Which of the following is the technique used by Java that prevents certain functions when the applet is sent as part of a Web page?
- process isolation
- reference monitor
Sandboxing is a technique used by Java as well as other applications to prevent the operation of the program from interfering with any other programs running.
Sandboxing also refers to developing an application outside of the production environment. Sandboxing can also be useful to test a legacy operation system that may not have security patches. Virtual machines are often used to create the sandbox. Memory allocation issues may be discovered during sandbox testing, but are not directly a part of the sandbox functionality.
Process isolation is a technique used by operating systems to isolate one running process from any other. It is not done in memory but in the processor queue.
Reference monitor is an abstract concept implemented by the security kernel of the operating system. It manages access from untrusted component to those that are part of the trusted computer base.
Segmentation is not a term used to discuss Java activities and operation.
Objective: Host-Based Analysis
Sub-Objective: Describe the functionality of these endpoint technologies in regards to security monitoring: Host-based intrusion detection, Antimalware and antivirus, Host-based firewall, Application-level whitelisting/blacklisting, Systems-based sandboxing (such as Chrome, Java, Adobe reader).