An alert references attacks associated with a zero-day exploit. An analyst places a bastion host in the network to reduce the risk of the exploit. Which of the following types of controls is the analyst implementing?

Detective controls are intended to identify and detect potential security breaches or incidents after they occur. While a bastion host can log activity and potentially identify malicious behavior, its primary role here is not to detect but to prevent exploitation of a vulnerability, making this choice incorrect.

Operational controls encompass a wide range of policies, procedures, and practices that govern day-to-day operations within an organization. Although the implementation of a bastion host may involve operational aspects, it is not primarily categorized as an operational control since it specifically addresses a security threat rather than routine operations.

Physical controls refer to tangible measures used to protect physical assets and facilities, such as locks, fences, or surveillance cameras. A bastion host is a digital security measure, not a physical control, which makes this option inappropriate for the scenario described.