Certified Information Security Manager (CISM) — Question 636

Which of the following is MOST helpful in preventing cybersecurity incidents?

Answer options

• A. Testing the backup plan according to a defined schedule
• B. Documenting and testing incident response plans
• C. Delivering periodic end-user security awareness training
• D. Implementing best practice password parameters

Correct answer: C

Explanation

Providing regular security awareness training for users is crucial as it equips employees with the knowledge to recognize and respond to potential threats. While testing backup plans, documenting incident response, and implementing password policies are all important, they do not directly address the human element that often leads to cybersecurity incidents.