CompTIA CASP+ (CAS-004) — Question 299

In a situation, where the cost of anti-malware exceeds the potential loss from a malware threat, which of the following is the most cost-effective risk response?

Answer options

• A. Risk transfer
• B. Risk mitigation
• C. Risk acceptance
• D. Risk avoidance

Correct answer: C

Explanation

Choosing risk acceptance means recognizing the risk but deciding not to take any action since the costs of mitigation are higher than the potential losses. The other options such as risk transfer, mitigation, and avoidance involve additional costs or efforts that would not be justified in this scenario.