CAS-001 · Question #289
CAS-001 Question #289: Real Exam Question with Answer & Explanation
The correct answer is B: customized for the various departments and staff roles.. Effective security awareness programs must be role-appropriate. A developer, an HR administrator, a data entry clerk, and a C-suite executive all interact with sensitive data differently and face different threats. Customizing training content by department and role ensures relev
Question
Options
- Apresented by top level management to only data handling staff.
- Bcustomized for the various departments and staff roles.
- Ctechnical in nature to ensure all development staff understand the procedures.
- Dused to promote the importance of the security department.
Explanation
Effective security awareness programs must be role-appropriate. A developer, an HR administrator, a data entry clerk, and a C-suite executive all interact with sensitive data differently and face different threats. Customizing training content by department and role ensures relevance and better retention - employees are more likely to apply security principles when examples match their actual workflows. Option A restricts training to only data handling staff and top management presenting it is impractical for a large company. Option C's purely technical approach would alienate non-technical staff who also handle sensitive data. Option D's goal of promoting the security department is self-serving and not the purpose of an awareness program.
Community Discussion
No community discussion yet for this question.