CISM Certified Information Security Manager – Question0312
The purpose of a corrective control is to: A. reduce adverse events. B. indicate compromise. C. mitigate impact. D. ensure compliance.
Correct Answer: C
Explanation:
Explanation:
Corrective controls serve to reduce or mitigate impacts, such as providing recovery capabilities. Preventive controls reduce adverse events, such as firewalls. Compromise can be detected by detective controls, such as intrusion detection systems (IDSs). Compliance could be ensured by preventive controls, such as access controls.
Please disable your adblocker or whitelist this site!