nerdexam
Exams312-50V9Questions#453
EC-Council

312-50V9 · Question #453

312-50V9 Question #453: Real Exam Question with Answer & Explanation

The correct answer is C: Audit trail. Detective controls identify and record security events after they occur, making audit trails the correct choice among these options.

Question

Which of the following is a detective control?

Options

  • ASmart card authentication
  • BSecurity policy
  • CAudit trail
  • DContinuity of operations plan

Explanation

Detective controls identify and record security events after they occur, making audit trails the correct choice among these options.

Common mistakes.

  • A. Smart card authentication is a preventive control because it stops unauthorized users from gaining access before a breach occurs.
  • B. A security policy is an administrative and preventive control that defines acceptable behavior and requirements, not one that detects incidents.
  • D. A continuity of operations plan is a corrective and recovery control designed to restore operations after a disruption, not to detect security events.

Concept tested. Security control types - detective vs preventive

Reference. https://csrc.nist.gov/glossary/term/detective_control

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V9 Practice