Comprehensive and Detailed 250–300 Words Explanation From Exact Extract from Chief Information Security Officer (CCISO) Documents:
The EC-Council CCISO Body of Knowledge classifies security controls into categories such as preventive, detective, corrective, and compensating. Patching systems with the latest updates is explicitly identified as a corrective control.
Corrective controls are implemented after a vulnerability or weakness has been identified, with the goal of remediating or correcting the issue to prevent further exploitation. CCISO materials explain that software vulnerabilities are often discovered after deployment, and patching is the primary mechanism used to correct these known weaknesses.
Detection controls, such as intrusion detection systems, only identify issues but do not fix them. Dynamic blocking is not a formal CCISO control category, and “zero day” refers to a type of vulnerability, not a control.
CCISO guidance further explains that effective patch management reduces attack surface, supports regulatory compliance, and demonstrates due diligence. While patching may also contribute to prevention, its primary classification remains corrective because it addresses existing vulnerabilities rather than stopping unknown threats in advance.
Thus, in alignment with CCISO control taxonomy, patching systems is a corrective control, making option D the correct answer.
Submit