The MOST effective way to ensure network users are aware of their responsibilities to comply with
an organization’s security requirements is:
A.
messages displayed at every logon.
B.
periodic security-related e-mail messages.
C.
an Intranet web site for information security.
D.
circulating the information security policy.
Explanation:
Logon banners would appear every time the user logs on, and the user would be required to read
and agree to the same before using the resources. Also, as the message is conveyed in writing
and appears consistently, it can be easily enforceable in any organization. Security-related e-mail
messages are frequently considered as “Spam” by network users and do not, by themselves,ensure that the user agrees to comply with security requirements. The existence of an Intranet
web site does not force users to access it and read the information. Circulating the information
security policy atone does not confirm that an individual user has read, understood and agreed to
comply with its requirements unless it is associated with formal acknowledgment, such as a user’s
signature of acceptance.