Which risk mitigation strategy combines aspects of risk acceptance and risk avoidance?

Study for the EC-Council Certified Ethical Hacker (CEH) v13 Exam. Utilize flashcards and multiple-choice questions with helpful hints and detailed explanations. Excel in your exam preparation!

Multiple Choice

Which risk mitigation strategy combines aspects of risk acceptance and risk avoidance?

Explanation:
Risk limitation is about reducing exposure to a manageable level while acknowledging some residual risk will remain. You put in controls to limit both the likelihood and impact of a risk, bringing it down to an acceptable level, but you don’t pretend it can be eliminated entirely. That blend—mitigating and constraining risk while accepting that a small amount persists—is why this option fits best. In contrast, risk acceptance means taking no additional action beyond acknowledging the risk; risk transference shifts the risk to another party (like insurance); and risk avoidance means eliminating the activity entirely to remove the risk. None of those combine both accepting residual risk and actively limiting exposure in the way risk limitation does.

Risk limitation is about reducing exposure to a manageable level while acknowledging some residual risk will remain. You put in controls to limit both the likelihood and impact of a risk, bringing it down to an acceptable level, but you don’t pretend it can be eliminated entirely. That blend—mitigating and constraining risk while accepting that a small amount persists—is why this option fits best.

In contrast, risk acceptance means taking no additional action beyond acknowledging the risk; risk transference shifts the risk to another party (like insurance); and risk avoidance means eliminating the activity entirely to remove the risk. None of those combine both accepting residual risk and actively limiting exposure in the way risk limitation does.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy