During a quarterly risk assessment, the IT manager notes that several web servers are regularly exposed to unauthorized traffic in the DMZ. She recommends deploying a next-generation firewall that will block malicious packets before they reach the servers. This firewall is an example of which type of security control?
A control that stops a security incident or attack from happening before it can cause harm.
A control that substitutes for a primary control when it is not feasible or practical to implement.
A control that identifies and responds to security incidents after they have occurred.
A control that directs the actions of individuals or systems to maintain security.
Deploying a firewall to block unwanted traffic is preventive because it acts before an attack succeeds. Preventive controls reduce the likelihood of an incident by denying, restricting, or filtering actions up front. Detective controls only discover an event that has already happened, directive controls provide guidance, and compensating controls are alternatives when a primary safeguard is impractical.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are examples of preventive controls?
Open an interactive chat with Bash
What is the difference between preventive and detective controls?
Open an interactive chat with Bash
Can you explain the concept of compensating controls?