An online banking institution is concerned that the breach of customer personal information will
have a significant financial impact due to the need to notify and compensate customers whose
personal information may have been compromised. The institution determines that residual risk
will always be too high and decides to:
A.
mitigate the impact by purchasing insurance.
B.
implement a circuit-level firewall to protect the network.
C.
increase the resiliency of security measures in place.
D.
implement a real-time intrusion detection system.
Explanation:
Since residual risk will always be too high, the only practical solution is to mitigate the financial
impact by purchasing insurance.