CompTIA Security+ (SY0-701) — Question 510

A security report shows that during a two-week test period, 80% of employees unwittingly disclosed their SSO credentials when accessing an external website. The organization purposely created the website to simulate a cost-free password complexity test. Which of the following would best help reduce the number of visits to similar websites in the future?

Answer options

• A. Block all outbound traffic from the intranet.
• B. Introduce a campaign to recognize phishing attempts.
• C. Restrict internet access for the employees who disclosed credentials.
• D. Implement a deny list of websites.

Correct answer: B

Explanation

The correct answer is B because conducting a campaign to recognize phishing attempts educates employees on the risks of disclosing sensitive information, ultimately helping them identify and avoid similar threats in the future. Options A, C, and D may restrict access but do not address the root issue of employee awareness and education regarding phishing and credential security.