What is an example of a detective control?

A detective control is a security measure that helps identify and detect security incidents after they have occurred. Intrusion detection systems (IDS) are designed specifically to monitor network traffic and identify potential threats or unauthorized access attempts. When these systems detect suspicious activity, they alert administrators, allowing for a timely response to mitigate any damage.

This characteristic of detection aligns well with the purpose of an IDS, which is to provide awareness of potential security breaches, thus playing a vital role in an organization’s overall security posture.

In contrast, regular backups of data and systems focus more on preserving information and aiding in recovery rather than detecting unauthorized actions. Security training for employees is essential for prevention and awareness but does not actively monitor or detect incidents. Access control measures are designed to restrict unauthorized access to data, focusing on prevention rather than detection.