CompTIA Security+ (SY0-701) — Question 514

Which of the following is an example of a treatment strategy for a continuous risk?

Answer options

• A. Email gateway to block phishing attempts
• B. Background checks for new employees
• C. Dual control requirements for wire transfers
• D. Branch protection as part of the CI/CD pipeline

Correct answer: A

Explanation

The correct answer is A because an email gateway designed to block phishing attempts directly addresses ongoing threats, which is characteristic of a continuous risk. Options B, C, and D represent one-time or specific controls rather than ongoing strategies, making them less relevant for continuous risk management.