CompTIA Security+ SY0-701 Practice Question

A company is revising its strategic plan and wants to balance its growth objectives with its information security risks. The company seeks neither to aggressively pursue risk for potential gains nor to minimize risk at the expense of new opportunities. Which of the following best describes the company's risk strategy?

  • The company assesses security risks on a case-by-case basis, with no predefined strategy towards risk.

  • The company strictly minimizes any potential security risks, even if it means passing on potentially lucrative opportunities.

  • The company is aggressively expanding into new markets, often prioritizing potential gains over the strict management of information security risks.

  • The company is adopting a neutral risk strategy to support steady growth while efficiently managing security risks.

CompTIA Security+ SY0-701
Security Program Management and Oversight
Your Score:
Settings & Objectives

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot