SY0-701 · Question #71
SY0-701 Question #71: Real Exam Question with Answer & Explanation
The correct answer is B: Detective. Detective controls are security measures that are designed to identify and monitor any malicious activity or anomalies on a system or network. They can help to discover the source, scope, and impact of an attack, and provide evidence for further analysis or investigation. Detecti
Question
After a recent ransomware attack on a company's system, an administrator reviewed the log files. Which of the following control types did the administrator use?
Options
- ACompensating
- BDetective
- CPreventive
- DCorrective
Explanation
Detective controls are security measures that are designed to identify and monitor any malicious activity or anomalies on a system or network. They can help to discover the source, scope, and impact of an attack, and provide evidence for further analysis or investigation. Detective controls include log files, security audits, intrusion detection systems, network monitoring tools, and antivirus software. In this case, the administrator used log files as a detective control to review the ransomware attack on the company's system. Log files are records of events and activities that occur on a system or network, such as user actions, system errors, network traffic, and security alerts. They can provide valuable information for troubleshooting, auditing, and forensics.
Community Discussion
No community discussion yet for this question.