A company has noticed a trend of attackers gaining access to corporate mailboxes. Which of the following would be the BEST action to take to plan for this kind of attack in the future?
A company has noticed a trend of attackers gaining access to corporate mailboxes. Which of the following would be the BEST action to take to plan for this kind of attack in the future?
Conducting security awareness training is the best action to take to plan for this kind of attack in the future. This approach addresses the root cause by educating employees on how to recognize and avoid phishing attempts, which are a common method used to gain access to corporate mailboxes. While scanning for vulnerabilities and hardening servers are important, they do not address the human factor, which is critical in preventing such attacks. Auditing password complexity is also useful but insufficient on its own to prevent sophisticated phishing attacks. Awareness training provides employees with the necessary knowledge to safeguard themselves and the organization from these types of threats.
The best action to take to plan for this kind of attack in the future is B. Conducting security awareness training. Security awareness training teaches employees how to identify and avoid phishing attacks. It also teaches them how to protect their passwords and other sensitive information.