25 May Practice Test Question-Security Platforms
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Jessica believes that a server in her organization was compromised by an attacker. Which one of the following endpoint security platforms would provide the most visibility into activity on that device?
A. HIPS
B. Microsoft Configuration Manager
C. EDR
D. MDM
Correct Answer: C
If the organization uses host intrusion prevention systems (HIPS) or Microsoft Configuration Manager , those technologies may provide useful information during the investigation but they do not provide the comprehensive tracking found in an EDR platform.Endpoint detection and response (EDR) platforms are designed specifically to track all activity that occurs on a device for use in forensic analysis and security operations, making it our correct answer. A server would generally not be regulated by a mobile device management (MDM) solution.
Interested in more practice test questions?
Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!
No Comments