The IT security personnel of an organization notice that the web server deployed in the DMZ is frequently targeted by threat actors. The decision is made to implement a patch management system to manage the server. Which risk management strategy method is being used to respond to the identified risk?

The IT security personnel of an organization notice that the web server deployed in the DMZ is frequently targeted by threat actors. The decision is made to implement a patch management system to manage the server. Which risk management strategy method is being used to respond to the identified risk?

  • risk sharing
  • risk retention
  • risk reduction
  • risk avoidance
    Answers Explanation & Hints:

    There are four potential strategies for responding to risks that have been identified:

    Risk avoidance – Stop performing the activities that create risk.

    Risk reduction – Decrease the risk by taking measures to reduce vulnerability.

    Risk sharing – Shift some of the risk to other parties.

    Risk retention – Accept the risk and its consequences.

Leave a comment