Certified Information Security Manager (CISM) — Question 138

Which of the following BEST protects against phishing attacks?

Answer options

• A. Security strategy training
• B. Email filtering
• C. Network encryption
• D. Application whitelisting

Correct answer: A

Explanation

The correct answer, Security strategy training, is essential as it educates users on recognizing phishing attempts, which is crucial in preventing such attacks. While Email filtering can reduce the number of phishing emails, it is not foolproof and cannot catch all threats. Network encryption and Application whitelisting serve different security purposes and do not specifically address the risks associated with phishing.