The only use of the acceptance strategy that industry practices recognize as valid occurs when the organization has done all but which of the following?
A) Determined the level of risk posed to the information asset
B) Performed a thorough cost-benefit analysis
C) Determined that the particular function, service, information, or asset did justify the cost of additional protection
D) Assessed the probability of attack and the likelihood of a successful exploitation of a vulnerability
Correct Answer:
Verified
Q25: An organization that chooses to outsource its
Q26: The goal of information security is to
Q27: When the attacker's potential gain is greater
Q28: Mitigation depends on the ability to detect
Q29: Application of training and education is a
Q31: Cost Benefit Analysis is determined by calculating
Q32: An alternate set of possible risk control
Q33: Reducing the impact of a successful attack
Q34: Asset evaluation is the process of assigning
Q35: When a vulnerability (flaw or weakness)exists,you should
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents