Question

In information security, which of the following is true about managing risk?

A: All organizations except financial institutions should invest heavily in security safeguards.
B: Passwords are classified as technical safeguards.
C: Physical security is classified as human safeguards.
D: Organizations should implement safeguards that balance the trade-off between risk and cost.

Answer 1

In information security, organizations should implement safeguards that balance the trade-off between risk and cost. Passwords are classified as technical safeguards and physical security is classified as human safeguards.

Step-by-step explanation:

In information security, organizations should implement safeguards that balance the trade-off between risk and cost. This means that organizations need to assess the potential risks they face and implement security measures that are proportionate to the level of risk and the resources available. For example, financial institutions may need to invest heavily in security safeguards due to the sensitive nature of the data they handle, while other organizations may prioritize different security measures based on their specific needs.

Passwords are classified as technical safeguards, as they are a measure used to protect digital systems and data. Physical security, on the other hand, is classified as a human safeguard, as it involves physical measures such as locks, access control systems, and security personnel to protect physical assets and premises.