An organization wants to improve its security posture by installing an IDS. What type of control is an IDS categorized as?

An Intrusion Detection System (IDS) is categorized as a detective control. Detective controls are designed to identify and respond to security incidents that may occur within an organization's environment. They monitor activities and systems for signs of unauthorized access, misuse, or other security threats. By analyzing data from network traffic and system logs, an IDS can detect potential intrusions and alert security personnel to take appropriate action.

This proactive monitoring capability is essential for enhancing an organization's security posture, as it allows for timely response to potential threats before they can lead to significant damage.

In contrast, corrective controls are implemented to restore systems after a security incident has occurred, physical controls involve tangible security measures such as locks or security guards, and administrative controls relate to policies and procedures governing security practices. Each type of control plays a unique role in an overall security strategy, but in this case, the IDS specifically fits the definition of a detective control due to its function of detecting and alerting about possible security breaches.