Certified Information Systems Auditor (CISA) — Question 345

Which of the following is the ULTIMATE objective of performing a phishing simulation test?

Answer options

• A. To improve the level of security awareness
• B. To remove the need to install spam filtering
• C. To reduce the likelihood of cyber incidents
• D. To identify the occurrence of cyber events

Correct answer: C

Explanation

The correct answer is C, as the ultimate aim of a phishing simulation test is to mitigate the risk of cyber incidents by educating users. Options A and D are related but are not the final goal, while B is incorrect because spam filtering is still necessary even when awareness is improved.