A large e-commerce company is concerned about a threat group that is seeking to acquire credentials for financial gain. Which measure is the best choice to reduce the chance of compromised accounts from targeted phishing attempts?
Provide ongoing security awareness classes
Dispose of data after a short retention period
Segment the environment to isolate critical assets
Providing ongoing security awareness classes is valuable because it helps employees recognize and report phishing attempts. Encryption alone does not prevent successful credential harvesting if an employee divulges login information. Network segmentation is a strong practice but does not specifically equip staff to spot fraudulent messages. Shortening data retention only limits stored records but does not address phishing campaigns.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is security awareness training effective against phishing attacks?
Open an interactive chat with Bash
What makes phishing a common tactic for credential harvesting?
Open an interactive chat with Bash
How does network segmentation differ from security awareness training in preventing phishing attacks?