Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

BCS Exam CISMP-V9 Topic 5 Question 93 Discussion

Actual exam question for BCS's CISMP-V9 exam
Question #: 93
Topic #: 5
[All CISMP-V9 Questions]

How might the effectiveness of a security awareness program be effectively measured?

1) Employees are required to take an online multiple choice exam on security principles.

2) Employees are tested with social engineering techniques by an approved penetration tester.

3) Employees practice ethical hacking techniques on organisation systems.

4) No security vulnerabilities are reported during an audit.

5) Open source intelligence gathering is undertaken on staff social media profiles.

Show Suggested Answer Hide Answer
Suggested Answer: A

When selecting a third-party digital forensics service provider, it is crucial to ensure that the company has the appropriate accreditations and the staff hold relevant certifications. This ensures that the service provider adheres to recognized standards and best practices in digital forensics, which is essential for the integrity and admissibility of evidence. Company accreditation provides assurance that the organization follows industry-recognized quality standards, while staff certification demonstrates that the individuals handling the forensic process are qualified and competent. This combination is vital for maintaining the credibility of the forensic investigation and the security of the data handled.


by Socorro at Jan 25, 2025, 05:59 AM

Limited Time Offer

25%

Off

Get Premium CISMP-V9 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Aaron
27 days ago
Option B looks good to me. Testing with social engineering techniques is the most realistic way to see if the security awareness program is working.
upvoted 0 times
...
Nana
1 months ago
Open source intelligence gathering on social media profiles? That's a bit creepy, don't you think? I'll stick with options 1 and 2 to keep it professional.
upvoted 0 times
Portia
8 days ago
I agree, open source intelligence gathering does seem invasive.
upvoted 0 times
...
...
Gladys
1 months ago
Haha, practicing ethical hacking? That sounds like a lot of fun! I'd go with option C just to get a chance to try that out.
upvoted 0 times
Cecil
1 days ago
User 2: I agree, it would be interesting to try out. I think option C is the way to go.
upvoted 0 times
...
Alyce
13 days ago
User 1: Practicing ethical hacking does sound like fun!
upvoted 0 times
...
...
Judy
1 months ago
I don't know, option 4 sounds a bit unrealistic. Just because no vulnerabilities are reported doesn't mean the program is effective. You need to actually test the employees' behavior.
upvoted 0 times
...
Yaeko
2 months ago
Option C seems the most comprehensive approach to measuring the effectiveness of a security awareness program. Testing employees' knowledge and skills is crucial.
upvoted 0 times
Christiane
27 days ago
User 2
upvoted 0 times
...
Cassandra
1 months ago
User 1
upvoted 0 times
...
...
Stephania
2 months ago
Yeah, and open source intelligence gathering can provide valuable insights too.
upvoted 0 times
...
Novella
2 months ago
I agree, but I also think testing with social engineering techniques is important.
upvoted 0 times
...
Stephania
2 months ago
I think measuring effectiveness through ethical hacking is a good idea.
upvoted 0 times
...

Save Cancel