A system that centralizes the storage, analysis, and reporting of log data from various sources within an organization's IT infrastructure performs a preventive role in the security control framework.
You selected this option
This assertion is correct as preventing incidents is a key goal of centralizing and analyzing log data, which is a characteristic of preventive controls.
You selected this option
This assertion is inaccurate because the primary function of centralizing and analyzing log data is for detection and investigation purposes, matching the definition of a detective control.
The system in question centralizes the collection and analysis of log data in order to identify and alert on potentially malicious activity, classifying it as a detective control rather than a preventive one. Preventive controls aim to prevent security incidents from occurring in the first place, while detective controls are used to find and respond to incidents that are in progress or have already occurred.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are detective controls in cybersecurity?
Open an interactive chat with Bash
How do preventive controls differ from detective controls?
Open an interactive chat with Bash
What role do log data play in security incident management?