Human Resources (HR) would like executives to undergo only two specific security training programs a year.
Which of the following provides the BEST level of security training for the executives? (Choose two.)
Acceptable use of social media
Data handling and disposal
Zero day exploits and viruses
Phishing threats and attacks
Clean desk and BYOD
Information security awareness
Managers/ i.e. executives in the company are concerned with more global issues in the organization, including
enforcing security policies and procedures. Managers should receive additional training or exposure that
explains the issues, threats, and methods of dealing with threats. Management will also be concerned about
productivity impacts and enforcement and how the various departments are affected by security policies.
Phishing is a form of social engineering in which you ask someone for a piece of information that you are
missing by making it look as if it is a legitimate request. An email might look as if it is from a bank and contain
some basic information, such as the user’s name. Executives easily fall prey to phishing if they are not trained
to lookout for these attacks.