Crucial Exams

CompTIA Linux+ XK0-006 (V8) Practice Question

You are refactoring a Jenkins CI/CD pipeline for a container-based application that currently runs the stages checkout → build → unit_test → package → deploy. The security team asks you to adopt a shift-left DevSecOps approach that detects vulnerable open-source dependencies and unsafe container images as early in the workflow as possible while providing rapid feedback to developers and preventing risky artifacts from progressing further in the pipeline. Where should you add automated Software Composition Analysis (SCA) and container-image vulnerability-scanning jobs to best satisfy this requirement?

  • Run vulnerability scans only in a separate nightly pipeline that reviews artifacts already pushed to the registry.

  • Perform the scans in the deploy stage so images are assessed just before they go to production.

  • Insert SCA and image-scan jobs directly after the build stage of every commit-triggered pipeline, blocking the pipeline if high-severity issues are found.

  • Rely on a post-production monitoring tool that periodically scans running containers for vulnerabilities.

CompTIA Linux+ XK0-006 (V8)
Automation, Orchestration, and Scripting
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot