Question

Triffid Corporation has a policy that all employees must receive security awareness instruction before using email; the company wants to make employees aware of potential phishing attempts that the employees might receive via email. What kind of control is this instruction?

A) Technical control
B) Administrative control
C) Physical control
D) Detective control

Answer 1

The security awareness instruction provided to employees by Triffid Corporation is an administrative control that aims to educate employees about potential phishing attempts through email.

Step-by-step explanation:

The security awareness instruction provided to employees by Triffid Corporation is an example of an administrative control. Administrative controls are policies, procedures, and guidelines implemented by an organization to ensure the proper use of resources and compliance with security measures. In this case, the instruction aims to educate employees about potential phishing attempts in order to prevent security breaches through email. It is an administrative control because it is a policy set by the organization to govern employee behavior and reduce the risk of phishing attacks, rather than a technical, physical, or detective control. The security awareness instruction provided to employees before using email is an example of an administrative control. Administrative controls are policies, procedures, and guidelines implemented by an organization to manage and reduce security risks. In this case, the control involves educating employees about security risks related to phishing attempts via email, making them aware of the potential threats and promoting safe and secure email practices.