SSCP • Practice Test 21
Free SSCP practice test — 15 questions with explanations. Set 21. No signup required.
You are the security analyst at a mid-sized retail company with 500 employees. The company recently experienced a ransomware attack that encrypted files on a file server. The infection was traced to a phishing email opened by an employee in accounting. The company has antivirus software, a firewall, and daily backups. After the incident, management wants to improve risk identification to prevent future attacks. Which of the following is the MOST effective first step to improve risk identification?