Which type of security control is an Intrusion Detection System (IDS) considered to be?

An Intrusion Detection System (IDS) is classified as a detective control because its primary function is to monitor network traffic and detect any suspicious activity or potential intrusions in real-time. By identifying and alerting security personnel to anomalies or unauthorized access attempts, the IDS plays a crucial role in recognizing security incidents as they occur. This enables organizations to respond quickly to potential threats.

While preventive controls aim to prevent security incidents before they occur, such as firewalls or access control systems, detective controls like IDS focus on identifying problems after they've started. Corrective controls are designed to mitigate damage after an incident has taken place, and deterrent controls aim to discourage potential attackers from attempting breaches. The focus of an IDS aligns closely with the characteristics of detective controls, thus making it the correct classification.