Which of the following is a common security practice to protect against…

2024

Which of the following is a common security practice to protect against phishing attacks?

  1. A.

    Using weak passwords

  2. B.

    Disabling firewalls

  3. C.

    User education and awareness training

  4. D.

    Sharing login credentials

Attempted by 6 students.

Show answer & explanation

Correct answer: C

Correct answer: User education and awareness training.

Explanation: Educating users about phishing techniques — including how to recognize suspicious emails, avoid malicious links and attachments, and verify unexpected requests for credentials or sensitive information — is a highly effective measure for preventing phishing attacks.

Why the other choices are not appropriate:

  • Using weak passwords: Weak passwords make accounts easy to breach and do not defend against credential-based attacks.

  • Disabling firewalls: Turning off firewalls reduces network protection and increases exposure to many types of attacks; it does not prevent phishing.

  • Sharing login credentials: Sharing credentials creates unnecessary risk and removes accountability and auditing for user actions.

Recommended complementary practices:

  • Use multi-factor authentication to reduce the impact of compromised credentials.

  • Deploy email filtering and anti-phishing tools to block known malicious messages.

  • Run regular phishing simulations and refresher training to keep awareness high.

  • Encourage reporting of suspicious messages and keep software and security controls up to date.

Explore the full course: Computer Science