Quiz: Securing & Governing AI Workloads
What are the three roles that Syft, Trivy/Grype, and Cosign play in an image supply chain? (select all that apply)
(select all that apply)
Trivy reports 2 Critical / 9 High vulnerabilities on acme-support-agent:latest. Grype reports 5 Critical / 28 High on the same image. Which statement best describes how to handle this?
Which docker run flags are required to prove that a sandboxed container truly cannot reach the network or escalate privileges? (select all that apply)
(select all that apply)
In GitHub Actions, why is keyless Cosign signing (--yes, no cosign.key file) preferred over key-based signing?
Your agent image is in production and a new CVE is published for a library it contains. Which combination of supply chain controls gives you the earliest warning and the fastest path to a clean deployment?