Which of the following is a common control against malware?

The chosen answer highlights a vital strategy to mitigate malware threats within an organization. Prohibiting the use of unauthorized software directly reduces the risk of malware introduction, as unauthorized software may not adhere to the organization's security protocols or standards. Such software can often be a vehicle for malware, either by being inherently malicious or by containing vulnerabilities that could be exploited.

When only authorized software is permitted, it ensures that all applications have undergone a thorough security vetting process. This minimizes the chances of inadvertently downloading or installing software that contains malware or is compromised in any way. Additionally, staying within a controlled software environment helps in maintaining an updated inventory of applications and streamlines monitoring efforts for potential malware activities.

The other options, while valuable cybersecurity measures, do not focus as directly on the malware control aspect. For instance, installing only open-source software does not guarantee protection against malware, as open-source software can also contain vulnerabilities or be poorly maintained. Offering cybersecurity training helps to raise awareness among employees but does not actively prevent malware from entering the system. Regularly updating the operating system is crucial for maintaining overall security but is a broader control that addresses various vulnerabilities, not solely malware. Hence, prohibiting the use of unauthorized software stands out as a specific and effective control measure against malware