Explanation/Reference:
Explanation:
Corrective controls are used to restore systems after an incident has occurred.
The different functionalities of security controls are preventive, detective, corrective, deterrent, recovery, and compensating.
The six different control functionalities are as follows:
Deterrent: Intended to discourage a potential attacker

Preventive: Intended to avoid an incident from occurring

Corrective: Fixes components or systems after an incident has occurred

Recovery: Intended to bring the environment back to regular operations

Detective: Helps identify an incident's activities and potentially an intruder

Compensating: Controls that provide an alternative measure of control

Incorrect Answers:
A: Compensating controls provide an alternative measure of control. They are not used to restore systems after an incident.
C: Detective controls are used to discover harmful occurrences. They are not used to restore systems after an incident.
D: Preventive controls are used to avoid an incident from occurring. They are not used to restore systems after an incident.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, p. 30