CompTIA CySA+ (CS0-003) — Question 331

Alerts from the security dashboard are reporting a cloud-based host is suspected to be corrupt. The OS is not loading. The initial investigation concludes that the OS files were modified. Which of the following security controls provided the report?

Answer options

• A. FIM
• B. DLP
• C. NIDS
• D. API gateway

Correct answer: A

Explanation

The correct answer is A, FIM (File Integrity Monitoring), which detects changes to files, indicating potential corruption. DLP (Data Loss Prevention) focuses on preventing data breaches, NIDS (Network Intrusion Detection System) monitors network traffic for suspicious activity, and API gateway manages API traffic but does not monitor file integrity.