Easy1 markMultiple Choice

Area II: SecurityRisk ManagementInsuranceArea II

CPA · Question 60 · Area II: Security

A company purchases cyber insurance. Which risk management strategy is this?

Answer options:

A.

Risk Avoidance

B.

Risk Mitigation

C.

Risk Transfer (Sharing)

D.

Risk Acceptance

How to approach this question

Insurance = Transfer.

Full Answer

C.Risk Transfer (Sharing)✓ Correct

Buying insurance transfers the financial risk of an incident to the insurer.

Common mistakes

Thinking insurance mitigates the technical risk (it doesn't stop the hack, just pays for it).

Question 59 All questions Question 61

Practice the full CPA ISC Practice Exam 5

82 questions · hints · full answers · grading

Sign up free Take the exam

More questions from this exam

Q01A service organization provides a cloud-based payroll processing application to its user entities...Medium Q02An auditor is reviewing the shared responsibility model for a client using an Infrastructure as a...Hard Q03A financial institution requires a cloud deployment model that offers the highest level of contro...Medium Q04During an IT audit, you observe that a company uses a 'Hybrid Cloud' architecture. Which scenario...Medium Q05Which component of IT architecture is primarily responsible for translating domain names (like ww...Easy

View all 82 questions →