CompTIA CASP+ (CAS-003) — Question 76

The finance department has started to use a new payment system that requires strict PII security restrictions on various network devices. The company decides to enforce the restrictions and configure all devices appropriately. Which of the following risk response strategies is being used?

Answer options

• A. Avoid
• B. Mitigate
• C. Transfer
• D. Accept

Correct answer: B

Explanation

The correct answer is B, Mitigate, as the company is actively taking steps to reduce the risk associated with PII by configuring devices to comply with security restrictions. Avoid would imply not engaging with the risk at all, Transfer would mean shifting the risk to another party, and Accept would indicate acknowledging the risk without taking action.