Which statement correctly differentiates preventive, detective, and corrective controls?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the DSAC Annex F Test with comprehensive flashcards and multiple choice questions. Access hints and explanations for each question to ensure you’re ready for your exam!

Multiple Choice

Which statement correctly differentiates preventive, detective, and corrective controls?

Explanation:
Preventive, detective, and corrective controls describe how to manage risk across a system. Preventive controls are built to stop incidents before they happen, such as access controls, authentication, firewalls, and secure configurations. Detective controls are focused on identifying incidents as they occur or after the fact, through monitoring, logging, and intrusion detection. Corrective controls are about restoring normal operations after an incident, which includes backups, recovery procedures, and patches that fix the underlying issue. This framing matches the statement well: preventive stops incidents, detective detects, and corrective restores from incidents. The other descriptions mix up these roles—detective actions aren’t preventive, corrective actions aren’t about delaying a response, and preventive actions aren’t about restoring data or encrypting.

Preventive, detective, and corrective controls describe how to manage risk across a system. Preventive controls are built to stop incidents before they happen, such as access controls, authentication, firewalls, and secure configurations. Detective controls are focused on identifying incidents as they occur or after the fact, through monitoring, logging, and intrusion detection. Corrective controls are about restoring normal operations after an incident, which includes backups, recovery procedures, and patches that fix the underlying issue.

This framing matches the statement well: preventive stops incidents, detective detects, and corrective restores from incidents. The other descriptions mix up these roles—detective actions aren’t preventive, corrective actions aren’t about delaying a response, and preventive actions aren’t about restoring data or encrypting.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy