Which type of security control is designed to identify and respond to security breaches?

Detective controls are specifically designed to identify and respond to security breaches by monitoring systems and activities. Their primary function is to detect unauthorized access or anomalies in the system that may indicate a security incident. These controls encompass tools and processes like intrusion detection systems, monitoring logs for unusual activity, and conducting regular audits.

By functioning in real time or near real time, these controls provide alerts to security personnel when a breach occurs, allowing for a prompt response. This attribute is crucial in creating a resilient security posture, as it helps organizations quickly mitigate risks associated with potential or real breaches.

In contrast, preventive controls are established to stop incidents before they occur, corrective controls aim to rectify issues after they have occurred, and administrative controls focus on policies and procedures that govern security practices. Each of these has a distinct role in a comprehensive security strategy but does not specifically focus on identifying and responding to breaches like detective controls do.