Bird
0
0

Which of the following best describes how EDR systems help in threat investigation?

easy🧠 Conceptual Q2 of 15
Cybersecurity - Advanced Threat Protection
Which of the following best describes how EDR systems help in threat investigation?
ABy encrypting all endpoint data automatically
BBy providing detailed logs and alerts about endpoint activities
CBy blocking all internet access on endpoints
DBy deleting suspicious files without notification
Step-by-Step Solution
Solution:

  1. Step 1: Review EDR investigation features

    EDR systems collect and store detailed data about what happens on endpoints.

  2. Step 2: Understand how this helps investigation

    This data helps security teams analyze and understand threats by reviewing logs and alerts.

  3. Final Answer:

    By providing detailed logs and alerts about endpoint activities -> Option B

  4. Quick Check:

    EDR investigation = Detailed logs and alerts [OK]
Quick Trick: Logs and alerts are key for EDR investigations [OK]
Common Mistakes:
MISTAKES
  • Thinking EDR encrypts all data by default
  • Assuming EDR blocks all internet access
  • Believing EDR deletes files silently

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Cybersecurity Quizzes
Advanced Threat Protection - Advanced Persistent Threats (APT) - Quiz 8hard Compliance and Governance - HIPAA for healthcare data - Quiz 6medium Compliance and Governance - GDPR requirements - Quiz 13medium Emerging Security Topics - Why security evolves with technology - Quiz 12easy Incident Response - Communication during incidents - Quiz 3easy Incident Response - Containment strategies - Quiz 3easy Incident Response - Eradication and recovery - Quiz 7medium Incident Response - Eradication and recovery - Quiz 1easy Security Architecture and Design - Microservices security architecture - Quiz 2easy Security Architecture and Design - Microservices security architecture - Quiz 12easy