What would be the PRIMARY reason for an organization to conduct a simulated phishing attack on its employees as part of a social engineering assessment?
A. Measure the effectiveness of security awareness training.
B. Identify the need for mitigating security controls.
C. Measure the effectiveness of the anti-spam solution.
D. Test the effectiveness of the incident response plan.
A. Measure the effectiveness of security awareness training.
B. Identify the need for mitigating security controls.
C. Measure the effectiveness of the anti-spam solution.
D. Test the effectiveness of the incident response plan.