How does AppArmor configure access control settings?

• A. AppArmor does not require any configuration
• B. AppArmor automatically configures itself based on the installed applications
• C. AppArmor relies on precompiled policies that can be periodically updated
• D. A profile is assigned per application that specifies the resources available

Answer: (D)

AppArmor implements access control through the creation of profiles that are specifically tailored for individual applications. Each profile outlines the permitted capabilities and resources that the application can access, thereby providing a layer of security. This method allows for fine-grained control over what each application can do and the files it can access, based on the principle of least privilege.

By assigning a distinct profile to each application, AppArmor can enforce policies that reduce the potential attack surface and limit the impact of any vulnerabilities that might be exploited within those applications. This approach not only enhances security but also aids in preventing applications from interacting with the system in unauthorized or harmful ways.

This option is particularly beneficial because it supports the dynamic nature of systems where applications may require varying levels of access based on their functionality. Profiles can be tailored, modified, or even created from scratch to meet the specific security needs of an organization or user, providing a customizable security solution.