New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Security Engineer Exam - Topic 3 Question 112 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 112
Topic #: 3
[All Professional Cloud Security Engineer Questions]

A patch for a vulnerability has been released, and a DevOps team needs to update their running containers in Google Kubernetes Engine (GKE).

How should the DevOps team accomplish this?

Show Suggested Answer Hide Answer
Suggested Answer: C

When a vulnerability patch is released for a running container in Google Kubernetes Engine (GKE), the recommended approach is to update the application code or apply the patch directly to the codebase. Then, a new container image should be built incorporating these changes. After building the new image, it should be deployed to replace the running containers. This method ensures that the containers run the updated, secure code.

Steps:

Update Application Code: Modify the application code or dependencies to incorporate the vulnerability patch.

Build New Image: Use a tool like Docker to build a new container image with the updated code.

Push New Image: Push the new container image to the Container Registry.

Update Deployments: Update the Kubernetes deployment to use the new image. This can be done by modifying the image tag in the deployment YAML file.

Redeploy Containers: Apply the updated deployment configuration using kubectl apply -f <deployment-file>.yaml, which will redeploy the containers with the new image.


Google Cloud: Container security

Kubernetes: Updating an application

by Alisha at Jan 22, 2026, 07:42 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Jacquelyne
5 days ago
I practiced a similar question where we had to update images in a deployment. I think they might need to specify the new image version in the deployment YAML.
upvoted 0 times
...
Therese
10 days ago
I remember something about rolling updates in Kubernetes. Maybe they can use `kubectl rollout` to manage the updates?
upvoted 0 times
...
Rosenda
15 days ago
I think they need to use `kubectl` to update the deployments, but I'm not entirely sure about the exact commands.
upvoted 0 times
...
Alexis
20 days ago
This seems straightforward enough. I'd first check the current container versions, then update the deployment to use the patched image. After that, I'd monitor the rollout to make sure everything goes smoothly.
upvoted 0 times
...
Emerson
25 days ago
Okay, I think I've got a plan. I'll update the container image in the deployment, then use the `kubectl rollout` command to trigger a rolling update. That should let me update the containers without downtime.
upvoted 0 times
...
Krissy
1 month ago
Hmm, I'm a bit unsure about the best approach here. I know we need to update the containers, but I'm not sure of the exact process in GKE. I'll need to research that a bit more.
upvoted 0 times
...
Layla
1 month ago
I'd start by checking the Kubernetes documentation on rolling updates. That should give me a good overview of the steps to update the containers.
upvoted 0 times
...

Save Cancel