CompTIA Cloud+ (CV0-003) — Question 132

A support engineer wants to prevent users from running malware on several IaaS compute instances. Which of the following will BEST achieve this objective?

Answer options

• A. Encrypt all applications that users should not access.
• B. Set the execute filesystem permissions on the desired applications only.
• C. Implement an application whitelisting policy.
• D. Disable file sharing on the instance.

Correct answer: C

Explanation

The correct answer, C, is effective because an application whitelisting policy allows only authorized applications to run, significantly reducing the risk of malware execution. Options A and B do not prevent users from running potentially harmful applications; they only try to restrict access or execution to certain applications. Option D, while it can help limit certain vulnerabilities, does not address the core issue of controlling which applications can run.