CompTIA Security+ (SY0-601) — Question 657

Which of the following risk management strategies would an organization use to maintain a legacy system with known risks for operational purposes?

Answer options

• A. Acceptance
• B. Transference
• C. Avoidance
• D. Mitigation

Correct answer: A

Explanation

The correct answer is Acceptance because it involves recognizing the risks associated with the legacy system and choosing to proceed with its use despite those risks. Transference, Avoidance, and Mitigation are strategies aimed at reducing or eliminating risks rather than acknowledging and continuing to operate with them.