CompTIA CySA+ (CS0-002) — Question 202
An analyst needs to provide a recommendation that will allow a custom-developed application to have full access to the system’s processors and peripherals but still be contained securely from other applications that will be developed. Which of the following is the best technology for the analyst to recommend?
Answer options
- A. Software-based drive encryption
- B. Trusted execution environment
- C. Unified Extensible Firmware Interface
- D. Hardware security module
Correct answer: B
Explanation
The best choice is B, the Trusted execution environment, as it provides a secure area within the main processor, allowing applications to run with full access to system resources while maintaining isolation from other applications. The other options, like A (Software-based drive encryption), do not provide the necessary execution isolation, C (Unified Extensible Firmware Interface) is related to boot processes rather than application isolation, and D (Hardware security module) focuses on cryptographic operations rather than application execution isolation.