Safeguards and actions to protect data and systems

Only actions taken after a security incident

Measures that do not involve user education

None of the above

To stop security incidents before they occur

To identify security incidents after they occur

To minimize the impact of a security incident

To neutralize specific threats

Identifying security incidents after they have occurred

Preventing security incidents from occurring

Restoring systems to a secure state

None of the above

To minimize the impact of a security incident

To prevent unauthorized access

To monitor network traffic

To educate users about threats

Specific actions taken to neutralize threats

Only preventive measures

Actions taken after a security incident

None of the above

It ensures that if one layer fails, others are in place

It relies on a single type of control

It is less effective than a single-layer approach

None of the above

Detective control.

Corrective control.

Deterrent control.

Preventive control.