CompTIA Security+ (SY0-701) — Question 202

Which of the following security controls is most likely being used when a critical legacy server is segmented into a private network?

Answer options

• A. Deterrent
• B. Corrective
• C. Compensating
• D. Preventive

Correct answer: C

Explanation

The correct answer is C, Compensating, as this control provides an alternative measure to mitigate risk when primary controls are insufficient. Options A (Deterrent) and D (Preventive) focus on discouraging or stopping attacks, while B (Corrective) deals with responding to incidents after they occur. In this scenario, segmenting the server acts as a compensating control to enhance security around a legacy system.