A software that reviews system files to ensure that they have not been tampered with.

Prepare for the Information Security Principles and Frameworks Test. Enhance your understanding with detailed questions, hints, and explanations. Ace your exam with confidence!

Multiple Choice

A software that reviews system files to ensure that they have not been tampered with.

Explanation:
File integrity monitoring focuses on ensuring critical system files haven’t been altered. It maintains a baseline of the expected state of key files—using hashes, checksums, sizes, timestamps, and permissions—and then rechecks these files to detect any unauthorized changes. When a change is detected, it raises an alert for incident response and forensics. This helps defend against tampering by malware, rootkits, or insiders who modify executables, config files, or system binaries to hide activity or maintain persistence. This approach is specific to verifying file content and attributes, whereas endpoint detection and response watches broader endpoint activity; host-based intrusion detection looks for suspicious behavior patterns on the host; and UEBA analyzes user and entity behavior rather than exact file integrity. So the tool described is a file integrity monitoring solution.

File integrity monitoring focuses on ensuring critical system files haven’t been altered. It maintains a baseline of the expected state of key files—using hashes, checksums, sizes, timestamps, and permissions—and then rechecks these files to detect any unauthorized changes. When a change is detected, it raises an alert for incident response and forensics. This helps defend against tampering by malware, rootkits, or insiders who modify executables, config files, or system binaries to hide activity or maintain persistence. This approach is specific to verifying file content and attributes, whereas endpoint detection and response watches broader endpoint activity; host-based intrusion detection looks for suspicious behavior patterns on the host; and UEBA analyzes user and entity behavior rather than exact file integrity. So the tool described is a file integrity monitoring solution.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy