An organization requires a security control that verifies an ongoing network communication for signs of anomalous activities and alerts administrators if suspicious traffic patterns are detected. Which type of control aligns BEST with these requirements?
Detective controls are designed to identify and alert when security incidents occur or anomalies are detected, which includes monitoring network communications for suspicious activities. Preventive controls, as their name implies, aim to stop incidents from occurring, but they may not have alerting capabilities. Corrective controls are actions taken to repair the damage or restore systems after a security event, not to identify or detect them. Deterrent controls aim to discourage potential attackers but are not inherently designed for detecting anomalies within network communications.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are examples of detective controls in network security?
Open an interactive chat with Bash
How do detective controls differ from preventive controls?
Open an interactive chat with Bash
What are the main limitations of detective controls?