Which control reduces impact after an undesirable event or attack?

• A. Preventive Control
• B. Deterrent Control
• C. Corrective Control
• D. Compensating Control

Answer: (C)

After an unwanted event or attack, the goal is to restore operations and minimize damage. Corrective controls are designed for this phase: they activate after an incident to repair systems, recover data, reconfigure or reinstall software, and bring the environment back to normal as quickly as possible. This includes actions like restoring from backups, reimaging systems, applying fixes or patches identified during the incident, and using failover to a redundant system to reduce downtime. Preventive controls aim to stop incidents before they occur, deterrent controls discourage threats, and compensating controls provide alternative measures when primary controls aren’t feasible, focusing on risk reduction rather than post-incident recovery.