1. Preventative - These work by keeping something from happening in the
first place. Examples of this include: security awareness training, firewall,
anti-virus, security guard and IPS.
2. Reactive - Reactive countermeasures come into effect only after an event
has already occurred.
3. Detective - Examples of detective counter measures include: system
monitoring, IDS, anti-virus, motion detectors and IPS.
4. Administrative - These controls are the process of developing and
ensuring compliance with policy and procedures. These use policy to
protect an asset.