CompTIA Security+ (SY0-601) — Question 737

Which of the following is an example of transference of risk?

Answer options

• A. Purchasing insurance
• B. Patching vulnerable servers
• C. Retiring outdated applications
• D. Application owner risk sign-off

Correct answer: A

Explanation

The correct answer is A, as purchasing insurance is a classic method of transferring risk from an individual or organization to an insurance provider. Options B and C focus on mitigating risk through technical measures, while D pertains to accepting risk rather than transferring it.