nerdexam
Isaca

CDPSE · Question #419

Which of the following BEST mitigates the risk associated with credential-based attacks?

The correct answer is C. Multi-factor authentication (MFA). Multi-factor authentication (MFA) requires a second form of verification beyond a password (e.g., a one-time code, biometric, or hardware token). Even if credentials are stolen through phishing, brute force, or data breaches, an attacker cannot authenticate without the second fac

Privacy Architecture

Question

Which of the following BEST mitigates the risk associated with credential-based attacks?

Options

  • AIntruder lockout functionality
  • BPassword expiration policy
  • CMulti-factor authentication (MFA)
  • DComplex passwords

How the community answered

(28 responses)
  • B
    7% (2)
  • C
    89% (25)
  • D
    4% (1)

Explanation

Multi-factor authentication (MFA) requires a second form of verification beyond a password (e.g., a one-time code, biometric, or hardware token). Even if credentials are stolen through phishing, brute force, or data breaches, an attacker cannot authenticate without the second factor, directly neutralizing credential-based attacks. Intruder lockout (A) slows brute-force attempts but does not stop attacks using valid stolen credentials. Password expiration (B) and complex passwords (D) improve password hygiene but are insufficient alone against modern credential theft techniques like phishing.

Topics

#Multi-factor authentication (MFA)#Credential-based attacks#Risk mitigation#Access control

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice