An information security manager has been assigned to implement more restrictive preventive
controls. By doing so, the net effect will be to PRIMARILY reduce the:
A.
threat.
B.
loss.
C.
vulnerability.
D.
probability.
Explanation:
Implementing more restrictive preventive controls mitigates vulnerabilities but not the threats.
Losses and probability of occurrence may not be primarily or directly affected.