Not implementing a system or feature that is known to have vulnerabilities falls under the risk avoidance strategy. By deciding not to proceed with using or deploying software that is vulnerable, an organization effectively eliminates the risk associated with those vulnerabilities. The incorrect answers involve managing risk through different methods; patching refers to Corrective controls, transferring risk involves shifting the responsibility to another entity, and acceptance means the organization recognizes the risk but chooses to proceed without taking action.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.