{"id":"rhel9-layered-data-protection","text":"RHEL 9 protects data at rest through two independent and complementary layers: cryptographic protection (LUKS2 encryption with NBDE automated decryption governed by system-wide crypto policies) and mandatory access control (SELinux DAC → Type Enforcement → MCS enforcement chain) — ensuring that even if one layer is bypassed, the other independently restricts unauthorized access.","truth_value":"IN","source":"","source_url":"","source_hash":"","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"rhel9-layered-data-protection","truth_value":"IN","reason":"premise"}]}}