ISC2 Certified Cloud Security Professional (CCSP) Practice Question
Your company plans to pull a commercially supported container image for a log aggregator from a marketplace repository and deploy it to a production Kubernetes cluster in a public cloud. As the cloud security professional reviewing the request, which action provides the most effective first-line control to mitigate software supply-chain risk associated with this vendor component?
Verify the container image's digital signature against the vendor-published public key before import.
Run the image in an isolated namespace and monitor runtime system calls for 30 days after deployment.
Place the container in a private subnet that has no outbound Internet access once it is running.
Rely on the cloud provider's shared responsibility model to guarantee marketplace images are safe.
The most important initial safeguard in a software-supply-chain scenario is to establish the integrity and authenticity of the code or image you will run. Verifying the container image's cryptographic signature with the vendor's published public key confirms that the artifact has not been tampered with in transit and that it truly originates from the expected supplier. Runtime monitoring, network isolation, and reliance on the provider's marketplace controls are all useful defense-in-depth measures, but they do not address the primary risk of deploying a modified or malicious image before it reaches the runtime environment.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a digital signature, and why is it important for container security?
Open an interactive chat with Bash
How does verifying a container's digital signature mitigate software supply-chain risks?
Open an interactive chat with Bash
What is the role of cryptographic keys in digital signature verification?
Open an interactive chat with Bash
ISC2 Certified Cloud Security Professional (CCSP)
Cloud Application Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .