Free CompTIA Security+ SY0-701 Practice Question

Corrective controls are designed to limit the damage and impact after a security incident has already occurred. They are reactive measures that help organizations recover from an incident and minimize the extent of the damage. Examples of corrective controls include backup systems that allow for data restoration and incident response plans that outline the steps to be taken after an incident is detected. While preventive controls aim to stop incidents from occurring in the first place, and detective controls focus on identifying incidents, corrective controls are specifically designed to mitigate the consequences of an incident after it has happened.