nerdexam
ExamsGCIHQuestions#478
GIAC

GCIH · Question #478

GCIH Question #478: Real Exam Question with Answer & Explanation

The correct answer is B: Awareness training. Awareness training reduces worm infections by educating users to avoid the risky behaviors - such as opening suspicious email attachments or executing untrusted files - that serve as common initial infection vectors.

Question

Which security practice is most likely to reduce worm infections?

Options

  • AEncryption
  • BAwareness training
  • CAdministrative privilege controls
  • DDevice inventory
  • EPatching

Explanation

Awareness training reduces worm infections by educating users to avoid the risky behaviors - such as opening suspicious email attachments or executing untrusted files - that serve as common initial infection vectors.

Common mistakes.

  • A. Encryption protects data confidentiality in transit or at rest but does not prevent malicious code from executing on a host.
  • C. Administrative privilege controls limit damage after infection but do not prevent a worm from initially entering the environment through a user action.
  • D. Device inventory helps track assets and identify unauthorized devices but does not directly prevent worm propagation.
  • E. Patching closes known vulnerabilities exploited by worms but does not address user-driven infection vectors such as opening malicious attachments.

Concept tested. Human-layer controls for preventing malware infections

Reference. https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCIH Practice