Exam Lead-Cybersecurity-Manager Topic 1 Question 58 Discussion
Actual exam question for PECB's Lead-Cybersecurity-Manager exam
Question #: 58
Topic #: 1
Question #: 58
Topic #: 1
Based on scenario 3, which risk treatmentoption did EsTeeMed select after analysing the Incident?
Suggested Answer: C Vote an answer
After analyzing the incident, EsteeMed decided to accept the actual risk level, deeming the likelihood of a similar incident occurring in the future as low and considering the existing security measures as sufficient.
This decision indicates that EsteeMed selected the risk treatment option of risk retention, where the organization accepts the risk and continues operations without additional measures.
References:
* ISO/IEC 27005:2018- Provides guidelines for information security risk management and details various risk treatment options, including risk retention, where risks are accepted by the organization.
* NIST SP 800-39- Managing Information Security Risk, which discusses risk management strategies including risk retention.
This decision indicates that EsteeMed selected the risk treatment option of risk retention, where the organization accepts the risk and continues operations without additional measures.
References:
* ISO/IEC 27005:2018- Provides guidelines for information security risk management and details various risk treatment options, including risk retention, where risks are accepted by the organization.
* NIST SP 800-39- Managing Information Security Risk, which discusses risk management strategies including risk retention.
by Veromca at Jul 05, 2025, 07:31 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).