An attacker tries to load dynamic libraries on macOS from an unsecure location. Which Cortex XDR module can prevent this attack?
An attacker tries to load dynamic libraries on macOS from an unsecure location. Which Cortex XDR module can prevent this attack?
The Cortex XDR module that can prevent an attacker from loading dynamic libraries on macOS from an insecure location is 'Dylib Hijacking.' This specific module is designed to counteract dylib-hijacking attacks, where an attacker tries to exploit dynamic library loading mechanisms by injecting malicious libraries from insecure locations to gain control over a process. The name directly indicates its purpose related to dynamic libraries, making it the correct choice.
Dylib Hijacking Prevents Dylib-hijacking attacks where the attacker attempts to load dynamic libraries on Mac operating systems from unsecured locations to gain control of a process. https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Prevent-Administrator-Guide/Endpoint-Protection-Modules
Mac operating systems" from admin guide pg. 85