Certified Information Security Manager (CISM) — Question 661

Which of the following is the BEST method for reducing the risk of data loss due to phishing attacks?

Answer options

• A. Changing passwords frequently
• B. Implementing data loss prevention
• C. Using spam filtering solutions
• D. Educating users

Correct answer: D

Explanation

Educating users is the best method as it empowers them to recognize and avoid phishing attempts, thus preventing data loss. While changing passwords, implementing data loss prevention, and using spam filters can help, they do not directly address the human factor that phishing exploits.