CISA Certified Information Systems Auditor – Question2713

Which of the following reduces the potential impact of social engineering attacks?

A.
Compliance with regulatory requirements
B. Promoting ethical understanding
C. Security awareness programs
D. Effective performance incentives

Correct Answer: C

Explanation:

Explanation:
Because social engineering is based on deception of the user, the best countermeasure or defense is a security awareness program. The other choices are not user-focused.