Learn how File Integrity Monitoring (FIM) helps secure data and track changes in your environment. Discover why FIM is the best choice compared to SPF, GPO, and NAC for CompTIA Security+ SY0-601 exam.
Table of Contents
Question
A security administrator needs a method to secure data in an environment that includes some form of checks so that the administrator can track any changes. Which of the following should the administrator set up to achieve this goal?
A. SPF
B. GPO
C. NAC
D. FIM
Answer
D. FIM
Explanation
D. FIM (File Integrity Monitoring) is the most suitable method for securing data and tracking changes in an environment. FIM works by creating a baseline of critical system files and continuously monitoring them for any modifications, deletions, or additions. When a change is detected, FIM generates an alert, allowing the security administrator to investigate the incident and take appropriate actions. This process ensures data integrity and helps detect unauthorized access or malicious activities.
SPF (Sender Policy Framework) is an email authentication protocol that prevents email spoofing but does not directly secure data or track changes.
GPO (Group Policy Object) is a feature in Active Directory that allows administrators to manage and enforce security policies across a network. While GPOs can help secure data by applying access controls and security settings, they do not inherently track changes to files.
NAC (Network Access Control) is a security approach that enforces security policies on devices connecting to a network. NAC ensures that only authorized and compliant devices can access network resources, but it does not specifically monitor file changes.
CompTIA Security+ 2021 SY0-601 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the CompTIA Security+ 2021 SY0-601 exam and earn CompTIA Security+ 2021 SY0-601 certification.