An organization has experienced several incidents involving employees downloading unauthorized software and using unauthorized websites and personal USB devices. What measures could the organization implement to manage these threats? (Choose three correct answers)

An organization has experienced several incidents involving employees downloading unauthorized software and using unauthorized websites and personal USB devices. What measures could the organization implement to manage these threats? (Choose three correct answers)

• Implement disciplinary action
• Monitor all employee activity
• Disable USB access
• Provide security awareness training
• Use content filtering
• Run computers from a central server rather than localized hard drives

Explanation: An organization should implement measures to manage user threats, including:

• Conduct security awareness training to prevent employees from falling victim to phishing scams.
• Enabling content filtering to permit or deny specific domains in accordance with acceptable use policies.
• Disabling internal CD drives and USB ports.
• Enabling automatic antimalware scans for inserted media drives, files, and email attachments.
• Allocating write and delete permissions to the data owner only.

Exam with this question: Cyber Threat Management - 1.4.2 Governance and Compliance Quiz