Finally, there are historical records stored on the server that are extremely important to the business and should never be modified. Maria would like to add an integrity control that allows her to verify on a periodic basis that the files were not modified. What control can she add?

Hashing allows you to computationally verify that a file has not been modified between hash evaluations. ACLs and read-only attributes are useful controls that may help you prevent unauthorized modification, but they cannot verify that files were not modified. Firewalls are network security controls and do not verify file integrity.