Company a acquired company during an audit a security engin - CompTIA CAS-005

Question

Company A acquired Company ׀'. During an audit, a security engineer found Company B's environment was inadequately patched. In response, Company A placed a firewall between the two environments until Company B's infrastructure could be integrated into Company A's security program. Which of the following risk-handling techniques was used?

Answers
  4. correct
Explanation

The correct answer is D. Mitigate.

Mitigation refers to taking steps to reduce or control the impact of a risk. In this scenario, Company A placed a firewall between the two environments to reduce the risk posed by Company B's inadequate patching. By isolating Company B's environment, Company A is mitigating the risk of potential vulnerabilities being exploited while working on integrating Company B's systems into its own security program.

Why the other options are not correct:

  • Accept:

    • Risk acceptance is when an organization acknowledges a risk and chooses not to take any immediate action to address it. This is not the case here because Company A actively implemented a firewall to reduce the risk.

  • Avoid:

    • Risk avoidance involves completely eliminating a risk by removing the cause. In this case, Company A is not avoiding the risk altogether; they are managing it with a firewall rather than eliminating it.

  • Transfer:

    • Risk transfer involves shifting the risk to a third party (e.g., through insurance or outsourcing). Company A is not transferring the risk to another entity; they are addressing it themselves by implementing a firewall.
View Full Course Content Try our Free Questions

No Payment Cards Needed

CompTIA SecurityX CAS-005 exam

Normally $60

$45/month

Subjects Included
  • CompTIA SecurityX CAS-005
Additional Features
  • Over 300 Practice Questions with Answers
  • Quizzes in every Lesson Provided
  • Detailed Analysis of Questions with Answers and Explanations
  • Detailed Notes with Chapters, Topics & Lessons
  • 24/7 Live chat support
  • 24/7 WhatsApp support
  • One Full Month Access

Related Courses

Discover a range of courses designed to provide you with the knowledge and skills needed to excel in your chosen field.

a prepsaret exam featured image
CompTIA Prep

220-1201 - CompTIA A+ Exam Core 1

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

220-1202 - CompTIA A+ Exam Core 2

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Cloud Essentials+ CLO-002

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Network+ N10-009

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Security+ SY0-701

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Data + DA0-001

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Pentest+

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Linux+ XK0-005

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA CySA+ CSO-003

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA DataSys+ DS0-001

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Tech+ FC0-U71

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Cloud+ CV0-004

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Server+ SK0-005

Start Course Prep

Easy way to pass your test within a week with prepsaret

You don’t need one month to study and pass your test.
With Prepsaret, it takes you a few days to grasp all the concepts needed to pass your exams

View Courses Offered