CISSP · Question #1517
Drag and Drop Question In which order, from MOST to LEAST impacted, does user awareness training reduce the occurrence of the events below? Answer:
User Awareness Training: Impact Ordering The question asks which security events are most reduced by training users. The logic is: the more a threat relies on user ignorance or accidental behavior, the more training helps. --- 1. User-Instigated (Most Impacted) These are incident
Question
Exhibit
Options
- 1User-instigated
- 2Virus infiltrations
- 3Disloyal employees
- 4Targeted infiltration
Explanation
User Awareness Training: Impact Ordering
The question asks which security events are most reduced by training users. The logic is: the more a threat relies on user ignorance or accidental behavior, the more training helps.
1. User-Instigated (Most Impacted)
These are incidents caused directly by the user - clicking phishing links, visiting malicious sites, downloading unsafe files, weak passwords, etc. Training has maximum impact here because the user is the threat vector. Eliminating ignorance eliminates the cause entirely.
Common misconception: People underestimate how large this category is. The majority of breaches involve some user action.
2. Virus Infiltrations
Viruses often enter via user behavior - opening email attachments, plugging in unknown USB drives, downloading software. Training helps users recognize and avoid these vectors. However, some viruses exploit unpatched systems with no user interaction, so training doesn't eliminate 100% of risk.
Common misconception: Thinking antivirus software makes training irrelevant - users still need to avoid bringing malware in the first place.
3. Disloyal Employees
Training can reinforce ethical expectations, policy compliance, and awareness that actions are monitored - which may deter some insider threats. However, a genuinely disloyal/malicious employee already knows what they're doing. Training has limited effect on intent.
Common misconception: Confusing "awareness training" with deterrence controls - training informs, but doesn't fix motivation.
4. Targeted Infiltration (Least Impacted)
Sophisticated, targeted attacks (APTs, nation-state actors) are highly persistent and technically advanced. They adapt to bypass trained users - using zero-days, spear-phishing that bypasses normal detection, or compromising systems without any user involvement. Training helps marginally but cannot stop a determined, skilled adversary.
Common misconception: Assuming training is a strong defense against APTs - it is not; technical controls dominate here.
Key principle: Training effectiveness decreases as attacker sophistication and deliberate malicious intent increases.
Topics
Community Discussion
No community discussion yet for this question.
