Free CrowdStrike CCCS-203b Actual Exam Questions - Question 8 Discussion
trusted container images from specific registries are scanned and allowed for deployment. What is the
best approach for adding registry connection details?
Skipping authentication like in B risks untrusted images slipping through.
C imo makes the most sense since you can’t just rely on default settings or skip auth for private registries. Setting the registry URL and adding authentication if needed ensures only trusted images get scanned before deployment. A or B wouldn’t provide enough control or security, and D is risky because even private repos can have vulnerabilities. The key is locking down which images are allowed by properly connecting and authenticating with each registry.
C seems right because you need to specify the exact registry and use authentication when needed to make sure only trusted images get scanned and deployed. A or B would be too loose and D skips scanning which isn’t safe.
C imo, you can’t trust anything without proper auth and scanning.
C/D? I’m ruling out A because default settings won’t cover custom or private registries properly. B sounds risky since adding all registries without authentication could allow unverified images through. D might seem okay but disabling scanning on private repos goes against best practices—trusting without verification is a security hole. So C is the only one that securely handles the registry details and ensures proper scanning with auth when needed.
C seems right because you need to authenticate and control which images get scanned.
C makes sense - need to specify URL and enable auth if needed.