Which of the following scenarios BEST describes a risk reduction technique? A. A security control objective cannot be met through a technical change, so the company purchases insurance and is no longer concerned about losses from data breaches. B. A security control objective cannot be met through a technical change, so the company implements a policy to train users on a more secure method of operation. C. A security control objective cannot be met through a technical change, so the company performs regular audits to determine if violations have occurred. D. A security control objective cannot be met through a technical change, so the Chief Information officer decides to sign off on the risk. Â Correct Answer: B This question is in SY0-601 exam For getting CompTIA Security+ certificate
Please login or Register to submit your answer
Which of the following is the security analyst observing?
