(ISC)2 Certified in Cybersecurity Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the (ISC)2 Certified in Cybersecurity Exam with comprehensive quizzes and extensive question banks. Enhance your skills with detailed explanations and practice tests designed to improve your expertise for the certification exam. Get exam-ready now!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which type of control is aimed at identifying potential security incidents after they occur?

  1. Preventive

  2. Detective

  3. Corrective

  4. Deterrent

The correct answer is: Detective

The choice that focuses on identifying potential security incidents after they occur is known as detective controls. These controls are specifically designed to monitor systems and networks to detect and alert on unauthorized access or anomalies after they have happened. The primary goal of detective controls is to provide timely information about security incidents so that organizations can respond appropriately. Common examples include intrusion detection systems, security information and event management (SIEM) systems, and log analysis. Preventive controls focus on stopping potential security incidents before they happen, such as firewalls and access controls. Corrective controls come into play after an incident has been identified, aiming to rectify or mitigate the damage caused. Deterrent controls are designed to discourage potential attackers from attempting an attack in the first place, often through visible security measures or policies. Thus, the focus of detective controls on post-incident identification distinguishes them clearly from these other types of controls.

More Questions Like This