Which technique is BEST for detecting unauthorized changes to a critical configuration file?
A CISSP practice question covering Domain 6: Security Assessment and Testing. Try answering before reading the explanation below.
Show options & answer
Why "File integrity monitoring (FIM)" is the right answer
FIM tools (Tripwire, AIDE, Defender for Server) hash files and alert on unexpected changes. AV looks for known malware; defrag is performance; RAID parity scrubbing checks disk health. None of those detect config tampering.
Take the full CISSP practice test
120 questions, instant explanations, study-video links on every miss. No account.