CompTIA CASP+ (CAS-004) — Question 246

A Chief Security Officer (CSO) is concerned about the number of successful ransomware attacks that have hit the company. The data indicates most of the attacks came through a fake email. The company has added training, and the CSO now wants to evaluate whether the training has been successful. Which of the following should the CSO implement?

Answer options

• A. Simulating a spam campaign
• B. Conducting a sanctioned vishing attack
• C. Performing a risk assessment
• D. Executing a penetration test

Correct answer: A

Explanation

Simulating a spam campaign allows the organization to test employees' responses to phishing attempts, thereby assessing the effectiveness of the training provided. The other options, while useful in different contexts, do not specifically evaluate how well employees can identify and react to phishing emails, which is the primary concern after the training.