nerdexam
ExamsCAS-001Questions#196
CompTIA

CAS-001 · Question #196

CAS-001 Question #196: Real Exam Question with Answer & Explanation

The correct answer is D: Transferring risk. Creating a Service Level Agreement (SLA) with a third party is a textbook example of risk transference. The business shifts operational and financial responsibility for certain outcomes to the vendor - if the vendor fails to meet the SLA terms, the vendor bears the contractual li

Question

A business is currently in the process of upgrading its network infrastructure to accommodate a personnel growth of over fifty percent within the next six months. All preliminary planning has been completed and a risk assessment plan is being adopted to decide which security controls to put in place throughout each phase. Which of the following risk responses is MOST likely being considered if the business is creating an SLA with a third party?

Options

  • AAccepting risk
  • BMitigating risk
  • CIdentifying risk
  • DTransferring risk

Explanation

Creating a Service Level Agreement (SLA) with a third party is a textbook example of risk transference. The business shifts operational and financial responsibility for certain outcomes to the vendor - if the vendor fails to meet the SLA terms, the vendor bears the contractual liability. This does not eliminate the risk but transfers accountability. Accepting risk means acknowledging it without action. Mitigating risk involves implementing controls to reduce likelihood or impact. Identifying risk is the assessment phase, not a response strategy. An SLA contractually binds a third party to performance standards, which is the defining characteristic of risk transference.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-001 Practice