CISM Certified Information Security Manager – Question1112

Which of the following is the MOST effective, positive method to promote security awareness?

A.
Competitions and rewards for compliance
B. Lock-out after three incorrect password attempts
C. Strict enforcement of password formats
D. Disciplinary action for noncompliance

Correct Answer: A

Explanation:

Explanation:
Competitions and rewards are a positive encouragement to user participation in the security program. Merely locking users out for forgetting their passwords does not enhance user awareness. Enforcement of password formats and disciplinary actions do not positively promote awareness.