nerdexam
(ISC)2

CISSP · Question #17

Which of the following is the BEST mitigation from phishing attacks?

The correct answer is B. Security awareness training. Security awareness training is the process of educating users on the potential threats and risks they may face online, and the best practices and behaviors they should adopt to protect themselves and the organization. Security awareness training is the best mitigation from phishi

Submitted by dimitri_ru· Mar 5, 2026Security Operations

Question

Which of the following is the BEST mitigation from phishing attacks?

Options

  • ANetwork activity monitoring
  • BSecurity awareness training
  • CCorporate policy and procedures
  • DStrong file and directory permissions

How the community answered

(41 responses)
  • A
    5% (2)
  • B
    78% (32)
  • C
    12% (5)
  • D
    5% (2)

Explanation

Security awareness training is the process of educating users on the potential threats and risks they may face online, and the best practices and behaviors they should adopt to protect themselves and the organization. Security awareness training is the best mitigation from phishing attacks, as it can help users recognize and avoid malicious emails, links, or attachments that may compromise their credentials, data, or devices. Network activity monitoring, corporate policy and procedures, and strong file and directory permissions are also important security measures, but they are not as effective as security awareness training in preventing phishing attacks, as they rely on technical controls rather than human factors.

Topics

#phishing mitigation#security awareness#social engineering#user education

Community Discussion

No community discussion yet for this question.

Full CISSP Practice