

Explanation

Recommending the use of CIS-hardened images is the best approach as these images are specifically designed to meet security benchmarks and reduce vulnerabilities. While digitally signed images (option C) enhance integrity, they do not necessarily address inherent security flaws. Watermarked images (option B) and images with an application firewall (option D) do not directly mitigate vulnerabilities in the images themselves.