CompTIA Security+ (SY0-701) — Question 68

Which of the following factors are the most important to address when formulating a training curriculum plan for a security awareness program? (Choose two.)

Answer options

• A. Channels by which the organization communicates with customers
• B. The reporting mechanisms for ethics violations
• C. Threat vectors based on the industry in which the organization operates
• D. Secure software development training for all personnel
• E. Cadence and duration of training events
• F. Retraining requirements for individuals who fail phishing simulations

Correct answer: C, E

Explanation

The correct answers, C and E, focus on understanding the specific threats relevant to the organization and ensuring that training is appropriately timed and structured. Options A and B do not directly relate to security awareness training, while D and F, while relevant, are not as critical as addressing the industry's specific threat vectors and the overall training cadence.