What type of control is implemented when a user's password is reset immediately following a phishing incident?

In the scenario of a user's password being reset immediately following a phishing incident, this action represents a directive control. Directive controls are designed to inform and guide individuals on how to conduct themselves in a secure manner, often through policies or procedures that enforce security measures.

By resetting the password, the organization is providing direction on how to mitigate potential risks associated with the phishing event. This not only helps recover the account's security but also signals to users that they must adhere to specific practices to maintain security. The password reset serves as an immediate policy enforcement measure aimed at protecting user accounts and organizational data following a recognized threat.

Preventive controls aim to avert incidents before they occur, which is not the case in this situation as the phishing event has already happened. Detective controls would identify security breaches or violations after they occur but do not actively enforce remedial action. Compensating controls are alternative measures that are put in place to satisfy the intent of a required control that cannot be met, and they typically do not apply directly in scenarios with immediate actions like password resets following an incident.