CompTIA Security+ (SY0-701) — Question 31

Which of the following is the most likely to be used to document risks, responsible parties, and thresholds?

Answer options

• A. Risk tolerance
• B. Risk transfer
• C. Risk register
• D. Risk analysis

Correct answer: C

Explanation

The correct answer is C, the Risk register, as it specifically serves to record risks, assign responsibility, and set thresholds. Options A and B relate to how risks are managed or shared, while D focuses on the evaluation process of risks rather than documentation.