nerdexam
(ISC)2

CISSP-ISSEP · Question #150

Which of the following techniques are used after a security breach and are intended to limit the extent of any damage caused by the incident?

The correct answer is A. Corrective controls. Corrective controls (A) are the right answer because they activate after a security breach occurs, aiming to minimize damage, restore systems, and fix vulnerabilities - examples include incident response plans, system backups, and patch deployment. Safeguards (B) is a general umb

Security Operations

Question

Which of the following techniques are used after a security breach and are intended to limit the extent of any damage caused by the incident?

Options

  • ACorrective controls
  • BSafeguards
  • CDetective controls
  • DPreventive controls

How the community answered

(21 responses)
  • A
    90% (19)
  • B
    5% (1)
  • C
    5% (1)

Explanation

Corrective controls (A) are the right answer because they activate after a security breach occurs, aiming to minimize damage, restore systems, and fix vulnerabilities - examples include incident response plans, system backups, and patch deployment.

Safeguards (B) is a general umbrella term for any security measure and isn't a specific control category in the CIA/NIST framework - it doesn't describe a post-breach timing.

Detective controls (C) are used during an incident to identify and alert on suspicious activity (e.g., IDS, log monitoring), not to limit damage after a breach is confirmed.

Preventive controls (D) act before a breach to stop it from happening in the first place (e.g., firewalls, access controls, encryption).

Memory tip: Think of the lifecycle - Prevent → Detect → Correct. If the breach already happened and you're cleaning up the mess, you're in Corrective territory.

Topics

#Security controls#Corrective controls#Incident response#Damage limitation

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSEP Practice