PrepAway - Latest Free Exam Questions & Answers

Which is a possible security concern with this configuration?

During a security assessment of a Solaris OE system, the examiner finds the run-control script, /etc/rc3.d/S20myapp. After verifying the need for this script with the system’s custodian, the examiner notices that the script starts a program in /opt/myapp/bin. Which is a possible security concern with this configuration?

PrepAway - Latest Free Exam Questions & Answers

A.
There is no security concern with this configuration. This is a common and necessary practice for starting unbundled applications at boot time.

B.
The program may have unmet dependencies on other software packages that cause the application to either fail or hang during the boot process.

C.
The program may be owned by an application user. If access to this user account can be obtained, an attacker can easily gain root access to the system.

D.
The application started by the /etc/rc3.d/S20myapp run-control script may contain a locally exploitable buffer overflow causing the security of the system to be violated.


Leave a Reply