Leadership accepts ransomware risk without backup testing or IR exercises. Problem?
Multiple choice — select one answer
Answer choices
Architectural breakdown & explanation
Accepted risks still need compensating controls and validation.
Correct answer(s): d. Risk acceptance lacks controls and testing; likely ineffective during real events
Exam domain: Risk management alignment (20% weight on the official guide).
Official documentation & study links
Practice this certification
This page is one question from the KeyTrain's Key Training — Compliance & Governance bank. Run a full timed practice exam with domain-weighted random questions in your browser.