CompTIA Security+ (SY0-601) — Question 200

Which of the following is an example of risk avoidance?

Answer options

• A. Installing security updates directly in production to expedite vulnerability fixes
• B. Buying insurance to prepare for financial loss associated with exploits
• C. Not installing new software to prevent compatibility errors
• D. Not taking preventive measures to stop the theft of equipment

Correct answer: C

Explanation

The correct answer is C, as it involves avoiding potential risks by not installing new software that could lead to compatibility errors. Options A and B represent risk mitigation and risk transfer respectively, while D reflects negligence rather than a proactive avoidance strategy.