A number of employees report that parts of an ERP application are not working. The systems administrator reviews the following information from one of the employee workstations:
Execute permission denied: financemodule.dll
Execute permission denied: generalledger.dll
Which of the following should the administrator implement to BEST resolve this issue while minimizing risk and attack exposure?
A. Update the application blacklist
B. Verify the DLL’s file integrity
C. Whitelist the affected libraries
D. Place the affected employees in the local administrator’s group
B. The question does imply that the DLL’s were working fine but suddenly user’s are getting execution denials. The DLLs could easily be infected. So to play it safe, their integrity should be checked.
Integrity should be checked but Verification isn’t a Resolution. It’s only a path to that. The question asks for the BEST resolution so I think it’s C
I don’t agree. The ERP worked fine before the failure occur with current permissions. Then something occur and users had lost their permissions. Definitely the DLLs were corrupted. Whitelisting of the affected files is an option, but the question requires “minimizing risk and attack exposure”. My answer is B.
Permission denied is a permission issue, not a corruption issue.. You need to whitelist them.
I thought it was B.
Me too