ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CGEIT All Questions

View all questions & answers for the CGEIT exam
Go to Exam

Exam CGEIT topic 1 question 320 discussion

Actual exam question from Isaca's CGEIT
Question #: 320
Topic #: 1
[All CGEIT Questions]

An enterprise wants to address the human factors of social engineering risk within the organization. From a governance perspective, which of the following is the
BEST way to mitigate this risk?

  • A. Mandate security requirements be included in employee contracts.
  • B. Distribute the social media information security policy to staff.
  • C. Mandate annual security awareness training.
  • D. Restrict access to social media.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by WongY at Aug. 7, 2021, 7:43 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
WongY
Highly Voted 3 years, 3 months ago
why not C?
upvoted 6 times
...
SuperMax
Most Recent 8 months ago
Selected Answer: C
C. Mandate annual security awareness training. The BEST way to mitigate the human factors of social engineering risk within an organization from a governance perspective is to mandate annual security awareness training. Social engineering attacks often exploit human vulnerabilities, such as ignorance of security best practices, lack of awareness about the risks associated with certain behaviors, and susceptibility to manipulation. Security awareness training helps employees recognize potential social engineering tactics, understand the importance of following security policies and procedures, and learn how to respond effectively to suspicious requests or activities.
upvoted 1 times
...
yihwen
1 year, 4 months ago
Selected Answer: C
From a governance perspective, the BEST way to mitigate the risk of social engineering in an organization is: C. Mandate annual security awareness training. Social engineering is a technique used by attackers to manipulate individuals into revealing sensitive information or performing actions that compromise security. It relies on exploiting human factors such as trust, curiosity, and ignorance. To address this risk, it is important to educate and raise awareness among employees about the tactics and risks associated with social engineering.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago