CompTIA Security Plus Mock Test Q314

The method to provide end users of IT systems and applications with requirements related to acceptable use, privacy, new threats and trends, and use of social networking is:

A. Security awareness training.
B. BYOD security training.
C. Role-based security training.
D. Legal compliance training.

Correct Answer: A
Section: Compliance and Operational Security

Explanation:
Security awareness and training are critical to the success of a security effort. They include explaining policies, procedures, and current threats to both users and management.

Incorrect Answers:
B: BYOD security training is just part of security awareness training and involves the possibility of a personal device that is infected with malware introducing that malware to the network.
C: Role-based security training is more geared towards specific roles.
D: Legal compliance training would refer to keeping users up to date with new regulations and laws, not threats, trends and use of social engineering.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 399-404