Certified Information Security Manager (CISM) — Question 122

Which of the following BEST demonstrates that an anti-phishing campaign is effective?

Answer options

• A. Improved staff attendance in awareness sessions
• B. Decreased number of incidents that have occurred
• C. Decreased number of phishing emails received
• D. Improved feedback on the anti-phishing campaign

Correct answer: B

Explanation

The correct answer, B, indicates that the campaign has successfully reduced the actual incidents of phishing, which is the ultimate goal. While options A, C, and D suggest improvements in awareness and perceptions, they do not directly measure the effectiveness of the campaign in preventing phishing attacks.