CISA Certified Information Systems Auditor – Question2006

Following an IS audit recommendation, all Telnet and File Transfer Protocol (FTP) connections have been replaced by Secure Socket Shell (SSH) and Secure File Transfer Protocol (SFTP). Which risk treatment approach has the organization adopted?

A.
Acceptance
B. Mitigation
C. Avoidance
D. Transfer

Correct Answer: B