Ann a technician received a spear-phishing email asking her to update her personal information by
clicking the link within the body of the email. Which of the following type of training would prevent
Ann and other employees from becoming victims to such attacks?
A.
User Awareness
B.
Acceptable Use Policy
C.
Personal Identifiable Information
D.
Information Sharing
Explanation:
Personally identifiable information (PII) is a catchall for any data that can be used to uniquely
identify an individual. This data can be anything from the person’s name to a fingerprint (think
biometrics), credit card number, or patient record. Employees should be made aware of this type
of attack by means of training.
The answer provided as correct for this is in fact incorrect. The training that is required for employees regarding this kind of attack would be User Awareness training, PII is what is being looked for.
0
0
Agree with Ron. Even the last sentence from the explication states that users need training: “Employees should be made aware of this type
of attack by means of training.”
0
0