A security administrator has concerns about new types of media which allow for the mass distribution of
personal comments to a select group of people. To mitigate the risks involved with this media, employees
should receive training on which of the following?

A.
Peer to Peer

B.
Mobile devices

C.
Social networking

D.
Personally owned devices

Explanation:
There many companies that allow full use of social media in the workplace, believing that the marketing
opportunities it holds outweigh any loss in productivity. What they are unknowingly minimizing are the
threats that exist. Rather than being all new threats, the social networking/media threats tend to fall in
the categories of the same old tricks used elsewhere but in a new format. A tweet can be sent with a
shortened URL so that it does not exceed the 140-character limit set by Twitter; unfortunately, the user
has no idea what the shortened URL leads to. This makes training your employees regarding the risks
social networking entails essential.Incorrect Answers:
A: Peer-to-peer training is not going to mitigate security risks that are meant for mass distribution as
social networking is designed to do.
B: Mobile devices are used to produce and send personal messages on a mass distribution basis as is
facilitated by twitter, etc. these are social networking and to mitigate risks with this media your
employees must be trained in the dangers that social networking poses. You cannot expect of your
employees to leave their cell phones, etc. some other place when they are at work.
D: Personally owned devices can lead to company information getting intermingled with personal
information that employees can put at risk – not media that allows for mass distribution of personal
comments.

Dul Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex,
Indianapolis, 2014, pp. 404, 406
http://whatis.techtarget.com/definition/social-media