A security analyst is providing a risk assessment for a medical device that will be installed on the corporate network. During the assessment, the analyst discovers the device has an embedded operating system that will be at the end of its life in two years. Due to the criticality of the device, the security committee makes a risk-based policy decision to review and enforce the vendor upgrade before the end of life is reached. Which of the following risk actions has the security committee taken?
A) Risk exception
B) Risk avoidance
C) Risk tolerance
D) Risk acceptance
Correct Answer:
Verified
Q4: A security analyst suspects a malware infection
Q5: A security analyst received a SIEM alert
Q6: While planning segmentation for an ICS environment,
Q7: A development team uses open-source software and
Q8: An information security analyst is compiling data
Q10: Which of the following would MOST likely
Q11: Which of the following roles is ultimately
Q12: A security technician is testing a solution
Q13: A cybersecurity analyst has access to several
Q14: A security analyst is trying to determine
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents