CompTIA Security Plus Mock Test Q849

A security administrator wants to implement a solution which will allow some applications to run under the user’s home directory and only have access to files stored within the same user’s folder, while other applications have access to shared folders. Which of the following BEST addresses these requirements if the environment is concurrently shared by multiple users?

A. OS Virtualization
B. Trusted OS
C. Process sandboxing
D. File permission


Correct Answer: C
Section: Application, Data and Host Security

Explanation:
Sandboxing involves running applications in restricted memory areas. It limits the possibility of an application crash, allowing a user to access another application or the data
associated with it.

Incorrect Answers:
A: Virtualization is used to host one or more operating systems in the memory of a single host computer and allows multiple operating systems to run simultaneously on the same
hardware, reducing costs. Virtualization offers the flexibility of quickly and easily making backups of entire virtual systems, and quickly recovering the virtual system when errors occur.
Furthermore, malicious code compromises of virtual systems rarely affect the host system, which allows for safer testing and experimentation.
B: Trusted OS is an access-control feature that requires a specific operating system (OS) to be present on a system before that system can gain access to a resource. By limiting
access to only those systems that are known to implement specific security features, resource owners can be assured that violations of a resource’s security will be less likely.
D: Permissions on the file system define the level of access logged on users have to files and folders.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 37, 246
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 201-203, 204-205, 220-221