nerdexam
Isaca

CDPSE · Question #4

Which of the following vulnerabilities is MOST effectively mitigated by enforcing multi-factor authentication to obtain access to personal information?

The correct answer is A. End users using weak passwords. Multi-factor authentication (MFA) requires a user to provide at least two verification factors - typically something they know (password) plus something they have (OTP token) or something they are (biometric). MFA most directly and effectively compensates for weak passwords: even

Privacy Architecture

Question

Which of the following vulnerabilities is MOST effectively mitigated by enforcing multi-factor authentication to obtain access to personal information?

Options

  • AEnd users using weak passwords
  • BOrganizations using weak encryption to transmit data
  • CVulnerabilities existing in authentication pages
  • DEnd users forgetting their passwords

How the community answered

(18 responses)
  • A
    89% (16)
  • C
    6% (1)
  • D
    6% (1)

Explanation

Multi-factor authentication (MFA) requires a user to provide at least two verification factors - typically something they know (password) plus something they have (OTP token) or something they are (biometric). MFA most directly and effectively compensates for weak passwords: even if an attacker successfully guesses, cracks, or phishes a weak password, they are still blocked without the second factor. MFA does not fix weak encryption in transit (B), does not patch authentication page vulnerabilities like SQLi or XSS (C), and while it can help users who forget passwords recover access, it is not primarily designed to solve that problem (D).

Topics

#Multi-factor authentication#Access control#Vulnerability mitigation#User authentication

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice