CompTIA Security+ (SY0-501) — Question 1042

A number of employees report that parts of an ERP application are not working. The systems administrator reviews the following information from one of the employee workstations:
Execute permission denied: financemodule.dll
Execute permission denied: generalledger.dll
Which of the following should the administrator implement to BEST resolve this issue while minimizing risk and attack exposure?

Answer options

• A. Update the application blacklist
• B. Verify the DLL's file integrity
• C. Whitelist the affected libraries
• D. Place the affected employees in the local administrator's group

Correct answer: C

Explanation

The best approach is to whitelist the affected libraries, as this grants the necessary permissions for the DLLs to execute without unnecessarily exposing the system to more risk. Updating the application blacklist and verifying the DLL's integrity do not directly address the permission issue, and placing employees in the local administrator's group could increase security risks by providing excessive access.