What measures can be classified as detective controls?

Detective controls are essential components of an organization's security posture, as they serve to identify and alert administrators to security incidents or the presence of vulnerabilities after they occur. The correct choice highlights surveillance and monitoring technologies, specifically security cameras and intrusion detection systems, which are designed to detect unauthorized access or suspicious activity.

Security cameras provide visual monitoring of physical spaces, allowing for the identification of incidents as they happen or through recorded footage. Intrusion detection systems actively monitor network traffic or system behaviors, alerting security personnel to potential breaches or abnormal patterns that may indicate unauthorized access or attacks. Both of these measures are proactive in their ability to reveal security incidents, making them integral to a comprehensive security strategy.

On the other hand, measures like firewalls and encryption standards are preventive controls, designed to establish security barriers and protect data integrity. Antivirus software, while it can detect malware, primarily functions as a preventive measure by providing real-time protection against threats. VPNs are also considered preventive, as they create secure connections to safeguard data in transit. Only security cameras and intrusion detection systems are designed specifically for detection in the event of a security incident, defining them as the appropriate choice for this question.