Certified Information Systems Security Professional (CISSP) Practice Exam 2025 – All-in-One Guide to Mastering Your Certification!

A Network-Based Intrusion Detection System (NIDS) is classified as a detective control because its primary function is to monitor network traffic for suspicious activities and potential security breaches. By analyzing incoming and outgoing packets, a NIDS can identify patterns consistent with known threats or anomalies that may indicate an intruder is attempting to exploit vulnerabilities within the network.

Detective controls serve the purpose of identifying and alerting potential security incidents or breaches after they have occurred, allowing organizations to respond appropriately. NIDS provide insights into ongoing threats, which helps security personnel take action to mitigate risks or implement further preventive measures.

This classification is distinct from other types of controls. Preventive controls aim to deter or prevent security incidents before they occur, while corrective controls focus on responding to and rectifying security incidents after detection. Managerial controls pertain to the overall management and oversight of security policy and operational efforts. The role of a NIDS is specifically to detect threats, making it a classic example of a detective control in cybersecurity frameworks.