During a security design review, a consultant recommends placing a stateful firewall at the internet edge and enabling role-based access controls on internal file servers. According to the security control taxonomy used by CompTIA, what primary purpose do these preventive controls serve?
To limit the damage caused by a security incident after it has occurred
To identify and respond to security incidents after they occur
To stop security incidents from occurring in the first place
To substitute for primary controls when they are not available
Preventive controls are proactive safeguards that stop security incidents from occurring. A firewall blocks unauthorized traffic before it reaches internal resources, and access controls prevent unauthorized users from opening files. Unlike detective controls, which discover incidents, or corrective controls, which limit damage afterward, preventive measures are specifically intended to eliminate the incident opportunity altogether.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are some examples of preventive controls?
Open an interactive chat with Bash
How do preventive controls differ from detective controls?
Open an interactive chat with Bash
Why are preventive controls critical for cybersecurity frameworks?