CompTIA CySA+ (CS0-003) — Question 85
An organization needs to bring in data collection and aggregation from various endpoints. Which of the following is the best tool to deploy to help analysts gather this data?
Answer options
- A. DLP
- B. NAC
- C. EDR
- D. NIDS
Correct answer: C
Explanation
The best option is EDR, as it is specifically designed to collect and aggregate data from endpoint devices, providing detailed insights for analysts. DLP focuses on data loss prevention, NAC is about network access control, and NIDS is used for intrusion detection, which do not address the needs for data collection and aggregation in the same manner as EDR.