Which of the following is the BEST defense against successful phishing attacks?

Which of the following is the BEST defense against successful phishing attacks?

A.
Intrusion detection system

B.
Application hardening

C.
End-user awareness

D.
Spam filters

Explanation:

Phishing is a way of attempting to acquire information such as usernames, passwords, and credit
card details by masquerading as a trustworthy entity in an electronic communication. Phishing
attacks are a type of to social engineering attack and are best defended by end-user awareness
training.
Answer B is incorrect. Application hardening does not protect against phishing attacks since
phishing attacks generally use e-mail as the attack vector, with the end-user as the vulnerable
point, not the application.
Answer D is incorrect. Certain highly specialized spam filters can reduce the number of phishing emails that reach the inboxes of user, but they are not as effective in addressing phishing attack as
end-user awareness.
Answer A is incorrect. An intrusion detection system does not protect against phishing attacks

since phishing attacks usually do not have a particular pattern or unique signature.