Palo Alto Networks System Engineer – Prisma Cloud — Question 26

An image containing medium vulnerabilities that do not have available fixes is being deployed into the sock-shop namespace. Prisma Cloud has been configured for vulnerability management within the organization's continuous integration (CI) tool and registry.
What will occur during the attempt to deploy this image from the CI tool into the sock-shop namespace?

Answer options

• A. The image will pass the CI policy, but will be blocked by the deployed policy; therefore, it will not be deployed.
• B. The CI policy will fail the build; therefore, the image will not be deployed.
• C. The image will be deployed successfully, and all vulnerabilities will be reported.
• D. The image will be deployed successfully, but no vulnerabilities will be reported.

Correct answer: B

Explanation

The correct answer is B because the CI policy is set to fail the build if vulnerabilities are detected, preventing the image from being deployed. Options A, C, and D are incorrect because they imply that the image can be deployed despite the vulnerabilities, which contradicts the configuration of the CI policy.