The BEST way to mitirate the risk associated with a social engineering attack is to:
A. deploy an effective intrusion detection system (IDS).
B. perform a business risk assessment of the email filtering system.
C. implement multi-factor authentication on critical business systems.
D. perform a user-knowledge gap assessment of information security practices.