Certified Ethical Hacker (CEH v12) — Question 147

A large corporation is planning to implement preventive measures to counter a broad range of social engineering techniques. The organization has implemented a signature-based IDS, intrusion detection system, to detect known attack payloads and network flow analysis to monitor data entering and leaving the network. The organization is deliberating on the next step. Considering the information provided about various social engineering techniques, what should be the organization's next course of action?

Answer options

• A. Implement endpoint detection and response solution to oversee endpoint activities
• B. Set up a honeypot to attract potential attackers into a controlled environment for analysis
• C. Deploy more security personnel to physically monitor key points of access
• D. Organize regular employee awareness training regarding social engineering techniques and preventive measures

Correct answer: D

Explanation

The correct answer is D because regular employee training is crucial in raising awareness about social engineering tactics, which is a primary defense against such threats. While A, B, and C may enhance security, they do not address the human element that is often exploited in social engineering attacks.