A remote employee navigates to a shopping website on their company-owned computer. The employee clicks a link that contains a malicious file. Which of the following would prevent this file from downloading?
EDR (Endpoint Detection and Response) solutions monitor endpoint activities in real-time and can prevent malicious files from being downloaded or executed by detecting suspicious behaviors. In this case, EDR would block the download or alert the security team.
DLP (Data Loss Prevention) prevents unauthorized data exfiltration rather than blocking malware downloads. FIM (File Integrity Monitoring) tracks changes to files but doesn’t prevent downloads. NAC (Network Access Control) controls device access to the network but does not directly block file downloads.
EDR's proactive blocking capabilities are covered under the Security Operations domain in SY0-701【6:Chapter 11†CompTIA Security+ Study Guide】.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit