Certified Information Security Manager (CISM) — Question 283

Which type of control is an incident response team?

Answer options

• A. Detective
• B. Directive
• C. Corrective
• D. Preventive

Correct answer: C

Explanation

An incident response team is classified as a Corrective control because it actively addresses and mitigates incidents after they occur. Detective controls are designed to identify incidents, Directive controls set policies and procedures, and Preventive controls aim to stop incidents from happening in the first place, none of which directly involve responding to incidents.