An online banking institution is concerned that the breach of customer personal information will have a
significant financial impact due to the need to notify and compensate customers whose personal information
may have been compromised. The institution determines that residual risk will always be too high and decides
to:
A.
mitigate the impact by purchasing insurance.
B.
implement a circuit-level firewall to protect the network.
C.
increase the resiliency of security measures in place.
D.
implement a real-time intrusion detection system.
Explanation:
Since residual risk will always be too high, the only practical solution is to mitigate the financial impact by purchasing insurance.