What are the recommended defense strategies against this COM hijacking persistence technique?

Defenders should monitor creation and modification operations under the registry keys `HKCU\Software\Classes\CLSID` and `HKCU\Software\Classes\Wow6432Node\CLSID`. This technique is also related to other persistence methods like Use Logon Scripts to maintain persistence, but COM hijacking specifically requires watching for unexpected CLSID entries pointing to DLLs.