CompTIA Security+ SY0-601 – Question243

A security engineer is concerned that the strategy for detection on endpoints is too heavily dependent on
previously defined attacks. The engineer would like a tool to monitor for changes to key files and network traffic
on the device. Which of the following tools BEST addresses both detection and prevention?


A.
NIDS
B. HIPS
C. AV
D. NGFW

Correct Answer: B