Complete the code to identify what EDR primarily monitors on endpoints.
EDR systems primarily monitor [1] on endpoint devices to detect threats.EDR focuses on monitoring activities happening directly on endpoint devices like computers and servers to detect suspicious behavior.
Complete the code to explain the main purpose of EDR.
The main purpose of EDR is to [1] and respond to cyber threats on endpoints quickly.
EDR tools are designed to detect threats early and respond to them to protect endpoint devices.
Fix the error in the statement about EDR capabilities.
EDR tools do not [1] only network traffic to detect threats.
EDR tools do not monitor only network traffic; they primarily focus on endpoint activities like processes, files, and connections.
Fill both blanks to describe EDR's response process.
When EDR detects a threat, it [1] the suspicious activity and [2] actions to stop it.
EDR systems analyze suspicious activities and take actions such as isolating the device or removing malware to stop threats.
Fill all three blanks to complete the EDR data collection example.
EDR collects data such as [1], [2], and [3] from endpoints to detect threats.
EDR collects data like process behavior, file changes, and network connections to detect threats. User passwords are not collected by EDR.