CERTIFIED-IN-CYBERSECURITY · Question #155
CERTIFIED-IN-CYBERSECURITY Question #155: Real Exam Question with Answer & Explanation
The correct answer is B: Patches. Patches are a type of corrective security control, since they repair damage and restore resources and capabilities to a secure and previously-updated state (see ISC2 Study Guide, chapter 5, module 2). Encryption is a preventive security control that ensures data confidentiality.
Question
Which of these is a type of corrective security control?
Options
- AIntrusion detection systems
- BPatches
- CEncryption
- DGuidelines
Explanation
Patches are a type of corrective security control, since they repair damage and restore resources and capabilities to a secure and previously-updated state (see ISC2 Study Guide, chapter 5, module 2). Encryption is a preventive security control that ensures data confidentiality. Intrusion detection systems are detective controls, since they monitor a given system for unwanted activity. Intrusion detection systems (IDS) alert administrators to potential security breaches or attacks. Although they help prevent or mitigate their impact, they are not in themselves corrective controls. Guidelines provide recommendations or suggestions for achieving a particular goal or objective, and are often used to guide best practices or recommended approaches; furthermore, they are not typically considered corrective security controls.
Topics
Community Discussion
No community discussion yet for this question.