Afirewallis categorized as atechnical preventive control(A) ininformation security management. According toISO/IEC 27001, preventive controls aim to stop security incidents before they occur, and technical controls involve technology-based solutions. A firewall prevents unauthorized access to the network perimeter by filtering traffic, making it a technical preventive control.
Physical detective control (B):Involves physical measures (e.g., cameras) to detect incidents, not applicable to firewalls.
Administrative deterrent control (C):Involves policies or procedures to discourage violations, not technology-based.
Physical corrective control (D):Addresses physical issues post-incident, not relevant to firewalls.
[Reference:EPI CITM study guide, under Information Security Management, likely references ISO/IEC 27001’s control categories, emphasizing technical preventive controls. Check sections on security controls or network security., ]
Submit