What risk management strategy involves implementing an intrusion prevention system to block network attacks?

The correct strategy in this context is risk mitigation. This approach focuses on reducing the impact or likelihood of risks through various controls and measures. By implementing an intrusion prevention system (IPS), an organization actively works to decrease the risk of network attacks, which aligns with the primary goal of mitigating identified risks. The IPS analyzes network traffic and can block potential threats, thus helping to protect sensitive data and maintain the integrity of the network.

In risk mitigation, organizations seek to address risks by implementing security measures, like the IPS, in order to minimize potential disruptions or losses. This strategy is commonly applied in cybersecurity to fortify defenses against intrusions and to enhance the overall security posture.

Other strategies mentioned, like risk acceptance, would mean acknowledging the risk without taking additional measures, while risk avoidance involves changing business processes to eliminate risks entirely. Risk transference refers to shifting the risk to another party, such as through outsourcing or insurance. Each of these strategies serves a different purpose, but they do not focus specifically on blocking attacks as risk mitigation does.