Systems Security Certified Practitioner – SSCP – Question0571

An Intrusion Detection System (IDS) is what type of control?

A.
A preventive control.
B. A detective control.
C. A recovery control.
D. A directive control.

Correct Answer: D

Explanation:

These controls can be used to investigate what happen after the fact. Your IDS may collect information on where the attack came from, what port was use, and other details that could be used in the investigation steps.
“Preventative control” is incorrect. Preventative controls preclude events or actions that might compromise a system or cause a policy violation. An intrusion prevention system would be an example of a preventative control.
“Recovery control” is incorrect. Recover controls include processes used to return the system to a secure state after the occurrence of a security incident. Backups and redundant components are examples of recovery controls.
“Directive controls” is incorrect. Directive controls are administrative instruments such as policies, procedures, guidelines, and aggreements. An acceptable use policy is an example of a directive control.
References: CBK, pp. 646 -647