ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
A financial-services company has suffered several malware infections after staff used personal USB drives in corporate laptops. New technical controls will block unauthorized devices, and the security team plans to reinforce the change with office posters and a monthly email newsletter. According to industry best practices for security-awareness communications, which content strategy is most likely to change employee behavior and reduce this risk?
Design posters that threaten immediate termination for any personal USB use to emphasize the seriousness of violations.
Attach the full 13-page removable-media policy to every newsletter so employees have all details readily available.
Create a colorful poster and short newsletter section that list five specific USB-safety actions employees must follow (for example, use only company-approved drives, scan before opening, encrypt sensitive data, label media, and report unknown devices).
Send a quarterly newsletter that highlights recent global USB-borne malware statistics but does not include step-by-step instructions for users.
Awareness materials are most effective when they are concise, visually engaging, and provide a small, memorable set of concrete actions employees must take. Research-based guidance recommends highlighting roughly five key behaviors-such as using only company-approved USB devices, scanning any new media, encrypting sensitive data, safely ejecting drives, and reporting unknown devices-because this number is specific enough to be actionable yet still easy to recall. In contrast, long policies, statistics without guidance, or fear-based threats tend to overwhelm or disengage employees and do little to foster lasting behavioral change.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does 'USB-safety actions' include for employees?
Open an interactive chat with Bash
Why are concise and visually engaging materials more effective for security-awareness campaigns?
Open an interactive chat with Bash
Why is attaching the full policy or using fear-based tactics considered ineffective for employee behavior change?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Security Concepts and Practices
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .