During an engagement, penetration testers left USB keys that contained specially crafted malware in the company's parking lot. A couple days later, the malware contacted the command-and-control server, giving the penetration testers unauthorized access to the company endpoints. Which of the following will most likely be a recommendation in the engagement report?
A. Conduct an awareness campaign on the usage of removable media.
B. Issue a user guidance program focused on vishing campaigns.
C. Implement more complex password management practices.
D. Establish a procedure on identifying and reporting suspicious messages.
A. Conduct an awareness campaign on the usage of removable media.
B. Issue a user guidance program focused on vishing campaigns.
C. Implement more complex password management practices.
D. Establish a procedure on identifying and reporting suspicious messages.