Which protection in the runtime rule would cause this audit?
An administrator sees that a runtime audit has been generated for a container.
The audit message is: “/bin/ls launched and is explicitly blocked in the runtime rule. Full command: ls -latr”
Which protection in the runtime rule would cause this audit?
A . Networking
B . File systems
C . Processes
D . Container
Answer: C
Explanation:
The protection in the runtime rule that would cause the audit message indicating "/bin/ls launched and is explicitly blocked in the runtime rule" is related to "Processes". In container security, a runtime rule set to monitor and restrict processes can block specific executables or commands from running within a container. If the rule is triggered, it indicates that a process that is explicitly denied by the policy attempted to execute, which in this case is the ‘ls’ command.
Latest PCCSE Dumps Valid Version with 85 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund