Which type of control is designed to identify attacks during or after they occur?

Prepare for the Internal Auditing Standards and Practices - Cybersecurity Test. Gain confidence with multiple choice questions and clear explanations. Ace your exam!

Multiple Choice

Which type of control is designed to identify attacks during or after they occur?

Explanation:
Detective controls are designed to identify attacks during or after they occur. They watch for anomalies and security events, collecting data and analyzing it so responders can detect breaches and respond quickly. Examples include intrusion detection systems, security information and event management (SIEM) tools, log reviews, and file integrity monitoring. This distinguishes them from preventive controls, which aim to stop incidents before they happen, and corrective controls, which are activated after a detection to restore systems and reduce impact. Physical controls protect assets in the physical realm and aren’t focused on cyber attack detection.

Detective controls are designed to identify attacks during or after they occur. They watch for anomalies and security events, collecting data and analyzing it so responders can detect breaches and respond quickly. Examples include intrusion detection systems, security information and event management (SIEM) tools, log reviews, and file integrity monitoring. This distinguishes them from preventive controls, which aim to stop incidents before they happen, and corrective controls, which are activated after a detection to restore systems and reduce impact. Physical controls protect assets in the physical realm and aren’t focused on cyber attack detection.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy