ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 584 discussion

Actual exam question from CompTIA's CAS-004
Question #: 584
Topic #: 1
[All CAS-004 Questions]

An organization is implementing advanced security controls associated with the execution of software applications on corporate endpoints. The organization must implement a deny-all, permit-by-exception approach to software authorization for all systems regardless of OS. Which of the following should be implemented to meet these requirements?

  • A. SELinux
  • B. MDM
  • C. XDR
  • D. Block list
  • E. Atomic execution
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by MrMonocle at Jan. 17, 2025, 12:44 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Leroy_24
1 week, 5 days ago
Selected Answer: D
D, because SELinux is not for microsoft OSs; MDM is for mobile devices, XDR doesn't pertain to software authorization, and Atomic execution is to ensure a series of operations are completed in sync. A "deny-all, permit-by-exception" approach means that by default, all software execution is blocked, and only explicitly authorized applications are allowed to run. A block list effectively implements this policy by maintaining a list of prohibited software, effectively denying everything not on the list.
upvoted 1 times
...
Steel16
1 month, 4 weeks ago
Selected Answer: C
o a deny-all, permit-by-exception approach can be implemented with XDR (Extended Detection and Response) solutions. XDR integrates multiple security products into a cohesive system, providing comprehensive visibility and control over endpoints, networks, and applications. This allows for the enforcement of strict authorization policies, ensuring that only permitted software and activities are allowed. XDR solutions can apply security policies consistently across various operating systems, including Windows, Linux, and macOS
upvoted 1 times
Steel16
1 month, 4 weeks ago
o SELinux: While SELinux (Security Enhanced Linux) is a powerful security mechanism that can enforce access controls at the kernel level, it doesn't inherently provide a deny-all, permit-by-exception approach. It requires specific rules to be defined for allowed actions, and its default configuration may not strictly enforce a whitelist. o MDM: Mobile Device Management (MDM) primarily focuses on managing and securing mobile devices. While it can control app installations and usage on these devices, it doesn't necessarily implement a deny-all, permit-by-exception policy for all systems, especially desktops or servers.
upvoted 1 times
...
...
Chiaretta
3 months ago
Selected Answer: B
MDM is the only that make sence. Selinux is a boot linux funzion, question says "regardless of the operating system"
upvoted 1 times
...
Bright07
3 months, 1 week ago
Selected Answer: A
A. SELinux (Security-Enhanced Linux) SELinux is a security architecture for enforcing access control policies on a system. It can be configured to limit what applications can execute, enforcing strict rules based on the least-privilege principle. This matches the "deny-all, permit-by-exception" model by denying all application executions unless explicitly allowed by the policy, regardless of the operating system.
upvoted 2 times
...
MrMonocle
3 months, 3 weeks ago
Selected Answer: A
This question doesn't make sense to me. None of the answers are valid as. The only plausible ones are A and B. However, the question states the approach is for all systems reguardless of OS so A should be out and MDM is geared towards mobile systems so that is out too. my guess is that they're looking for A.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago