GIAC Security Essentials Certification (GSEC) — Question 33

Your IT security team is responding to a denial of service attack against your server. They have taken measures to block offending IP addresses. Which type of threat control is this?

Answer options

• A. Detective
• B. Preventive
• C. Responsive
• D. Corrective

Correct answer: D

Explanation

The action of blocking offending IP addresses is considered a corrective measure because it directly addresses and mitigates the impact of the ongoing attack. Detective controls would involve monitoring for such attacks, while preventive controls aim to stop them before they occur. Responsive controls typically involve actions taken during or immediately after an incident, but in this case, the focus is on correcting the situation by blocking the IPs.