Answer: Detective
Detective control identifies security events that have already occurred. Intrusion detection systems are detective controls.
=======================
Preventative Controls - acts to eliminate or reduce the likelihood that an attack can succeed. A preventative control operates before an attack can take place. They are comparing the configurations to a secure guideline to ensure no gaps. Meaning they are pre-emptively hardening their systems against future attack vectors.
Corrective Controls - controls that remediate security issues that have already occurred. Restoring backups after a ransomware attack is an example of a corrective control.
Detective controls attempt to detect when
vulnerabilities have been exploited, resulting in a security incident. The
important point is that detective controls discover the event after it has
occurred.
Detective controls are used to identify and detect security incidents or data compromises within an organization. They are part of the broader category of security controls known as "security operations" or "incident response" controls. Detective controls are designed to discover and raise an alert when unauthorized or malicious activities occur, allowing the organization to respond promptly to mitigate the impact of security incidents.
Examples of detective controls include security monitoring systems, intrusion detection systems (IDS), intrusion prevention systems (IPS), log analysis tools, security information and event management (SIEM) systems, and network traffic analysis solutions. These tools continuously monitor the network, systems, and applications for signs of suspicious or anomalous behavior, such as unusual access patterns, potential breaches, or data exfiltration attempts.
I think it is preventative. In detective control you are aware of the incident after it happened. However, in preventative control you can be aware of the incident before it happened. So it comes before detective.
This section is not available anymore. Please use the main Exam Page.SY0-601 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
rodwave
Highly Voted 2 years, 7 months agoLordJaraxxus
Most Recent 1 year, 3 months agoArpilir
1 year, 6 months agoApplebeesWaiter1122
1 year, 11 months agomosher21
2 years, 2 months agoMartyByrde
1 year, 6 months agoif10w
2 years, 3 months agoKnowledge33
2 years, 7 months agodb97
2 years, 9 months agodb97
2 years, 9 months agoRonWonkers
2 years, 9 months ago