Which control is exemplified by using antivirus software to quarantine malware?

Using antivirus software to quarantine malware is an example of corrective controls. Corrective controls are implemented to address and mitigate the impact of security incidents once they have occurred. They are designed to restore systems or data to normal operations after an unwanted event, such as a malware infection.

When antivirus software identifies a piece of malware, it can quarantine it, effectively isolating it from the rest of the system to prevent further harm. This action helps to remediate the infection and allows for a cleanup process to restore the affected systems or files. The primary goal of corrective controls is to fix the problems that arise from security breaches and to prevent further damage from occurring, even after the incident has taken place.

In contrast, preventative controls would focus on measures taken to avoid security breaches in the first place, directive controls provide guidance on expected behaviors, and deterrent controls aim to discourage malicious actions. Therefore, the action of quarantining malware properly aligns with the role of corrective controls in cybersecurity.