20 May Practice Test Question- Control Types
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Josh is reviewing and updating the firewall rules used by his organization to react to changing needs. What type of control primarily describes the network firewall?
Correct Answer: D
While it is possible to make an argument that the network firewall fits into all of these categories, a firewall’s primary purpose is to block unwanted traffic from entering the network. Therefore, it is best described as a preventative control. Detective controls are designed to identify malicious activity that occurs. Corrective controls are designed to restore normal service after a security incident. Deterrent controls are designed to discourage a potential attacker from attempting an attack.