Exam PT1-002 topic 1 question 15 discussion

Actual exam question from CompTIA's PT1-002

Question #: 15
Topic #: 1

A company conducted a simulated phishing attack by sending its employees emails that included a link to a site that mimicked the corporate SSO portal. Eighty percent of the employees who received the email clicked the link and provided their corporate credentials on the fake site. Which of the following recommendations would BEST address this situation?

A. Implement a recurring cybersecurity awareness education program for all users.
B. Implement multifactor authentication on all corporate applications.
C. Restrict employees from web navigation by defining a list of unapproved sites in the corporate proxy.
D. Implement an email security gateway to block spam and malware from email communications.

Show Suggested Answer

Suggested Answer: A 🗳️

by DrChats at Nov. 30, 2021, 12:26 p.m.

Comments

Submit Cancel

[Removed]

1 year, 8 months ago

I thinks it B. If you implement the cyber security awareness training, who is to say that will reduce it to 0% percent the next time the phishing campaign rolls out. With MFA you can prevent the SSO fake site from working, while also ultimately stopping unauthorized acces to the network.

upvoted 1 times

...