One purpose of a security awareness program is to modify:

A. employee's attitudes and behaviors towards enterprise's security posture

B. management's approach towards enterprise's security posture

C. attitudes of employees with sensitive data

D. corporate attitudes about safeguarding data








 

Suggested Answer: The Answer:  security awareness training is to modify employees behaviour and attitude towards towards enterprise's security posture.

Community Answer: A

Security-awareness training is performed to modify employees behavior and attitude toward security. This can best be achieved through a formalized process of security-awareness training.
It is used to increase the overall awareness of security throughout the company.  It is targeted to every single employee and not only to one group of users.
Unfortunately you cannot apply a patch to a human being, the only thing you can do is to educate employees and make them more aware of security issues and threats.  Never underestimate human stupidity.
Reference(s) used for this question:
TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation. also see:
Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 130). McGraw-Hill. Kindle Edition.

This question is in SSCP Systems Security Certified Practitioner Exam
For getting Systems Security Certified Practitioner (SSCP) Certificate






Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by ISC. 
Trademarks, certification & product names are used for reference only and belong to ISC.
The website does not contain actual questions and answers from ISC's Certification Exams.