After reviewing a company’s NAS configuration and file system access logs, the auditor is advising the security administrator to implement additional security controls on the NFS export. The security administrator decides to remove the no_root_squash directive from the export and add the nosuid directive. Which of the following is true about the security controls implemented by the security administrator?
A . The newly implemented security controls are in place to ensure that NFS encryption can only be controlled by the root user.
B . Removing the no_root_squash directive grants the root user remote NFS read/write access to important files owned by root on the NA
D . Users with root access on remote NFS client computers can always use the SU command to modify other user’s files on the NA
F . Adding the nosuid directive disables regular users from accessing files owned by the root user over NFS even after using the SU command.
Answer: C
Leave a Reply