A remote employee navigates to a shopping website on their company-owned computer. The employee clicks a link that contains a malicious file. Which of the following would prevent this file from downloading?

File Integrity Monitoring (FIM) is designed to track changes to files and alert administrators about unauthorized modifications. While it is useful for ensuring that files remain unaltered, it does not actively prevent files from being downloaded; it only detects changes after the fact, making it ineffective in this scenario.

Network Access Control (NAC) regulates devices on a network and ensures they comply with security policies before granting access. However, NAC does not specifically target the downloading of files; it primarily focuses on the security posture of devices attempting to connect to the network, leaving file downloads unmonitored.

Endpoint Detection and Response (EDR) solutions monitor and respond to threats on endpoints by detecting malicious activity. While EDR can identify and respond to malware after it has downloaded, it does not prevent the actual downloading of files, which is the critical action needed in this scenario.