According to scenario 2, Beauty has reviewed all user access rights. What type of control is this?
According to scenario 2, Beauty has reviewed all user access rights. What type of control is this?
The answer is A. See the classification of security controls PECB Day 1 Page 82 Detective controls are controls to search for, detect and identify incidents Preventative controls to avoid or prevent the occurrence of incidents Corrective controls to solve the identified incidents and prevent re-occurrence -
B. Corrective and managerial This is because Beauty implemented corrective controls (installing new anti-malware software and updating it) to fix the issue after the incident occurred. Additionally, the actions of updating policies, conducting security awareness sessions, and managing user access rights fall under managerial controls, which are focused on oversight, administration, and policy management to ensure compliance and security.
I had a second look at the question, the answer is A. I would like to withdraw my initial answer.
Corrective and Managerial because the review only came to play after the occurence of the incidence