CompTIA Security+ (SY0-601) — Question 445

Which of the following strategies shifts risks that are not covered in an organization’s risk strategy?

Answer options

• A. Risk transference
• B. Risk avoidance
• C. Risk mitigation
• D. Risk acceptance

Correct answer: A

Explanation

Risk transference is the correct answer because it involves shifting the responsibility for a risk to another party, often through insurance or outsourcing. Risk avoidance aims to eliminate the risk entirely, risk mitigation focuses on reducing the impact or likelihood of the risk, and risk acceptance means acknowledging the risk without taking any action to address it.