Your company completes a risk analysis. After the analysis, management requests that you deploy security controls that will mitigate any of the identified risks. What is risk mitigation?
A. risk that is left over after safeguards have been implemented
B. terminating the activity that causes a risk or choosing an alternative that is not as risky
C. passing the risk on to a third party
D. defining the acceptable risk level the organization can tolerate and reducing the risk to that level
D
Explanation: Risk mitigation is defining the acceptable risk level the organization can tolerate and reducing the risk to that level.
Residual risk is risk that is left over after safeguards have been implemented. Risk avoidance is terminating the activity that causes a risk or choosing an alternative that is not as risky. Risk transfer is passing the risk on to a third party.
You might also like to view...
Microsoft Excel is text and data processing software and is not suited for working with formulas.
Answer the following statement true (T) or false (F)
Which of the following are improvements of the 802.11n standard versus the 802.11a and 802.11g standards? (Choose all that apply.)
A. operates at up to 54 Mbps B. uses MIMO C. utilizes WEP for security D. uses aggregation of frames and ACK responses
How can you identify the difference between automatic page breaks on a worksheet and manual page breaks?
What will be an ideal response?
When an array is initialized with the "double" keyword, how large is each element of the array?
A. 1 byte B. 8 bytes C. 8 bits D. 8 megabytes