GIAC Security Leadership Certification (GSLC) — Question 9

Which security control is designed to provide prevention, detection, and remediation for file-based malware activity?

Answer options

• A. Indicators of Compromise (IOC)
• B. Network Intrusion Prevention System (NIPS)
• C. Endpoint Protection Platform (EPP)
• D. Data Loss Prevention (DLP)

Correct answer: A

Explanation

Indicators of Compromise (IOC) are used to identify signs of malicious activity and can help in preventing, detecting, and remediating file-based malware. In contrast, Network Intrusion Prevention Systems (NIPS) focus on network threats, Endpoint Protection Platforms (EPP) provide security for endpoints but may not specifically target file-based malware, and Data Loss Prevention (DLP) is primarily concerned with preventing data breaches rather than malware detection.