PrepAway - Latest Free Exam Questions & Answers

Which of the following is NOT a form of detective techn…

Which of the following is NOT a form of detective technical control?

PrepAway - Latest Free Exam Questions & Answers

A.
Audit trails

B.
Access control software

C.
Honeypot

D.
Intrusion detection system

Explanation:
Access control software is an example of a preventive/technical control, not a detective/technical control.
By combining preventive and detective controls, types with the administrative, technical (logical), and physical
means of implementation, the following pairings are obtained:
Preventive/administrative
Preventive/technical
Preventive/physical
Detective/administrative
Detective/technical
Detective/physical
The detective/technical control measures are intended to reveal the violations of security policy using technical
means. These measures include intrusion detection systems and automatically-generated violation reports from
audit trail information. These reports can indicate variations from “normal” operation or detect known signatures
of unauthorized access episodes.
A honeypot is a system designed with the purpose of being attacked so that the attack can be monitored and
the attack techniques noted. This is another example of a detective technical control.
Incorrect Answers:
A: Audit trails are an example of a detective/technical control.
C: A honeypot is an example of a detective/technical control.
D: An intrusion detection system is an example of a detective/technical control.

Krutz, Ronald L. and Russell Dean Vines, The CISSP and CAP Prep Guide: Mastering CISSP and CAP, Wiley
Publishing, Indianapolis, 2007, pp. 48-50


Leave a Reply