CompTIA PenTest+ (PT0-003) — Question 176

A penetration tester is getting ready to conduct a vulnerability scan to evaluate an environment that consists of a container orchestration cluster. Which of the following tools would be best to use for this purpose?

Answer options

• A. NSE
• B. Nessus
• C. CME
• D. Trivy

Correct answer: D

Explanation

Trivy is specifically designed for scanning containers and is able to detect vulnerabilities in container images, making it the best choice for this scenario. While Nessus is a comprehensive vulnerability scanner, it may not be optimized for container environments. NSE and CME are not primarily focused on container vulnerability assessments.