Which feature is a function of both EPP and EDR?

Homework Help: Questions and Answers: Which feature is a function of both EPP and EDR?

a) Enforcement of security policies
b) Data loss prevention
c) Antivirus scanning
d) Administrative top-down visibility

Answer:

First, let’s understand what EPP and EDR is:

EPP (Endpoint Protection Platform):

EPP is a type of endpoint security software that focuses on preventing cyber threats by securing endpoints (e.g., laptops, desktops, servers).
Its features typically include antivirus scanning, malware prevention, firewalls, and basic security measures to block attacks.

EDR (Endpoint Detection and Response):

EDR is more focused on monitoring, detecting, and responding to cyber threats that manage to bypass the preventive controls of an EPP.
EDR tools collect data from endpoints to provide real-time monitoring, threat detection, and forensic analysis.

Given Options: Step by Step Answering

a) Enforcement of security policies:

This is primarily a function of network security tools and administrative controls, not directly tied to EPP or EDR.

b) Data loss prevention:

This is generally not a core function of EPP or EDR. DLP is a separate technology designed to prevent sensitive data from being shared or transferred inappropriately.

c) Antivirus scanning

EPP commonly includes antivirus scanning as part of its prevention measures.
EDR may also include antivirus capabilities, but its focus is on detecting and responding to threats that have bypassed prevention mechanisms.
Therefore, antivirus scanning can be considered a function of both EPP and EDR, though it’s more prevalent in EPP.

d) Administrative top-down visibility

This function is more about providing central management or monitoring, and while EDR often has a component of administrative visibility for threat detection, this is not a core feature of EPP.

Final Answer:

Based on the above analysis, the feature that is a function of both EPP and EDR is:

Antivirus scanning.

Learn More: Homework Help