An organization has recently implemented a monitoring system that flags unusual behavior on its network and alerts the security team for potential security breaches. This system was established after a recent incident where unauthorized access went undetected for an extended period. Based on this scenario, what type of control has the organization most likely implemented?
The organization has implemented a detective control. Detective controls are designed to identify and alert when a security incident occurs. The scenario describes a monitoring system that flags unusual behavior, which aligns with the detection and alerting function of a detective control. Preventive controls aim to stop incidents from occurring before they happen, which is not the focus in this scenario. Corrective controls are instituted to limit the damage after an incident has occurred, which is again not the main function described. While compensating controls provide an alternative measure if primary controls fail or are not feasible, the scenario directly mentions the implementation was a response to a previous undetected breach, indicating it is a primary monitoring solution, not a compensatory one.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the different types of security controls?
Open an interactive chat with Bash
Can you explain what an example of a detective control might be?
Open an interactive chat with Bash
How do detective controls fit into an overall security strategy?