Which of the following is a primary action in the strategy of avoiding risks associated with software vulnerabilities?
Choosing not to implement a system or feature known to be vulnerable
Accepting the risk after conducting a cost-benefit analysis
Transferring the risk by purchasing cyber insurance
Regularly patching software to close security gaps