Which service provides vulnerability scanning for container images?
- Azure DevOps
- Azure Logic Apps
- Azure Container Registry ✓
- Azure Functions
Correct answer: Azure Container Registry
Option C is correct because Azure Container Registry integrates with Microsoft Defender for Containers to provide vulnerability scanning of container images at push time and on a scheduled basis, identifying known CVEs in OS packages and application dependencies within the image layers. Option A, Azure DevOps, is a CI/CD and project management platform; while it can trigger pipelines that include scanning steps, it does not itself provide native container image vulnerability scanning. Option B, Azure Logic Apps, is a workflow automation service with no container image scanning capability. Option D, Azure Functions, is a serverless compute service for running event-driven code and has no built-in image vulnerability assessment features.
Topic: · azure container registry, vulnerability scanning, container security, defender for containers