Which of the following would MOST effectively reduce social engineering incidents?

A.
Security awareness training

B.
increased physical security measures

C.
E-mail monitoring policy

D.
intrusion detection systems

Explanation:
Social engineering exploits human nature and weaknesses to obtain information and access
privileges. By increasing employee awareness of security issues, it is possible to reduce the number
of successful social engineering incidents. In most cases, social engineering incidents do not require
the physical presence of the intruder. Therefore, increased physical security measures would not
prevent the intrusion. An e-mail monitoring policy informs users that all e-mail in the organization is
subject to monitoring; it does not protect the users from potential security incidents and intruders.
Intrusion detection systems are used to detect irregular or abnormal traffic patterns.