CDPSE · Question #80
Which of the following is the best way to reduce the risk of compromised credentials when an organization allows employees to have remote access?
The correct answer is C. Implement multi-factor authentication.. Multi-factor authentication (MFA) directly mitigates the risk of compromised credentials because even if a password is stolen, phished, or brute-forced, the attacker still cannot authenticate without the second factor. This is the most targeted and effective control for the speci
Question
Which of the following is the best way to reduce the risk of compromised credentials when an organization allows employees to have remote access?
Options
- AEnable whole disk encryption on remote devices.
- BPurchase an endpoint detection and response (EDR) tool.
- CImplement multi-factor authentication.
- DDeploy single sign-on with complex password requirements.
How the community answered
(21 responses)- A5% (1)
- B10% (2)
- C81% (17)
- D5% (1)
Explanation
Multi-factor authentication (MFA) directly mitigates the risk of compromised credentials because even if a password is stolen, phished, or brute-forced, the attacker still cannot authenticate without the second factor. This is the most targeted and effective control for the specific threat of credential compromise. Whole disk encryption (A) protects data at rest on lost or stolen devices but does not prevent credential-based attacks. An EDR tool (B) detects malicious activity but does not prevent credential compromise. Single sign-on with complex passwords (D) reduces password fatigue but complex passwords alone are still vulnerable to phishing, credential stuffing, and breaches.
Topics
Community Discussion
No community discussion yet for this question.