Which of the following is the most appropriate for the engineer to deploy?

CAS-005 0 Comments

A systems engineer is configuring a system baseline for servers that will provide email services.

As part of the architecture design, the engineer needs to improve performance of the systems by using an access vector cache, facilitating mandatory access control and protecting against:

• Unauthorized reading and modification of data and programs

• Bypassing application security mechanisms

• Privilege escalation

• interference with other processes

Which of the following is the most appropriate for the engineer to deploy?
A . SELinux
B . Privileged access management
C . Self-encrypting disks
D . NIPS

Answer: A

Explanation:

The most appropriate solution for the systems engineer to deploy is SELinux (Security-Enhanced Linux).

Here’s why:

Mandatory Access Control (MAC): SELinux enforces MAC policies, ensuring that only authorized users and processes can access specific resources. This helps in preventing unauthorized reading and modification of data and programs.

Access Vector Cache: SELinux utilizes an access vector cache (AVC) to improve performance. The AVC caches access decisions, reducing the need for repetitive policy lookups and thus improving system efficiency.

Security Mechanisms: SELinux provides a robust framework to enforce security policies and prevent bypassing of application security mechanisms. It controls access based on defined policies, ensuring that security measures are consistently applied.

Privilege Escalation and Process Interference: SELinux limits the ability of processes to escalate privileges and interfere with each other by enforcing strict access controls. This containment helps in isolating processes and minimizing the risk of privilege escalation attacks.

References:

CompTIA Security+ SY0-601 Study Guide by Mike Chapple and David Seidl

NSA’s Guide to the Secure Configuration of Red Hat Enterprise Linux 5 (SELinux)

NIST Special Publication 800-53: Security and Privacy Controls for Information Systems and Organizations

Latest CAS-005 Dumps Valid Version with 117 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CAS-005 PDF     CAS-005 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments