ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-601 All Questions

View all questions & answers for the SY0-601 exam
Go to Exam

Exam SY0-601 topic 1 question 522 discussion

Actual exam question from CompTIA's SY0-601
Question #: 522
Topic #: 1
[All SY0-601 Questions]

After a recent ransomware attack on a company's system, an administrator reviewed the log files. Which of the following control types did the administrator use?

  • A. Compensating
  • B. Detective
  • C. Preventive
  • D. Corrective
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by CastratedMonk at July 5, 2023, 10:30 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ApplebeesWaiter1122
Highly Voted 1 year, 10 months ago
Selected Answer: B
The administrator used detective controls by reviewing the log files after the ransomware attack. Detective controls are designed to detect and identify potential security incidents or policy violations that may have occurred within an organization's systems or network. In this case, the log files were analyzed to identify signs of the ransomware attack and understand how the incident occurred. Detective controls help in identifying security breaches or other issues so that appropriate actions can be taken to respond to and mitigate the impact of the incident. They are an essential part of a comprehensive cybersecurity strategy, alongside preventive and corrective controls.
upvoted 5 times
...
Nemish71
Most Recent 1 year, 1 month ago
Selected Answer: B
Detective Controls ● Used during the event to find out whether something bad might be happening
upvoted 1 times
...
ccnaexam28
1 year, 10 months ago
Selected Answer: B
an admin would want to review the logs in order to correct the vulnerabilities to prevent the similar attack from happening again. but since the question doesn't provide enough details on what the admin is trying to do after reviewing the logs, I'll just go with B since the log exists because it was detected. thoughts? anyway, a bad question again from comptia... makes me want to just stop reading these questions.
upvoted 4 times
...
CastratedMonk
1 year, 11 months ago
Selected Answer: B
"The important point is that detective controls discover the event after it has occurred. Some examples of detective controls are: Log Monitoring, SIEM, Security Audit, Video Surveillance, Motion Detection, IDS" - Darril Gibson
upvoted 3 times
Gamsje
1 year, 10 months ago
Detective ? I do not think so.
upvoted 3 times
andresalcedo
1 year, 10 months ago
there is no other option
upvoted 2 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel