Exam4Training

Which protection in the runtime rule would cause this audit?

An administrator sees that a runtime audit has been generated for a container.

The audit message is: “/bin/ls launched and is explicitly blocked in the runtime rule. Full command: ls -latr”

Which protection in the runtime rule would cause this audit?
A . Networking
B . File systems
C . Processes
D . Container

Answer: C

Explanation:

The protection in the runtime rule that would cause the audit message indicating "/bin/ls launched and is explicitly blocked in the runtime rule" is related to "Processes". In container security, a runtime rule set to monitor and restrict processes can block specific executables or commands from running within a container. If the rule is triggered, it indicates that a process that is explicitly denied by the policy attempted to execute, which in this case is the ‘ls’ command.

Latest PCCSE Dumps Valid Version with 85 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Exit mobile version