CompTIA CASP+ (CAS-004) — Question 452
An organization is implementing advanced security controls associated with the execution of software applications on corporate endpoints. The organization must implement a deny-all, permit-by-exception approach to software authorization for all systems regardless of OS. Which of the following should be implemented to meet these requirements?
Answer options
- A. SELinux
- B. MDM
- C. XDR
- D. Block list
- E. Atomic execution
Correct answer: A
Explanation
The correct answer is A, SELinux, as it enforces mandatory access control policies that align with the deny-all, permit-by-exception strategy. The other options, while useful in various contexts, do not provide the same level of control over software execution necessary for this approach.