Ann a technician received a spear-phishing email asking her to update her personal information by
clicking the link within the body of the email. Which of the following type of training would prevent
Ann and other employees from becoming victims to such attacks?
A.
User Awareness
B.
Acceptable Use Policy
C.
Personal Identifiable Information
D.
Information Sharing
Explanation:
Personally identifiable information (PII) is a catchall for any data that can be used to uniquely
identify an individual. This data can be anything from the person’s name to a fingerprint (think
biometrics), credit card number, or patient record. Employees should be made aware of this type
of attack by means of training.