Android uses Security Enhanced Linux (SELinux). What component of the SELinux kernel confines and reduces the impact of an exploited vulnerability to a single area?
Choose an answer
Tap an option to check your answer.
Correct answer: Security Domains.
Why this is the answer
Security Domains are the correct answer because SELinux uses them to enforce mandatory access control (MAC). Each domain defines a set of permissions for a specific process or application, confining its actions and limiting the damage if that process is compromised. This isolation prevents an exploited vulnerability in one domain from affecting other parts of the system. SoC (System on a Chip) is the integrated circuit that houses the main components of a computer or other electronic system, but it's not a SELinux component. Secure memory blocks (SMB) are a general concept for protecting memory, not a specific SELinux kernel component for confinement. The Hardware Abstraction Layer (HAL) provides a standard interface to hardware functionality, but it's not directly responsible for SELinux's security confinement mechanisms.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed