An intrusion prevention system (IPS) functions as which type of control?

An intrusion prevention system (IPS) serves primarily as a technical control within an organization's security framework. A technical control refers to security measures that are implemented through hardware or software solutions to protect systems and networks. These controls are designed to detect vulnerabilities, block unauthorized access, and prevent attacks in real-time.

By analyzing network traffic and identifying potentially harmful activities, an IPS can automatically take actions such as blocking the offending traffic or alerting security personnel. This real-time response is crucial for safeguarding networks from intrusions and exploits, reinforcing why it is classified as a technical control.

While other types of controls exist—such as administrative controls, which are based on policies and procedures, or corrective controls, which are designed to restore systems after a security incident—the IPS specifically embodies the implementation of technology to manage security threats effectively. Hence, its classification as a technical control is appropriate in the context of network security measures.