CompTIA Security+ (SY0-601) — Question 734

A security analyst is concerned about critical vulnerabilities that have been detected on some applications running inside containers. Which of the following is the
BEST remediation strategy?

Answer options

• A. Update the base container Image and redeploy the environment.
• B. Include the containers in the regular patching schedule for servers.
• C. Patch each running container individually and test the application.
• D. Update the host in which the containers are running.

Correct answer: A

Explanation

The best remediation strategy is to update the base container image and redeploy the environment, as this ensures that all instances of the application will run the latest, most secure version. The other options either address only specific containers or delay the remediation process, which could leave vulnerabilities exposed longer than necessary.