Multiple Choice
A security analyst is providing a risk assessment for a medical device that will be installed on the corporate network. During the assessment, the analyst discovers the device has an embedded operating system that will be at the end of its life in two years. Due to the criticality of the device, the security committee makes a risk-based policy decision to review and enforce the vendor upgrade before the end of life is reached. Which of the following risk actions has the security committee taken?
A) Risk exception
B) Risk avoidance
C) Risk tolerance
D) Risk acceptance
Correct Answer:
Verified
Correct Answer:
Verified
Q85: A company's Chief Information Security Officer (CISO)
Q86: A cybersecurity analyst is responding to an
Q87: An analyst wants to identify hosts that
Q88: A critical server was compromised by malware,
Q89: A security analyst has observed several incidents
Q91: A security analyst for a large financial
Q92: A SIEM solution alerts a security analyst
Q93: A security analyst has received reports of
Q94: An organization developed a comprehensive incident response
Q95: Which of the following should a database