The incident has already happened. You're not trying to detect anything or be proactive or prevent anything. You're just interested in recovery and corrective controls.
Answer should be C:
Consequences = the aftermath of the incident which is mainly at the lesson learned.
Preventive so it does not happen again whether after restoring this incident or new incident
Corrective They are crucial for not only resolving the immediate impact of an incident but also for strengthening an organization's security defenses and resilience against future threats.
Corrective controls are designed to correct or fix an issue that has already occurred, while recovery controls are designed to restore systems and data to their normal operating state after an incident. These controls are critical for minimizing the damage caused by security incidents and restoring normal business operations as quickly as possible.
Detective controls are designed to detect security incidents, whereas preventative controls are designed to prevent security incidents from occurring in the first place. Proactive controls are designed to proactively identify and mitigate security risks before they can cause harm. While all of these controls are important components of a comprehensive security program, they are not the MOST appropriate controls when dealing with the consequences of a security incident.
If you Look at this termonology
Before the event, preventive controls are intended to prevent an incident from occurring e.g. by locking out unauthorized intruders;
During the event, detective controls are intended to identify and characterize an incident in progress e.g. by sounding the intruder alarm and alerting the security guards or police;
After the event, corrective controls are intended to limit the extent of any damage caused by the incident e.g. by recovering the organization to normal working status as efficiently as possible.
It's A
You are dealing with the consequences of a security incident. Detective controls are out of the door here. This thing has already happened and now you're dealing with the consequences. So, I am going with "B".
Answer is B. Question asks/incudes "dealing with the consequences" which implies that the most appropriate security controls includes corrective and recovery controls.
Always check? Even after the incident has been documented and everything has already been checked by specialists, you have the workflow documented, you have your incident resolution and prb record, you're going to go to the same people and say "hey guys so yeah thanks for the great work, now do all of that again, okay?"
Answer is A
"Detective controls are designed to find errors or problems after the transaction has occurred. Detective controls are essential because they provide evidence that preventive controls are operating as intended, as well as offer an after-the-fact chance to detect irregularities."
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Jamati
Highly Voted 2 years agoMann0302
2 years agomaawar83
Most Recent 11 months agoSoleandheel
11 months, 2 weeks agohomeysl
1 year, 1 month ago74gjd_37
1 year, 2 months agoSkinbaggy
2 years agojackdryan
1 year, 6 months agoSkinbaggy
2 years agoNickolos
1 year, 11 months agofranbarpro
2 years, 1 month agorc7
2 years, 1 month agoWiDeBarulho
2 years, 1 month agoNickolos
1 year, 11 months ago[Removed]
2 years, 1 month agoJAckThePip
2 years, 1 month ago