Which system is a host-based intrusion detection system that creates a hash digest for every monitored file and is required for PCI-DSS, SOX, FISMA, HIPAA and CIS controls?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the CompTIA SecurityX Test. Equip yourself with comprehensive flashcards and multiple choice questions that include hints and explanations. Gear up for your certification exam!

Multiple Choice

Which system is a host-based intrusion detection system that creates a hash digest for every monitored file and is required for PCI-DSS, SOX, FISMA, HIPAA and CIS controls?

File Integrity Monitoring verifies that files on a host have not been altered by computing and storing a hash digest for each monitored file and rechecking it over time. This makes it a host-based intrusion detection approach, because it sits on the device and watches the local files for changes that could indicate tampering or malware.

PCI-DSS, SOX, FISMA, HIPAA, and CIS controls all require mechanisms to detect unauthorized changes to critical system and configuration files, which is exactly what FIM provides. The hash-based checksums allow the system to detect even subtle modifications that might not produce obvious events elsewhere.

Other options don’t fit this specific requirement: an audit log records events but doesn’t continuously verify file integrity; NetFlow analyzes network traffic rather than on-host file changes; DLP Endpoint focuses on preventing data loss rather than monitoring and detecting file modifications on the host.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy