CISSP-ISSMP · Question #183
You work as a security manager for SoftTech Inc. You are conducting a security awareness campaign for your employees. Which of the following ideas will you consider the best when conducting a security
The correct answer is C. Provide customized messages for different groups.. Providing customized messages for different groups is the most effective approach because different employee roles face different security threats, have different technical knowledge levels, and interact with sensitive systems in different ways. A system administrator needs techn
Question
You work as a security manager for SoftTech Inc. You are conducting a security awareness campaign for your employees. Which of the following ideas will you consider the best when conducting a security awareness campaign?
Options
- ATarget system administrators and the help desk.
- BProvide technical details on exploits.
- CProvide customized messages for different groups.
- DTarget senior managers and business process owners.
How the community answered
(43 responses)- A2% (1)
- B9% (4)
- C81% (35)
- D7% (3)
Explanation
Providing customized messages for different groups is the most effective approach because different employee roles face different security threats, have different technical knowledge levels, and interact with sensitive systems in different ways. A system administrator needs technical, in-depth security guidance, while an HR employee needs awareness around phishing and data privacy. Targeting only system administrators and help desk (A) or only senior managers (D) ignores the broader employee population, which is often the primary vector for social engineering attacks. Providing technical details on exploits (B) is inappropriate for a general awareness campaign - most employees do not need exploit-level detail and such content can overwhelm or confuse non-technical staff, reducing campaign effectiveness.
Topics
Community Discussion
No community discussion yet for this question.