Q: 7
It work security team noticed that an increasing number of employees are becoming victims of
phishing attacks. Which security program should be implemented to mitigate the problem?
Options
Discussion
My pick: D, unless the question means technical only but phishing is a user problem first. If the attack was malware via USB I'd rethink but here user awareness training flips the outcome.
Option D that’s the main one for phishing since it targets the user side.
Option D but does it specify if technical controls are already in place? That could change things.
D , had something like this in a mock. Phishing is about tricking users more than bypassing tech controls, so user awareness training (D) gets to the root cause. Firewalls and patches won’t really stop someone from clicking a suspicious link. Pretty sure D is the intended answer here, but if anyone thinks otherwise, I’m interested to hear it.
D . A is a common trap because patching matters for exploits, but phishing mainly targets users, not software flaws. CCNA likes to test if you catch that difference.
D imo. A feels like a trap since patching email doesn't teach users what to look for, and phishing is all about social tricks. Not 100% sure but that's what CCNA seems to push.
Don't think A helps directly here, since phishing is about tricking users not email software bugs. D.
D works since phishing is all about tricking users. Technical stuff like firewalls (C) or patches (A) help, but training people to spot fake emails hits the root of the issue. Pretty sure that's what they're after here, unless I'm missing another angle.
C/D? Firewalls help against malware but user training (D) targets phishing tricks better imo.
Don't think A really addresses phishing directly. D is the better fit since awareness training actually deals with people getting tricked, not just software flaws. Pretty sure that's what they want here, though A often catches folks out.
Be respectful. No spam.
