220-1102 Question #35: Real Exam Question with Answer & Explanation

Question

The Chief Executive Officer at a bank recently saw a news report about a high-profile cybercrime where a remote-access tool that the bank uses for support was also used in this crime. The report stated that attackers were able to brute force passwords to access systems. Which of the following would BEST limit the bank's risk? (Choose two.)

Options

• AEnable multifactor authentication for each support account
• BLimit remote access to destinations inside the corporate network
• CBlock all support accounts from logging in from foreign countries
• DConfigure a replacement remote-access tool for support cases.
• EPurchase a password manager for remote-access tool users
• FEnforce account lockouts after five bad password attempts

Explanation

To limit the risk of brute-force attacks against a remote-access tool, enabling multifactor authentication and enforcing account lockouts are the most effective measures.

Common mistakes.

• B. Limiting remote access to destinations inside the corporate network might reduce the attack surface but does not directly prevent brute-force attacks if access is still available to the vulnerable tool.
• C. Blocking logins from foreign countries could be a security measure, but it is not as comprehensive or direct a mitigation against brute-force attacks as MFA or account lockouts.
• D. Configuring a replacement remote-access tool does not inherently solve the brute-force problem if the new tool is not configured with strong authentication mechanisms.
• E. Purchasing a password manager for users helps users create and store strong passwords but does not prevent a brute-force attack from occurring on the system itself if the password manager is not integrated with strong authentication.

Concept tested. Mitigating brute-force attacks for remote access

Reference. https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-howitworks

No community discussion yet for this question.