CompTIA CySA+ (CS0-002) — Question 352

A newly appointed Chief Information Security Officer has completed a risk assessment review of the organization and wants to reduce the numerous risks that were identified. Which of the following will provide a trend of risk mitigation?

Answer options

• A. Planning
• B. Continuous monitoring
• C. Risk response
• D. Risk analysis
• E. Oversight

Correct answer: B

Explanation

The correct answer is B, Continuous monitoring, as it consistently tracks and evaluates the effectiveness of risk mitigation efforts over time. The other options, while related to risk management, do not provide ongoing insights into the trends of risk mitigation. Planning sets the stage, but does not monitor; Risk response deals with immediate actions; Risk analysis focuses on identifying risks; and Oversight is more about governance rather than tracking trends.