Q: 5
What does the result of Cost-Benefit Analysis (C8A) on new security initiatives provide?
Options
Discussion
A , this matches what the official guide stresses and I’ve seen similar in practice exams.
Its A. D trips people up but CBA's output is just quantifiable justification, not the formal acceptance step.
A , similar question was on my last practice set and it was always about quantifiable justification.
A makes the most sense here. Cost-Benefit Analysis is all about showing management a clear, financial reason to approve (or reject) a security investment-so it's the quantifiable justification they're after. Risk evaluation (C) is part of doing the CBA but not what gets delivered at the end. Pretty sure A is right, but open to other views if I'm missing something.
Pretty sure A, that's what the official study guide and main exam practice sources say too.
I get why folks are thinking C here. Risk evaluation is definitely part of the process, since you have to know your risks before doing a CBA. So I'd pick C too, since the analysis ends up tying security investments back to risk levels. Might be missing the focus on justifying with numbers though. Anyone got a different take?
C tbh, saw similar wording on a practice exam and risk evaluation was the expected output.
Probably A, since cost-benefit analysis is all about making the case in numbers for why a security investment makes sense. It’s less about risk evaluation itself and more about giving management something quantifiable to decide on. Makes sense? Open to other views.
I think it's C. A risk evaluation is usually part of the analysis for new security options.
Be respectful. No spam.
