CompTIA CySA+ (CS0-001) — Question 141

A recently issued audit report highlighted exceptions related to end-user handling of sensitive data and access credentials. A security manager is addressing the findings. Which of the following activities should be implemented?

Answer options

• A. Update the password policy
• B. Increase training requirements
• C. Deploy a single sign-on platform
• D. Deploy Group Policy Objects

Correct answer: B

Explanation

Increasing training requirements is essential as it educates users on proper handling of sensitive data and access credentials, directly addressing the identified issues. Updating the password policy, deploying a single sign-on platform, and utilizing Group Policy Objects are beneficial but do not specifically target user behavior and awareness, which are crucial for resolving the audit report's findings.