(ISC)2 Certified in Cybersecurity Practice Exam

The term that describes security measures implemented to deter unauthorized access is preventive controls. These types of controls are designed to stop security incidents before they occur by implementing safeguards and barriers. This can include a variety of strategies, such as access controls, encryption, firewalls, and physical security measures.

The emphasis on prevention is crucial because it not only protects sensitive data and systems from unauthorized access but also minimizes the likelihood of breaches occurring in the first place. By establishing strong preventive controls, organizations strengthen their security posture and create layers of defense that can deter potential threats.

Detective controls, while important, are primarily focused on identifying and detecting incidents after they have already occurred, rather than preventing them upfront. Corrective controls aim to mitigate damage and restore systems after a security event has taken place. Administrative controls are policies and procedures designed to manage and direct the security measures of an organization but do not directly deter access on a technical level.