CAS-003 · Question #941
A company has experienced negative publicity associated with users giving out their credentials accidentally or sharing intellectual secrets that were not property defined. The company recently implem
The correct answer is B. A policy outlining what is and is not acceptable on social media. The existing controls address phishing (training reduced victims from 100 to 2), data exfiltration (DLP), and hardware-based leakage (USB and personal email blocked). The remaining gap is social media: employees could still inadvertently or deliberately share credentials or intel
Question
A company has experienced negative publicity associated with users giving out their credentials accidentally or sharing intellectual secrets that were not property defined. The company recently implemented some new process and is now testing their effectiveness. Over the last three months the number of phishing victims dropped from 100 to only two in the last test. The DLP solution that was implemented catches potential material leaks and the user responsible is retrained Personal email accounts and USB drives are restricted from the corporate network. Given the improvements which of the following would a security engineer identify as being needed n a gap analysis?
Options
- AAdditional corporate-wide training on phishing
- BA policy outlining what is and is not acceptable on social media
- CNotifications when a user falls victim to a phishing attack
- DPositive DLP preventions with stronger enforcement
How the community answered
(54 responses)- A4% (2)
- B69% (37)
- C20% (11)
- D7% (4)
Explanation
The existing controls address phishing (training reduced victims from 100 to 2), data exfiltration (DLP), and hardware-based leakage (USB and personal email blocked). The remaining gap is social media: employees could still inadvertently or deliberately share credentials or intellectual property on platforms like LinkedIn, Twitter, or Facebook - none of which the described controls restrict. A formal social media policy would define what information is and is not acceptable to post publicly. Option A is unnecessary since phishing training is already highly effective. Option C (notifications after a phishing victim is identified) is reactive and does not address the gap. Option D suggests stronger DLP enforcement, but the DLP is already catching leaks and triggering retraining.
Topics
Community Discussion
No community discussion yet for this question.