An administrator implements SELinux on a production web server. After implementing this, the web server no
longer serves up files from users’ home directories. To rectify this, the administrator creates a new policy as the
Which of the following is this an example of? (Choose two.)
Enforcing SELinux in the OS kernel is role-based access control
Enforcing SELinux in the OS kernel is rule-based access control
The policy added by the root user is mandatory access control
Enforcing SELinux in the OS kernel is mandatory access control
The policy added by the root user is role-based access control
The policy added by the root user is rule-based access control
Enforcing SELinux in the OS kernel is mandatory access control. SELinux is Security Enhanced Linux which is
a locked down version of the OS kernel.
Mandatory Access Control (MAC) is a relatively inflexible method for how information access is permitted. In a
MAC environment, all access capabilities are predefined. Users can’t share information, unless their rights to
share it, are established by administrators. Consequently, administrators must make any changes that need to
be made to such rights. This process enforces a rigid model of security. However, it is also considered the most
secure security model.
The policy added by the root user is rule-based access control. The administrator has defined a policy that
states that user’s folders should be served by the web server.
Rule-Based Access Control (RBAC) uses the settings in preconfigured security policies to make all decisions.