CompTIA CySA+ (CS0-002) — Question 232
Security awareness and compliance programs are most effective at reducing the likelihood and impact of attacks from:
Answer options
- A. advanced persistent threats.
- B. corporate spies.
- C. hacktivists.
- D. insider threats.
Correct answer: D
Explanation
Insider threats are often more challenging to detect and mitigate because they involve individuals who already have access to the organization's systems and data. Security awareness and compliance programs educate employees about potential risks and encourage them to report suspicious behavior, which helps in minimizing insider threats. The other options, while valid concerns, typically involve external actors who may not be as influenced by internal training programs.