What Cisco Security Agent Interceptor is in charge of intercepting all read/write requests to the rc files in UNIX?
A.
Network interceptor
B.
Configuration interceptor
C.
Execution space interceptor
D.
File system interceptor
Explanation:
This question is about Cisco Security Agent Interceptors:
Because a Configuration Interceptor is responsible for
intercepting read/write requests to the registry in Windows or to rc files on UNIX.
Interception occurs because modifying the operating system configuration can have
serious consequences. All read/write requests to the registry are tightly controlled for
security by the Cisco Security Agent.
A: A network Interceptor is responsible for controlling Network Driver Interface
Specification (NDIS) changes and for clearing network connections through the security
policy. This also limits how many network connections are allowed within a specified
time period to help prevent DoS attacks. Central to its role is providing hardening
features such as SYN flood protection and port scan detection.
C: Execution Space Interceptor:
It is the responsibility of this interceptor to deal with maintaining the integrity of the
dynamic runtime environment of each application. It does this by detecting and blocking
requests to write to memory not owned by the requesting application.
In terms of practical application, when this form of attack occurs, the targeted service,
such as SMTP, FTP, or TFTP, crashes. More importantly, the attacker’s shell code is not
launched successfully. This also blocks attempts by an application to inject code (such as
a shared library or dynamic link library [DLL]) into another. Buffer overflows attacks are also
detected, helping maintain the integrity of dynamic resources such as the file system and
configuration of web services. This also helps preserve the integrity of highly dynamic resources
such as memory and network I/O.
D: File System Interceptor is responsible for intercepting all file read or write requests
and either allowing or denying them based on the security policy.