Certified Information Security Manager (CISM) — Question 672

Which of the following would BEST mitigate accidental data loss events?

Answer options

• A. Enforce a data hard drive encryption policy
• B. Conduct a data loss prevention audit
• C. Conduct periodic user awareness training
• D. Obtain senior management support for the information security strategy

Correct answer: C

Explanation

Correct answer C is right because periodic user awareness training helps individuals understand the importance of data security and the potential risks of accidental loss. Options A and B focus on technical measures and audits, which are important but do not directly address user behavior. Option D, while valuable for overall support, does not specifically target the mitigation of accidental data loss events.