Systems Security Certified Practitioner – SSCP – Question0566
How should a risk be HANDLED when the cost of the countermeasure OUTWEIGHS the cost of the risk? A. Reject the risk B. Perform another risk analysis C. Accept the risk D. Reduce the risk
Correct Answer: C
Explanation:
Which means the company understands the level of risk it is faced.
The following answers are incorrect because :
Reject the risk is incorrect as it means ignoring the risk which is dangerous. Perform another risk analysis is also incorrect as the existing risk analysis has already shown the results. Reduce the risk is incorrect is applicable after implementing the countermeasures. Reference : Shon Harris AIO v3 , Chapter-3: Security Management Practices , Page : 39
Please disable your adblocker or whitelist this site!