The National Institute of Standards and Technology (NIST) defines three categories of risk mitigation strategies in incident management. They are:
Practise this CISM Security Mgr Practice 202 question free, then download the PDF, watch the video walkthrough, or unlock timed mock exams for the full web bank.
✓ Correct answer: D. Avoidance, Transference, and MitigationAnswer: Avoidance, Transference, and Mitigation NIST defines the three categories of risk mitigation strategies as: Avoidance (eliminating the risk factor entirely through preventive measures) Transference (shifting the risk to a third party, typically through insurance or outsourcing) Mitigation (reducing the impact or likelihood of the risk through control measures)
Keep practising. Use the free CISM Security Mgr Practice 202 PDF, watch the YouTube walkthrough, or unlock all 10 web questions with timed mock exams.
Free practice here. Timed mocks when you are ready.
Study the CISM Security Mgr Practice 202 free question explanations, download the PDF, then unlock timed mock exams on the web when you want exam-day practice.