CDPSE · Question #306
Which of the following is the BEST control to mitigate the impact of credential harvesting attacks?
The correct answer is D. Multi-factor authentication (MFA). Credential harvesting attacks steal usernames and passwords so attackers can use them to gain unauthorized access. Multi-factor authentication (MFA) is the best mitigation because even when credentials are successfully stolen, the attacker still cannot authenticate without the se
Question
Which of the following is the BEST control to mitigate the impact of credential harvesting attacks?
Options
- AVulnerability scanning
- BRole-based access control (RBAC)
- CEncryption of network traffic
- DMulti-factor authentication (MFA)
How the community answered
(22 responses)- A5% (1)
- B5% (1)
- D91% (20)
Explanation
Credential harvesting attacks steal usernames and passwords so attackers can use them to gain unauthorized access. Multi-factor authentication (MFA) is the best mitigation because even when credentials are successfully stolen, the attacker still cannot authenticate without the second factor (e.g., a one-time code, biometric, or hardware token). This directly neutralizes the impact of harvested credentials. Vulnerability scanning (A) helps find system weaknesses but does not protect stolen credentials. RBAC (B) limits what a compromised account can access but does not prevent the attacker from logging in. Encrypting network traffic (C) protects credentials in transit but does not help once credentials have already been captured via phishing or other harvesting techniques.
Topics
Community Discussion
No community discussion yet for this question.