What type of control aims to use encryption to protect data at rest?

Disable ads (and more) with a membership for a one time $4.99 payment

Study for the Microsoft SC-900 Exam. Master key concepts with targeted flashcards and multiple-choice questions, featuring hints and explanations. Get prepared and confident for success!

Encryption to protect data at rest falls under preventative controls because its primary purpose is to safeguard data from unauthorized access and potential breaches before they occur. By implementing encryption, organizations proactively defend sensitive information, ensuring that even if unauthorized individuals gain physical access to the storage medium, they cannot read the encrypted data without the appropriate decryption keys. This method diminishes risks associated with data theft and enhances the overall security posture of an organization.

Preventative controls focus on thwarting security incidents before they can happen, in contrast to other types of controls such as detective or corrective measures, which react to incidents or identify issues after they have occurred.