CompTIA Security+ (SY0-501) — Question 668

An email systems administrator is configuring the mail server to prevent spear phishing attacks through email messages. Which of the following refers to what the administrator is doing?

Answer options

• A. Risk avoidance
• B. Risk mitigation
• C. Risk transference
• D. Risk acceptance

Correct answer: A

Explanation

The correct answer is A, Risk avoidance, as the administrator is taking steps to eliminate the threat of spear phishing entirely. Risk mitigation, option B, would involve reducing the impact or likelihood of a threat, but not fully eliminating it. Options C and D do not apply, as transference involves shifting the risk to another party, and acceptance means acknowledging the risk without taking action.