Several employees clicked on a link in a malicious message that bypassed the spam filter and their PCs
were infected with malware as a result. Which of the following BEST prevents this situation from
occurring in the future?

A.
Data loss prevention

B.
Enforcing complex passwords

C.
Security awareness training

D.
Digital signatures

Explanation:
Security awareness and training include explaining policies, procedures, and current threats to both users
and management. A security awareness and training program can do much to assist in your efforts to
improve and maintain security. Ideally, a security awareness training program for the entire organization
should cover the following areas:
Importance of security
Responsibilities of people in the organizationPolicies and procedures
Usage policies
Account and password-selection criteria
Social engineering prevention
Incorrect Answers:
A: Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical
information outside the corporate network. The term is also used to describe software products that help
a network administrator control what data end users can transfer.
B: Enforcing complex passwords will not prevent employees clicking on messages that already bypassed
the spam filters.
D: Digital signatures are electronic mechanisms to prove that a message was sent from a specific user,
this does not prevent employees from clicking on messages that contains malicious content that already
bypassed the span filters.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 399-404, 420