An organization deploys new container services and observes unexpected modifications to system library files. The security team suspects malicious code insertion. Which option helps pinpoint unauthorized changes?
Replace system-level credentials throughout the environment
Prevent access to the container management console
Scan copies of the container images offline with a dedicated analyzing utility
Run the impacted container to capture logs from active processes
Analyzing container images offline with a scanning tool is an effective way to detect unauthorized changes. This approach inspects files and dependencies in a safe environment to reveal malicious code. Starting a new instance from the same source can exacerbate the issue, rotating credentials does not confirm suspicious modifications, and disabling access to management panels restricts some activity but does not reveal hidden scripts.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a container image?
Open an interactive chat with Bash
How does offline scanning of container images work?
Open an interactive chat with Bash
Why is starting the impacted container to capture logs not ideal?