Easy1 markMultiple Choice

Area II: SecurityIncident ResponseArea II

CPA · Question 74 · Area II: Security

A company uses 'Ransomware' insurance. This is an example of which risk response strategy?

Answer options:

A.

Risk Avoidance

B.

Risk Mitigation

C.

Risk Transfer (Sharing)

D.

Risk Acceptance

How to approach this question

Identify the strategy involving insurance.

Full Answer

C.Risk Transfer (Sharing)✓ Correct

Risk Transfer (Sharing)

Insurance transfers the financial risk to the carrier.

Common mistakes

Thinking insurance mitigates the technical risk (it only mitigates the financial impact).

Question 73 All questions Question 75

Practice the full CPA ISC Practice Exam 2

82 questions · hints · full answers · grading

Sign up free Take the exam

More questions from this exam

Q01A service organization provides a cloud-based payroll platform where clients access the software ...Medium Q02An auditor is reviewing the backup strategy for a financial institution that requires a Recovery ...Hard Q03During a walkthrough of the change management process, an auditor observes that developers have w...Medium Q04An auditor is reviewing a SQL query used to generate a list of active customers for a marketing c...Hard Q05Which of the following entities is considered a 'Covered Entity' under the HIPAA Privacy Rule?Medium

View all 82 questions →