ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 287 - SY0-701 discussion

Report
Export

In a rush to meet an end-of-year business goal, the IT department was told to implement a new business application. The security engineer reviews the attributes of the application and decides the time needed to perform due diligence is insufficient from a cybersecurity perspective. Which of the following best describes the security engineer's response?

A.
Risk tolerance
Answers
A.
Risk tolerance
B.
Risk acceptance
Answers
B.
Risk acceptance
C.
Risk importance
Answers
C.
Risk importance
D.
Risk appetite
Answers
D.
Risk appetite
Suggested answer: D

Explanation:

Risk appetite refers to the level of risk that an organization is willing to accept in order to achieve its objectives. In this scenario, the security engineer is concerned that the timeframe for implementing a new application does not allow for sufficient cybersecurity due diligence. This reflects a situation where the organization's risk appetite might be too high if it proceeds without the necessary security checks.

Reference = CompTIA Security+ SY0-701 study materials, particularly in the domain of risk management and understanding organizational risk appetite.

asked 02/10/2024
John Kaye
29 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first