Weekly CISSP Exam Questions
Scenario: You notice that an unauthorized user has gained access to a privileged account. What type of control should be implemented to alert you of this in the future?
A. Preventive Control
B. Detective Control
C. Deterrent Control
D. Compensating Control
Answer: B
Explanation:
Detective Control: These controls are designed to detect and alert when a security incident occurs. Implementing detective controls like intrusion detection systems (IDS), log monitoring, or alerting systems can notify you immediately when unauthorized access to privileged accounts happens.
Here's a breakdown of the other options:
Preventive Control: Preventive controls aim to stop an incident from occurring in the first place. While important, they wouldn't alert you if an unauthorized access actually happens.
Deterrent Control: These controls are designed to discourage potential attackers but don't necessarily detect or prevent unauthorized access. Examples include warning banners or legal notices that state unauthorized access is prohibited.
Compensating Control: These are backup controls that come into play when the main controls fail. While they may detect unauthorized access, their primary purpose is not detection but rather to serve as a secondary layer of security.
Podcasts
Check out my weekly podcasts that delve deep into the relevant topics related to each of CISSP domains. In addition, I will go over specific questions and they can be interpreted and answered.
CISSP Cyber Training Academy
Tired of not knowing how to study for the CISSP Exam?
Check out the CISSP Cyber Training Academy to help you on your journey!
CISSP Cyber Training - YouTube
Check out my video collection on YouTube discussing all the details needed to help you pass the CISSP exam.
