Comprehensive and Detailed Explanation (250–350 words)
===========
In the EC-Council CCISO framework, security controls are classified by their purpose and effect. A deterrent control is specifically designed to discourage or dissuade individuals from attempting to exploit a vulnerability, rather than technically blocking or detecting the attack.
CCISO materials define deterrent controls as those that influence human behavior through perceived consequences. Examples include warning banners, legal notices, security awareness messaging, visible surveillance, and sanctions policies. These controls do not stop attacks directly, nor do they detect or correct them; instead, they reduce the likelihood of exploitation by increasing perceived risk.
Preventive controls actively block threats (e.g., firewalls), detective controls identify incidents after occurrence (e.g., SIEM alerts), and corrective controls restore systems after an incident. None of these align with the concept of discouragement, which is explicitly tied to deterrence in CCISO documentation.
The CCISO program emphasizes that deterrent controls play a critical role in defense-in-depth strategies, particularly at the governance and policy level. They are especially effective against insider threats and opportunistic attackers.
Therefore, the correct answer is Option D: Deterrent.
