What a dumbass question. Its either B or D, depending on whether the "host" is external or internal, if internal it is D, if it is an external host it is B, just block it off the firewall. But the use of "host" implies this is an internal workstation that's causing the problem, you can't just block it off the network, you find the root cause of the problem and try to correct it. I'm leaning towards D.
One of the easiest and most straightforward models for classifying controls is by type: physical, technical, or administrative, and by function: preventative, detective, and corrective
db97. You are an idiot. Look at p. 3-4 of the Student Guide. First lesson covered in the book right after roles. I doubt you even read it.
It lists Control Categories and Control Function Types. Categories and Types. Type is keyword in the question. The only type listed is D.
I thought the answer was technical controls, but after reading my cysa study guide it says:
Security control categories:
- technical
- managerial
- operational
Security control types:
- preventative
- corrective
- derrective
- detterrant
- physical
- compensating
Will 100% be going with D on this one, corrective.
Technical, Operational, and Managerial are Control Categories. Preventative, detective, and corrective are Control Function Types. The key word in the question is "types." Process of elimination: A, B, and C are Control Categories. That leaves Corrective as the only Control Type. D for deez nuts
Technical controls are security measures that are implemented through the use of hardware, software, or firmware, to prevent, detect, or mitigate security risks. In this scenario, the technical control could involve implementing a spam filter on the network or a host-based antivirus program to prevent the spam messages from being sent.
Corrective controls act after an information security incident or problem has been detected. These controls are there to remedy flaws, make improvements, and guide corrective action.
Software and firewalls are technical control by themselves. However, in this given scenario and incident has occurred and we need to take a corrective action, be it may on a technical device, this is still a corrective control.
Where does it say that corrective control cant be implemented on a technical(control) device? I think the biggest thing here is that its a reaction to an incident, therefore we need to corrective action.
Corrective controls Repair or restore components or systems after an incident has occurred
Technical controls are software or hardware components, as in firewalls, IDSs, encryption processes, and identification and authentication mechanisms.
B. Ugh .. these questions are terrible. Leaning on B because Corrective controls are typically designed to restore systems to a secure state after a security incident has happened. While corrective controls can be used to address the effects of a security incident, they are not the appropriate control type to address the ongoing incident of a host spamming the network.
D. Corrective controls should be used to address a situation where a host is unintentionally spamming the network.
Corrective controls are designed to correct or remedy a situation that has already occurred. In this case, the corrective control should be used to address the situation where the host is unintentionally spamming the network. The corrective control could include measures such as identifying the cause of the spamming, such as a malware infection or a misconfigured email client, and taking steps to remediate the issue, such as updating antivirus software or reconfiguring the email client.
Agree it is a poor question but got to go with D - Corrective controls include any measures taken to repair damage or restore resources and capabilities to their prior state following an unauthorized or unwanted activity. Examples of technical corrective controls include patching a system, quarantining a virus, terminating a process, or rebooting a system.
https://www.f5.com/labs/learning-center/what-are-security-controls#:~:text=Corrective%20controls%20include%20any%20measures,process%2C%20or%20rebooting%20a%20system.
Could be B. Looks like another comptia trick question in which the key word in the question is "TYPE". One of the easiest and most straightforward models for classifying controls is by "TYPE": physical, TECHNICAL or administrative, and by "FUNCTION": preventive, detective and "CORRECTIVE".
This is a dumb tricky question. I do think it's B though because we don't know which type of host it is. It would only change to corrective once we find out what's happening. Since we don't know why it's happening or what's causing it, a Technical control (blocking it via firewall) is most likely what would happen first.
CORRECTIVE controls are used AFTER attack, e.g. backup system or patch management.
TECHNICAL controls are firewall or AV software
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.CS0-002 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Comptia_Secret_Service
Highly Voted 2 years, 4 months agolovesheandi
2 years, 1 month agodb97
Highly Voted 2 years, 2 months agoHereToStudy
2 years agorespect9602
1 year, 11 months agoSimonR2
Most Recent 1 year, 9 months agorespect9602
1 year, 11 months agokiduuu
2 years agothenewpcgamer
2 years agoAbusedInk
2 years ago2Fish
2 years, 1 month agoencxorblood
2 years, 2 months agoStiobhan
2 years, 2 months agoddcnsd65
2 years, 2 months agotrojan123
2 years, 3 months agoCyberNoob404
2 years, 3 months agoTKW36
2 years, 3 months agoforest111
2 years, 4 months ago