Based on scenario 3, which risk treatment option did EsTeeMed select after analysing the Incident?

Lead Cybersecurity Manager 0 Comments

Based on scenario 3, which risk treatment option did EsTeeMed select after analysing the Incident?
A . Risk sharing
B . Risk avoidance
C . Risk retention

Answer: C

Explanation:

After analyzing the incident, EsteeMed decided to accept the actual risk level, deeming the likelihood of a similar incident occurring in the future as low and considering the existing security measures as sufficient. This decision indicates that EsteeMed selected the risk treatment option of risk retention, where the organization accepts the risk and continues operations without additional measures.

Reference: ISO/IEC 27005:2018 – Provides guidelines for information security risk management and details various risk treatment options, including risk retention, where risks are accepted by the organization.

NIST SP 800-39 – Managing Information Security Risk, which discusses risk management strategies including risk retention.

Latest Lead Cybersecurity Manager Dumps Valid Version with 80 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download Lead Cybersecurity Manager PDF     Lead Cybersecurity Manager Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments