What is an example of a preventive security control?

A firewall serves as an example of a preventive security control because its primary function is to restrict unauthorized access to or from a network. It does this by applying a set of defined rules for incoming and outgoing traffic, effectively creating a barrier between trusted internal networks and untrusted external networks. By monitoring and controlling this traffic, firewalls help prevent potential security breaches before they occur, thereby mitigating the risk of data loss or compromise.

In the context of security controls, preventive measures are designed to stop incidents before they happen, rather than responding to them after they have occurred. This distinguishes preventive controls like firewalls from other options, such as intrusion detection systems, which primarily detect and alert on suspicious activity rather than prevent it, and security audits, which evaluate existing security measures but do not actively prevent incidents. Incident response plans also fall under the category of reactive measures, as they provide a structured approach to responding to security incidents once they have been detected.