EC-Council
312-50V9 · Question #171
312-50V9 Question #171: Real Exam Question with Answer & Explanation
The correct answer is A: By implementing written security procedures, enabling employee security training, and promoting. Security policies improve employee awareness by establishing formal written procedures and structured training programs that set clear expectations for secure behavior.
Question
How can a policy help improve an employee's security awareness?
Options
- ABy implementing written security procedures, enabling employee security training, and promoting
- BBy using informal networks of communication, establishing secret passing procedures, and
- CBy sharing security secrets with employees, enabling employees to share secrets, and
- DBy decreasing an employee's vacation time, addressing ad-hoc employment clauses, and
Explanation
Security policies improve employee awareness by establishing formal written procedures and structured training programs that set clear expectations for secure behavior.
Common mistakes.
- B. Informal communication networks and secret passing procedures lack the structure and accountability required to effectively govern employee security behavior.
- C. Sharing security secrets with employees and enabling them to share secrets violates the need-to-know principle and increases the risk of unauthorized disclosure.
- D. Reducing vacation time and modifying ad-hoc employment clauses have no direct relationship to building or improving employee security awareness.
Concept tested. Security policy role in employee awareness training
Reference. https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-50.pdf
Community Discussion
No community discussion yet for this question.