A security analyst is evaluating the current endpoint security measures. Which of the following provides the BEST protection against both known and unknown threats?
Installing updated antivirus software on all endpoint devices
Implementing a comprehensive endpoint detection and response system
Deploying network firewalls at the edge of the network
Enforcing regular patch management for all endpoint devices
Endpoint detection and response (EDR) systems provide the best protection against known and unknown threats by combining real-time continuous monitoring and collection of endpoint data with rules-based automated response and analysis capabilities. Antivirus software primarily focuses on known threats with occasional zero-day threat protection, thus it falls short against unknown threats compared to EDR. Network firewalls primarily protect the network perimeter and might not offer thorough protection for endpoint devices. Patch management is important for endpoint security, but it does not offer active protection against ongoing threats.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an Endpoint Detection and Response (EDR) system?
Open an interactive chat with Bash
How do EDR systems handle unknown threats compared to antivirus software?
Open an interactive chat with Bash
What are the key features of an effective endpoint security strategy?