Which choice below is NOT a generally accepted benefit of security
awareness, training, and education?

A.
A security awareness and training program can help an organization
reduce the number and severity of errors and omissions.

B.
A security awareness and training program will help prevent
natural disasters from occurring.

C.
A security awareness program can help operators understand the
value of the information.

D.
A security education program can help system administrators
recognize unauthorized intrusion attempts.

Explanation:
An effective computer security awareness and training program
requires proper planning, implementation, maintenance, and periodic
evaluation.

In general, a computer security awareness and training program
should encompass the following seven steps:
1. Identify program scope, goals, and objectives.
2 Identify training staff.
3. Identify target audiences.
4. Motivate management and employees.
5. Administer the program.
6. Maintain the program.
7. Evaluate the program.
Source: NIST Special Publication 800-14, Generally Accepted Principles
and Practices for Securing Information Technology Systems.