To minimize the impact of a security incident in a heavily regulated company, a cybersecurity analyst has configured audit settings in the organization's cloud services. Which of the following security controls has the analyst configured?
Audit settings provide visibility into user actions and system events. These are classified asdetective controlsbecause they enable the detection of anomalies, policy violations, or unauthorized access by generating logs or alerts. They do not prevent actions (Preventive) or reverse harm (Corrective), nor do they provide policy guidance (Directive).
????Reference: CompTIA CySA+ All-in-One by Mya Heath, Chapter 13, “Vulnerability Handling and Response” – Control Types and Functions.
????Objective: 2.5 - Explain the importance of prioritization, remediation, and mitigation of vulnerabilities.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit