CompTIA Security+ (SY0-601) — Question 59

An organization has decided to purchase an insurance policy because a risk assessment determined that the cost to remediate the risk is greater than the five- year cost of the insurance policy. The organization is enabling risk:

Answer options

• A. avoidance.
• B. acceptance.
• C. mitigation.
• D. transference.

Correct answer: D

Explanation

The correct answer is D, transference, as the organization is shifting the financial burden of the risk to the insurance company. Avoidance would mean eliminating the risk entirely, acceptance indicates acknowledging the risk without action, and mitigation involves reducing the impact of the risk, none of which apply in this scenario.