Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CRISC Exam - Topic 8 Question 85 Discussion

Actual exam question for Isaca's CRISC exam
Question #: 85
Topic #: 8
[All CRISC Questions]

Management has required information security awareness training to reduce the risk associated with credential compromise. What is the BEST way to assess the effectiveness of the training?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Gracia at Sep 15, 2024, 12:12 PM

Limited Time Offer

25%

Off

Get Premium CRISC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Santos
6 months ago
D is important too, but not really for assessing training effectiveness.
upvoted 0 times
...
Ciara
6 months ago
Wait, can a quiz really measure if they’ll handle real threats?
upvoted 0 times
...
Mattie
6 months ago
B seems more about the materials than actual effectiveness.
upvoted 0 times
...
Laura
7 months ago
Totally agree with A! It's the best way to see if they really learned anything.
upvoted 0 times
...
Bette
7 months ago
I think A is the best option. Real-world testing shows true effectiveness.
upvoted 0 times
...
Ariel
7 months ago
Performing a vulnerability assessment seems too broad for this question; I think it’s more about individual awareness than system weaknesses.
upvoted 0 times
...
Alverta
7 months ago
I feel like an end-of-training quiz is a straightforward way to assess knowledge, but I wonder if it really reflects real-world application.
upvoted 0 times
...
Mable
7 months ago
I think auditing the training materials could help ensure they're up to date, but it doesn't really test if people actually learned anything.
upvoted 0 times
...
Nathan
8 months ago
I remember discussing how social engineering tests can really show if employees are applying what they learned, but I'm not sure if that's the best measure.
upvoted 0 times
...
Ruthann
8 months ago
I'm feeling pretty confident about this one. The answer has to be option C - administering an end-of-training quiz. That's the most direct way to evaluate how much the employees have learned from the training.
upvoted 0 times
...
Val
8 months ago
I'm a little confused on this one. Wouldn't auditing the training materials be a good way to check the quality of the content? Or is that not the best approach for assessing the actual effectiveness?
upvoted 0 times
...
India
8 months ago
Okay, I think I've got it. The best way to assess the effectiveness of the training is to conduct social engineering testing. That will really put the employees' knowledge to the test and show if the training is working.
upvoted 0 times
...
Elvera
8 months ago
This seems like a tricky one. I'm not sure if I should go with the social engineering testing or the end-of-training quiz. Hmm, let me think this through.
upvoted 0 times
...
Trina
8 months ago
Hmm, not sure about this one. The prompt is a bit vague, and I'm not totally clear on what they're looking for in terms of "strategic quality and planning." Guess I'll have to think it through step-by-step.
upvoted 0 times
...
Alyce
1 year ago
Wait, they're testing our security awareness, so shouldn't we all just choose D) and try to hack the system? That's the real test, right?
upvoted 0 times
Natalya
11 months ago
We should focus on understanding the material and applying it to our daily work to show that the training is effective.
upvoted 0 times
...
Elza
12 months ago
I agree, choosing D) and trying to hack the system is not the way to assess the effectiveness of the training.
upvoted 0 times
...
Tuyet
12 months ago
No, that's not the right approach. We should take the training seriously and follow the guidelines.
upvoted 0 times
...
...
Simona
1 year ago
A) Conduct social engineering testing? That's like trying to catch someone in the act. I'd rather just give them the good ol' quiz, C).
upvoted 0 times
...
Stephanie
1 year ago
Hmm, D) Perform a vulnerability assessment? Seems a bit overkill for just checking the training. I'll stick with C) - nice and straightforward.
upvoted 0 times
Juan
12 months ago
C) Monitor employee behavior for changes in security practices
upvoted 0 times
...
Simona
1 year ago
B) Distribute a survey to employees to gauge their understanding
upvoted 0 times
...
Vi
1 year ago
A) Conduct a phishing simulation to test employee response
upvoted 0 times
...
...
Curt
1 year ago
I'm going with B) Audit security awareness training materials. Checking the content is key to ensuring the training is effective.
upvoted 0 times
Cammy
1 year ago
I think conducting social engineering testing could also be helpful to see if employees are applying what they learned in the training.
upvoted 0 times
...
Chandra
1 year ago
That's a good choice. It's important to make sure the training materials are accurate and up to date.
upvoted 0 times
...
...
Kenneth
1 year ago
C) Administer an end-of-training quiz seems like the obvious choice here. Gotta test that knowledge, you know?
upvoted 0 times
...
Carma
1 year ago
I believe administering an end-of-training quiz would also be a good way to assess the effectiveness of the training.
upvoted 0 times
...
Cordelia
1 year ago
I agree with Jovita, social engineering testing can really show if the training is effective.
upvoted 0 times
...
Jovita
1 year ago
I think the best way is to conduct social engineering testing.
upvoted 0 times
...

Save Cancel