A Host-based Intrusion Prevention System (HIPS) provides both preventive and detective security controls. Security+ SY0-701 describes HIPS as a host-level security solution that monitors system behavior, blocks malicious activity, and logs suspicious events.
It functions as a preventive control (B) because it can:
Stop malware execution
Block unauthorized changes
Prevent exploit attempts
Enforce endpoint protection policies
It is also a detective control (F) because it can:
Record attempted attacks
Identify suspicious activities
Generate alerts for security teams
Directive controls (A) refer to policies; physical controls (C) refer to locks and barriers; corrective controls (D) restore systems after an incident; compensating controls (E) substitute for missing primary controls.
Therefore, the two correct answers are B (Preventive) and F (Detective).
Submit