A Host-based Intrusion Prevention System (HIPS) provides both preventive and detective security controls. Security+ SY0-701 describes HIPS as a host-level security solution that monitors system behavior, blocks malicious activity, and logs suspicious events.

It functions as a preventive control (B) because it can:

Stop malware execution

Block unauthorized changes

Prevent exploit attempts

Enforce endpoint protection policies

It is also a detective control (F) because it can:

Record attempted attacks

Identify suspicious activities

Generate alerts for security teams

Directive controls (A) refer to policies; physical controls (C) refer to locks and barriers; corrective controls (D) restore systems after an incident; compensating controls (E) substitute for missing primary controls.

Therefore, the two correct answers are B (Preventive) and F (Detective).