Which type of control focuses on recovering a device after an attack?

The type of control that focuses on recovering a device after an attack is known as a recovery control. Recovery controls are specifically designed to restore systems and data to a functioning state following a security incident or attack. These controls are essential for ensuring business continuity and minimizing downtime by facilitating the recovery process.

Recovery controls may include measures such as data backups, disaster recovery plans, and system reinstallation procedures. The emphasis is on the actions and processes implemented to bring systems back online and restore normal operations after an adverse event has occurred.

In contrast, preventive controls aim to stop security incidents before they happen, detective controls are designed to identify and monitor security incidents as they occur, and managerial controls focus on the policies and procedures that govern an organization's overall security posture. Understanding these distinctions helps clarify the role of recovery controls within a holistic cybersecurity strategy.