CERTIFIED-IN-CYBERSECURITY · Question #241
CERTIFIED-IN-CYBERSECURITY Question #241: Real Exam Question with Answer & Explanation
The correct answer is B: Recognizing and reporting phishing attempts. Phishing is an attack on information systems that attempts to fraudulently acquire sensitive information such as usernames, passwords, or credit card details by posing as a legitimate entity (see ISC2 Study Guide, Module 4). Therefore, security awareness training programs must te
Question
Which of the following is a common topic covered in security awareness training?
Options
- ADisabling antivirus software to improve system performance
- BRecognizing and reporting phishing attempts
- CHow to grant administrative access to all users
- DThe importance of sharing passwords with colleagues
Explanation
Phishing is an attack on information systems that attempts to fraudulently acquire sensitive information such as usernames, passwords, or credit card details by posing as a legitimate entity (see ISC2 Study Guide, Module 4). Therefore, security awareness training programs must teach users how to recognize and report common phishing attempts to minimize the amount of information that malicious actors can gain access to. The remaining options are not topics typically covered in security awareness training. Granting administrative access to all users is not recommended as it can lead to security vulnerabilities. Sharing passwords with colleagues is also not recommended, as it can lead to unauthorized access to sensitive information. Disabling antivirus software to improve system performance is not recommended, as it can leave the system vulnerable to malicious actors.
Topics
Community Discussion
No community discussion yet for this question.