As a security administrator, you have been asked to implement a mechanism that can discover unauthorized access to company resources and alert the security team when such events occur. Which type of security control should you primarily focus on deploying?
Detective controls are designed to identify and record unauthorized activities or intrusions and to generate alerts so that security personnel can respond. They do not stop or discourage the activity directly but instead detect and report it. An intrusion detection system (IDS) is a common detective control, making this the appropriate choice for discovering unauthorized access and notifying the security team. Preventive controls attempt to stop incidents before they happen, deterrent controls discourage attackers, and corrective controls limit damage after an incident-none of which primarily focus on detection and alerting.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are some examples of detective controls?
Open an interactive chat with Bash
How does an intrusion detection system (IDS) work?
Open an interactive chat with Bash
How are detective controls different from preventive controls?