Which of the following is a primary action in the strategy of avoiding risks associated with software vulnerabilities?
Choosing not to implement a system or feature known to be vulnerable
Regularly patching software to close security gaps
Accepting the risk after conducting a cost-benefit analysis
Transferring the risk by purchasing cyber insurance