New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil 312-38 Exam - Topic 4 Question 97 Discussion

Actual exam question for Eccouncil's 312-38 exam
Question #: 97
Topic #: 4
[All 312-38 Questions]

John is a senior network security administrator working at a multinational company. He wants to block specific syscalls from being used by container binaries. Which Linux kernel feature restricts actions

within the container?

Show Suggested Answer Hide Answer
Suggested Answer: A

The topology that the network designer will propose is known as a screened subnet. This topology involves the use of two or more firewalls to create a network segment referred to as a demilitarized zone (DMZ). The DMZ acts as a buffer zone between the public internet and the internal network. It contains the public-facing servers, such as the web portal mentioned, which is isolated from the internal network for added security. The screened subnet topology typically includes a firewall at the network's edge connected to the internet, another firewall separating the DMZ from the internal network, and the DMZ itself. This setup allows for strict control of traffic between the internet, the DMZ, and the internal network, providing an additional layer of security.


by Wava at Oct 22, 2024, 05:42 AM

Limited Time Offer

25%

Off

Get Premium 312-38 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Luisa
3 months ago
Userns is about user namespaces, not syscall restrictions.
upvoted 0 times
...
Lazaro
3 months ago
Wait, can Seccomp really block syscalls? Sounds too good to be true!
upvoted 0 times
...
James
3 months ago
Cgroups are for resource limits, not syscall blocking.
upvoted 0 times
...
Iola
4 months ago
I thought it was LSMs, but Seccomp makes more sense.
upvoted 0 times
...
Bette
4 months ago
It's definitely Seccomp that does this!
upvoted 0 times
...
Rose
4 months ago
Cgroups seem more about resource management, so I don’t think they would be the answer here.
upvoted 0 times
...
Torie
4 months ago
I practiced a similar question about container security, and I think Seccomp was mentioned as a way to restrict actions.
upvoted 0 times
...
Murray
4 months ago
I’m not entirely sure, but I feel like LSMs might be related to security modules, not specifically for blocking syscalls.
upvoted 0 times
...
Kyoko
5 months ago
I remember studying about syscall filtering, and I think Seccomp is the right choice for blocking specific syscalls in containers.
upvoted 0 times
...
Princess
5 months ago
This seems like a good opportunity to apply my knowledge of container security best practices. I'll focus on the container context and go with the LSM option.
upvoted 0 times
...
Linsey
5 months ago
I'm a bit confused by the wording of the question. Is it asking about restricting actions within the container, or just in general? I'll need to re-read it carefully.
upvoted 0 times
...
Mila
5 months ago
Okay, I remember learning about Seccomp in my Linux security course. I think that's the feature that allows restricting syscalls, so I'll go with that.
upvoted 0 times
...
Raul
5 months ago
Hmm, I'm a bit unsure about the differences between these kernel features. I'll need to think through the details of each one.
upvoted 0 times
...
Lacresha
5 months ago
This looks like a straightforward question on Linux kernel features. I'm pretty confident I can figure this out.
upvoted 0 times
...
Anthony
9 months ago
I heard Seccomp is like a force field for your container. It's the Chuck Norris of Linux kernel features!
upvoted 0 times
...
Lavera
9 months ago
Seccomp all the way! It's like a bouncer for your container, keeping the troublemakers out. John's going to have a secure container party with this one.
upvoted 0 times
Pamella
8 months ago
Cgroups, LSMs, and Userns are important too, but Seccomp is the star here.
upvoted 0 times
...
Mila
8 months ago
John will have a secure container party with Seccomp in place.
upvoted 0 times
...
Ashton
8 months ago
LSMs are important for enforcing access control policies in the kernel.
upvoted 0 times
...
Jacqueline
8 months ago
I agree, it's like having a bouncer for your container.
upvoted 0 times
...
Ludivina
8 months ago
Cgroups can help with resource management within the container.
upvoted 0 times
...
Brianne
8 months ago
Seccomp is definitely the way to go for blocking specific syscalls in container binaries.
upvoted 0 times
...
Alethea
9 months ago
Seccomp is definitely the way to go for blocking those syscalls.
upvoted 0 times
...
...
Shantay
10 months ago
Userns? Nah, that's for user namespaces, not restricting syscalls. I'm going with LSMs - they can do some pretty advanced security stuff, right?
upvoted 0 times
Carla
8 months ago
Seccomp is actually the Linux kernel feature that restricts syscalls. Good choice!
upvoted 0 times
...
Boris
8 months ago
I think Cgroups can also restrict actions within the container.
upvoted 0 times
...
Dexter
9 months ago
Yes, LSMs can indeed do some advanced security configurations.
upvoted 0 times
...
...
Kristine
10 months ago
Hmm, Cgroups are great for resource management, but I don't think they're the right tool for blocking specific syscalls. I'd go with Seccomp on this one.
upvoted 0 times
Carin
9 months ago
LSMs and Userns are not typically used for blocking syscalls like Seccomp.
upvoted 0 times
...
Lajuana
9 months ago
Seccomp filters system calls at the kernel level, making it a good choice.
upvoted 0 times
...
Carli
9 months ago
Cgroups are more for resource management, not syscall blocking.
upvoted 0 times
...
Herminia
9 months ago
I agree, Seccomp is the way to go for blocking specific syscalls.
upvoted 0 times
...
...
Nicolette
10 months ago
Seccomp sounds like the way to go here. I remember reading about how it can restrict system calls in a container. Seems like the best choice for John's needs.
upvoted 0 times
Rosalind
9 months ago
I agree, Seccomp is a powerful feature for restricting actions within containers.
upvoted 0 times
...
Clay
10 months ago
Seccomp is definitely the way to go for blocking specific syscalls in containers.
upvoted 0 times
...
...
Mona
10 months ago
I'm not sure, but I think Cgroups could also be a possible answer.
upvoted 0 times
...
Francoise
11 months ago
I agree with Olene, Seccomp restricts actions within the container.
upvoted 0 times
...
Olene
11 months ago
I think the answer is C) Seccomp.
upvoted 0 times
...

Save Cancel