A security analyst is evaluating the current endpoint security measures. Which of the following provides the BEST protection against both known and unknown threats?
Installing updated antivirus software on all endpoint devices
Deploying network firewalls at the edge of the network
Enforcing regular patch management for all endpoint devices
Implementing a comprehensive endpoint detection and response system
Endpoint detection and response (EDR) systems provide the best protection against known and unknown threats by combining real-time continuous monitoring and collection of endpoint data with rules-based automated response and analysis capabilities. Antivirus software primarily focuses on known threats with occasional zero-day threat protection, thus it falls short against unknown threats compared to EDR. Network firewalls primarily protect the network perimeter and might not offer thorough protection for endpoint devices. Patch management is important for endpoint security, but it does not offer active protection against ongoing threats.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an EDR system, and how does it work?
Open an interactive chat with Bash
How does antivirus software differ from EDR systems?
Open an interactive chat with Bash
Why are firewalls and patch management not enough for endpoint protection?