nerdexam
ExamsSY0-301Questions#306
CompTIA

SY0-301 · Question #306

SY0-301 Question #306: Real Exam Question with Answer & Explanation

The correct answer is D: User training. When a policy requirement cannot be implemented through automated technical controls (software settings, access controls, firewall rules, etc.), the next best countermeasure is user training and awareness. Educating employees about the policy, the reasons behind it, and the conse

Question

Which of the following can be performed when an element of the company policy cannot be enforced by technical means?

Options

  • ADevelop a set of standards
  • BSeparation of duties
  • CDevelop a privacy policy
  • DUser training

Explanation

When a policy requirement cannot be implemented through automated technical controls (software settings, access controls, firewall rules, etc.), the next best countermeasure is user training and awareness. Educating employees about the policy, the reasons behind it, and the consequences of non-compliance creates a human control layer. Developing standards (A) and privacy policies (C) are documentation activities that still require enforcement mechanisms. Separation of duties (B) is an administrative/technical control that divides critical tasks among multiple people - it does not address gaps where technical enforcement is impossible. User training directly compensates for technical gaps by making people aware of and accountable for their behavior.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full SY0-301 Practice