You are a SOC Analyst working at a company which is in the process of deploying cloud workload protection with Azure Defender. 
You are the SOC team member working with the application and infrastructure teams architecting the resource architecture for the new web application that uses containers and Azure SQL. You are accountable to make sure the workloads are secure with Azure Defender and offer options for non-protected workloads. 
When do Azure Defender scan a Container Registries image?

Answer options:

A.Recently pulled
B.Weekly
C.Nightly
D.Cannot configure

Correct Answer: A
Option A is correct. Azure Defender for container registries also scans any image that has been pulled within the last 30 days.
Option B & C are incorrect.Schedule scans are not an option.
Option D is incorrect as we can scan the registries which is pulled within last 30 days.
Reference: 

https://docs.microsoft.com/en-us/azure/security-center/azure-defender