CISSP-ISSEP · Question #150
Which of the following techniques are used after a security breach and are intended to limit the extent of any damage caused by the incident?
The correct answer is A. Corrective controls. Corrective controls (A) are the right answer because they activate after a security breach occurs, aiming to minimize damage, restore systems, and fix vulnerabilities - examples include incident response plans, system backups, and patch deployment. Safeguards (B) is a general umb
Question
Which of the following techniques are used after a security breach and are intended to limit the extent of any damage caused by the incident?
Options
- ACorrective controls
- BSafeguards
- CDetective controls
- DPreventive controls
How the community answered
(21 responses)- A90% (19)
- B5% (1)
- C5% (1)
Explanation
Corrective controls (A) are the right answer because they activate after a security breach occurs, aiming to minimize damage, restore systems, and fix vulnerabilities - examples include incident response plans, system backups, and patch deployment.
Safeguards (B) is a general umbrella term for any security measure and isn't a specific control category in the CIA/NIST framework - it doesn't describe a post-breach timing.
Detective controls (C) are used during an incident to identify and alert on suspicious activity (e.g., IDS, log monitoring), not to limit damage after a breach is confirmed.
Preventive controls (D) act before a breach to stop it from happening in the first place (e.g., firewalls, access controls, encryption).
Memory tip: Think of the lifecycle - Prevent → Detect → Correct. If the breach already happened and you're cleaning up the mess, you're in Corrective territory.
Topics
Community Discussion
No community discussion yet for this question.