Which of the following controls monitors and alerts organizations to malicious activities as they happen?

Detective controls are essential components of an organization's cybersecurity strategy, as they are specifically designed to identify and alert to security incidents, including malicious activities, in real time. These controls are crucial for monitoring systems and networks, detecting breaches or attacks as they occur, and enabling a swift response to mitigate any potential damage.

By employing detective controls, organizations can enhance their situational awareness, allowing them to take appropriate actions against threats and improve their overall security posture. Examples of detective controls include intrusion detection systems (IDS), security information and event management (SIEM) systems, and various monitoring tools that analyze logs and system activities for unusual patterns.

In contrast, corrective controls focus on remedying issues after they have occurred, directive controls provide guidance on acceptable practices or behavior, and deterrent controls are designed to discourage unwanted behavior before it happens. While all these controls play important roles in a comprehensive security framework, the primary function of detective controls is to ensure that malicious activities are monitored and reported as they happen.