Which read-only folders are protected by System Integrity Protection?

System Integrity Protection (SIP), introduced in macOS, is designed to enhance the security of the operating system by restricting the actions that the root user can perform on certain protected parts of the file system. The folders that are read-only and protected by SIP are critical to the operation and integrity of the macOS system.

The correct answer includes the folders: /System, /usr, /bin, and /sbin. These directories contain essential system files and executables necessary for the operating system's functionality. By restricting write access to these folders, SIP helps prevent malicious software from tampering with critical components of macOS.

• /System contains core system files and resources.

• /usr contains user utilities and applications, which are also part of the operating system's core functionality.

• /bin contains essential user commands and executables that must remain unchanged for the system to operate correctly.

• /sbin includes system binaries necessary for system administration tasks.

The other options contain directories that are either user-specific or general folders that do not fall under the restrictions imposed by SIP, making them writable by default.