CompTIA CySA+ (CS0-003) — Question 280

A company was able to reduce triage time by focusing on historical trend analysis. The business partnered with the security team to achieve a 50% reduction in phishing attempts year over year. Which of the following action plans led to this reduced triage time?

Answer options

• A. Patching
• B. Configuration management
• C. Awareness, education, and training
• D. Threat modeling

Correct answer: C

Explanation

The correct answer is C, as awareness, education, and training programs empower employees to recognize and report phishing attempts, thus reducing the number of incidents and the time needed for triage. Patching and configuration management focus on system vulnerabilities rather than user behavior, while threat modeling is more about identifying potential threats rather than directly addressing phishing attempts.