A security team has implemented a layered security approach for their organization's network infrastructure. They have already deployed boundary protection at the network perimeter and monitoring systems that alert security staff to suspicious events. Which type of control would best complement the existing security measures to form a comprehensive defense strategy?
The correct answer is automated response mechanisms, which are corrective controls. The scenario describes preventive controls (boundary protection/firewalls) and detective controls (monitoring systems/IDS), but lacks corrective controls. Automated response mechanisms can take immediate action to block or mitigate detected threats in real-time, completing the defense-in-depth strategy by adding the corrective component.
Change management is an administrative control that manages modifications to systems but doesn't directly complement the technical controls mentioned in the scenario. Additional access restrictions would add more preventive controls, which are already represented in the current architecture. Security awareness training is an important preventive control but focuses on the human element rather than complementing the existing technical infrastructure.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are automated response mechanisms?
Open an interactive chat with Bash
What are corrective controls in cybersecurity?
Open an interactive chat with Bash
Why is a layered security (defense-in-depth) approach important?
Open an interactive chat with Bash
ISC2 CISSP
Security and Risk Management
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access