A company's finance department acquired a new payment system that exports data to an unencrypted file on the system. The company implemented controls on the file so only appropriate personnel are allowed access. Which of the following risk techniques did the department use in this situation?
The technique used by the company's finance department in this situation is to mitigate the risk. Mitigation involves taking steps to reduce the likelihood or impact of a risk. By implementing controls to restrict file access to appropriate personnel, the department has taken measures to reduce the risk of unauthorized access to the unencrypted file. This does not eliminate the risk entirely, but it does help to manage it within acceptable levels.
Another Camptia stupid question. You never store that kind of sensitive information in plain text and limiting access is not a mitigation because there will be a residual risk. Yet Answer D Mitigate makes the most sense out of the 4 answers.
Mitigate means you did something, even if it is not ideal. Source: Verifying each answer against Chat GPT, my experience, other test banks, a written book, and weighing in the discussion from all users to create a 100% accurate guide for myself before I take the exam. (It isn't easy because of the time needed, but it is doing my diligence)
Apply this logic back to your answer on question 184....
Common man, look the question carefully, they said "...suggest a solution...", not implemented yet
Mitigated but the Residual is high and probably not in compliance with regulations.